From f6ccf00cb4c1990f15eca9da241e25c41e561990 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 Jan 2025 07:19:13 +0000 Subject: [PATCH 1/2] Bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 10 +++++----- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/dependabot.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/mypy.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 8 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d4c8baf..2e7e10c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: # Checkout with full history for to allow compare with base branch - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 - uses: actions/setup-python@v4 @@ -51,7 +51,7 @@ jobs: name: Build Documentation runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-python@v4 with: python-version: ${{ env.python_version}} @@ -93,7 +93,7 @@ jobs: name: Report licences in use (SPDX) runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-python@v4 with: python-version: ${{ env.python_version}} @@ -148,7 +148,7 @@ jobs: python -m pip install --upgrade pip python -m pip install detect-secrets==1.0.3 python -m pip list - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 # FIXME gitleaks requires now a licence @@ -193,7 +193,7 @@ jobs: name: Build and test runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v4 with: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 3709b1e..66c6762 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -38,7 +38,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f1cbd74..4aa652a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -37,7 +37,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml index a2eddcd..644ee24 100644 --- a/.github/workflows/dependabot.yml +++ b/.github/workflows/dependabot.yml @@ -11,7 +11,7 @@ jobs: if: ${{ github.actor == 'dependabot[bot]' }} steps: # Checkout with full history for to allow compare with base branch - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 - uses: actions/setup-python@v4 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index b0dedc4..4e75197 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -15,6 +15,6 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: 'Dependency Review' uses: actions/dependency-review-action@v3 diff --git a/.github/workflows/mypy.yml b/.github/workflows/mypy.yml index 554f027..40d8359 100644 --- a/.github/workflows/mypy.yml +++ b/.github/workflows/mypy.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Setup Python uses: actions/setup-python@v4 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7456c64..9c7335f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,7 +16,7 @@ jobs: name: Carry out a release runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-python@v4 with: python-version: ${{ env.python_version }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index e1ba06a..b933e9d 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -32,7 +32,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # v3.1.0 with: persist-credentials: false From 8567287603404f616ae2f7af8f5d9a7180a2944d Mon Sep 17 00:00:00 2001 From: Monty Bot Date: Fri, 10 Jan 2025 07:24:35 +0000 Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=93=B0=20Automatic=20changes=20?= =?UTF-8?q?=E2=9A=99=20Adding=20news=20file?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- news/20250110072434.bugfix | 1 + 1 file changed, 1 insertion(+) create mode 100644 news/20250110072434.bugfix diff --git a/news/20250110072434.bugfix b/news/20250110072434.bugfix new file mode 100644 index 0000000..5e0417a --- /dev/null +++ b/news/20250110072434.bugfix @@ -0,0 +1 @@ +Dependency upgrade: checkout-4