Skip to content

Bump astral-sh/setup-uv from 5 to 6 in the actions group #2316

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from
+6 −6

Bump astral-sh/setup-uv from 5 to 6 in the actions group

407cd0a
Select commit
Loading
Failed to load commit list.
Closed

Bump astral-sh/setup-uv from 5 to 6 in the actions group #2316

Bump astral-sh/setup-uv from 5 to 6 in the actions group
407cd0a
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL succeeded Apr 28, 2025 in 5s

6 new alerts including 6 medium severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 6 medium

See annotations below for details.

View all branch alerts.

Annotations

Check warning on line 28 in .github/workflows/test-python.yml

See this annotation in the file changed.

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium test

Unpinned 3rd party Action 'Python Tests' step
Uses Step
Loading
uses 'astral-sh/setup-uv' with ref 'v6', not a pinned commit hash

Check warning on line 68 in .github/workflows/test-python.yml

See this annotation in the file changed.

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium test

Unpinned 3rd party Action 'Python Tests' step
Uses Step
Loading
uses 'astral-sh/setup-uv' with ref 'v6', not a pinned commit hash

Check warning on line 91 in .github/workflows/test-python.yml

See this annotation in the file changed.

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium test

Unpinned 3rd party Action 'Python Tests' step
Uses Step
Loading
uses 'astral-sh/setup-uv' with ref 'v6', not a pinned commit hash

Check warning on line 114 in .github/workflows/test-python.yml

See this annotation in the file changed.

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium test

Unpinned 3rd party Action 'Python Tests' step
Uses Step
Loading
uses 'astral-sh/setup-uv' with ref 'v6', not a pinned commit hash

Check warning on line 133 in .github/workflows/test-python.yml

See this annotation in the file changed.

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium test

Unpinned 3rd party Action 'Python Tests' step
Uses Step
Loading
uses 'astral-sh/setup-uv' with ref 'v6', not a pinned commit hash

Check warning on line 155 in .github/workflows/test-python.yml

See this annotation in the file changed.

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium test

Unpinned 3rd party Action 'Python Tests' step
Uses Step
Loading
uses 'astral-sh/setup-uv' with ref 'v6', not a pinned commit hash