From 96057ec4d075d84299fa6c3bf3c91d0726d6a6a8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 24 May 2026 11:03:53 +0000 Subject: [PATCH] chore(deps): bump the github-actions group across 1 directory with 5 updates Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4` | `6` | | [actions/setup-python](https://github.com/actions/setup-python) | `5` | `6` | | [github/codeql-action](https://github.com/github/codeql-action) | `3` | `4` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `7` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4` | `8` | Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4...v6) Updates `actions/setup-python` from 5 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5...v6) Updates `github/codeql-action` from 3 to 4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) Updates `actions/upload-artifact` from 4 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v7) Updates `actions/download-artifact` from 4 to 8 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 4 ++-- .github/workflows/codeql.yml | 12 ++++++------ .github/workflows/dco.yml | 2 +- .github/workflows/deps-scan.yml | 10 +++++----- .github/workflows/release-pypi.yml | 18 +++++++++--------- .github/workflows/release-signing-dry-run.yml | 6 +++--- 6 files changed, 26 insertions(+), 26 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index eb353fe..2bab029 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,9 +11,9 @@ jobs: name: "IntentProof CI: Build and Test" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: '3.11' diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 06a4e1a..9ff9692 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -18,7 +18,7 @@ jobs: name: "IntentProof Security: CodeQL Allowlist" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Validate allowlist expiry dates run: bash ./scripts/check-codeql-allowlist.sh @@ -27,7 +27,7 @@ jobs: name: "IntentProof Security: Secret Scan" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 @@ -50,9 +50,9 @@ jobs: matrix: language: [python] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: "3.11" @@ -60,12 +60,12 @@ jobs: run: pip install -e ".[dev]" - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} queries: security-and-quality - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/dco.yml b/.github/workflows/dco.yml index b837de3..1e83fd1 100644 --- a/.github/workflows/dco.yml +++ b/.github/workflows/dco.yml @@ -8,7 +8,7 @@ jobs: name: "IntentProof CI: DCO" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/deps-scan.yml b/.github/workflows/deps-scan.yml index f95d160..efcdb49 100644 --- a/.github/workflows/deps-scan.yml +++ b/.github/workflows/deps-scan.yml @@ -16,7 +16,7 @@ jobs: name: "IntentProof Security: Deps Allowlist" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Validate dependency allowlist expiry dates run: bash ./scripts/check-deps-allowlist.sh @@ -26,9 +26,9 @@ jobs: needs: allowlist-expiry runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: "3.11" @@ -43,9 +43,9 @@ jobs: needs: allowlist-expiry runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: "3.11" diff --git a/.github/workflows/release-pypi.yml b/.github/workflows/release-pypi.yml index cff1650..ef88f68 100644 --- a/.github/workflows/release-pypi.yml +++ b/.github/workflows/release-pypi.yml @@ -31,11 +31,11 @@ jobs: name: "IntentProof Release: Test Python Package" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: ref: ${{ github.event_name == 'workflow_dispatch' && inputs.release_ref || github.ref }} - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: '3.11' @@ -57,11 +57,11 @@ jobs: release_ref: ${{ steps.release.outputs.release_ref }} release_version: ${{ steps.release.outputs.release_version }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: ref: ${{ github.event_name == 'workflow_dispatch' && inputs.release_ref || github.ref }} - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: '3.11' @@ -133,7 +133,7 @@ jobs: echo "EOF" } >> "$GITHUB_OUTPUT" - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v7 with: name: python-release-package path: dist/* @@ -149,12 +149,12 @@ jobs: id-token: write packages: write steps: - - uses: actions/download-artifact@v4 + - uses: actions/download-artifact@v8 with: name: python-release-package path: dist - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: '3.12' @@ -204,12 +204,12 @@ jobs: permissions: contents: write steps: - - uses: actions/download-artifact@v4 + - uses: actions/download-artifact@v8 with: name: python-release-package path: release-package - - uses: actions/download-artifact@v4 + - uses: actions/download-artifact@v8 with: name: release-signing-metadata path: release-signing-metadata diff --git a/.github/workflows/release-signing-dry-run.yml b/.github/workflows/release-signing-dry-run.yml index 52fef42..6d6f110 100644 --- a/.github/workflows/release-signing-dry-run.yml +++ b/.github/workflows/release-signing-dry-run.yml @@ -23,11 +23,11 @@ jobs: outputs: artifact_paths: ${{ steps.dists.outputs.artifact_paths }} steps: - - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: ref: ${{ inputs.release_ref }} - - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 + - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 with: python-version: '3.11' @@ -58,7 +58,7 @@ jobs: echo 'EOF' } >> "$GITHUB_OUTPUT" - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 + - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: python-release-dry-run path: dist/*