Skip to content

chore(ci): bump the github-actions group across 1 directory with 7 updates#1488

Merged
bdraco merged 3 commits into
masterfrom
dependabot/github_actions/github-actions-c079bac023
Jan 22, 2025
Merged

chore(ci): bump the github-actions group across 1 directory with 7 updates#1488
bdraco merged 3 commits into
masterfrom
dependabot/github_actions/github-actions-c079bac023

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jan 22, 2025

Copy link
Copy Markdown
Contributor

Bumps the github-actions group with 7 updates in the / directory:

Package From To
actions/checkout 3 4
actions/setup-python 4 5
wagoid/commitlint-github-action 5 6
codecov/codecov-action 3 5
snok/install-poetry 1.3.4 1.4.1
python-semantic-release/python-semantic-release 9.12.0 9.16.1
pypa/gh-action-pypi-publish 1.5.0 1.12.3

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

... (truncated)

Commits

Updates actions/setup-python from 4 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: actions/setup-python@v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

New Contributors

Full Changelog: actions/setup-python@v4...v4.8.0

v4.7.1

What's Changed

Full Changelog: actions/setup-python@v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table>

... (truncated)

Commits
  • 0b93645 Enhance workflows: Add macOS 13 support, upgrade publish-action, and update d...
  • 9c76e71 Bump pillow from 7.2 to 10.2.0 in /tests/data (#956)
  • f4c5a11 Revise isGhes logic (#963)
  • 19dfb7b Bump default versions to latest (#905)
  • e9675cc Merge pull request #943 from actions/Jcambass-patch-1
  • 3226af6 Upgrade IA publish
  • 70dcb22 Merge pull request #941 from actions/Jcambass-patch-1
  • 65b48c7 Create publish-immutable-actions.yml
  • 29a37be initial commit (#938)
  • f677139 Bump pyinstaller from 3.6 to 5.13.1 in /tests/data (#923)
  • Additional commits viewable in compare view

Updates wagoid/commitlint-github-action from 5 to 6

Changelog

Sourced from wagoid/commitlint-github-action's changelog.

6.2.0 (2024-12-16)

Features

  • handle merge_group event - get squashed commit (#806) (ef2cd3b)

6.1.2 (2024-09-04)

Bug Fixes

  • using compareCommits for push event commit query (#801) (47ff131)

6.1.1 (2024-08-21)

6.1.0 (2024-08-20)

Features

  • updating push event trigger to use rest API (OctoKit) vs push event (70e22e9)

Bug Fixes

  • updating unit tests with mocking push octokit list commits (c3ab7fd)
Commits
  • b948419 chore(release): publish 6.2.1 [skip-ci]
  • ddda164 chore: readme.md update github actions versions (#808)
  • 0184f5a chore(release): publish 6.2.0 [skip-ci]
  • ef2cd3b feat: handle merge_group event - get squashed commit (#806)
  • 3d28780 chore(release): publish 6.1.2 [skip-ci]
  • 47ff131 fix: using compareCommits for push event commit query (#801)
  • a2bc521 chore(release): publish 6.1.1 [skip-ci]
  • bc25072 Merge pull request #800 from wagoid/revert-798-feat/using-rest-for-push
  • 09a8abb Revert "feat: updating push event trigger to use rest API (OctoKit) vs push e...
  • dbd4ecd chore(release): publish 6.1.0 [skip-ci]
  • Additional commits viewable in compare view

Updates codecov/codecov-action from 3 to 5

Release notes

Sourced from codecov/codecov-action's releases.

v5.0.0

v5 Release

v5 of the Codecov GitHub Action will use the Codecov Wrapper to encapsulate the CLI. This will help ensure that the Action gets updates quicker.

Migration Guide

The v5 release also coincides with the opt-out feature for tokens for public repositories. In the Global Upload Token section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see how to upload without a token.

[!WARNING]
The following arguments have been changed

  • file (this has been deprecated in favor of files)
  • plugin (this has been deprecated in favor of plugins)

The following arguments have been added:

  • binary
  • gcov_args
  • gcov_executable
  • gcov_ignore
  • gcov_include
  • report_type
  • skip_validation
  • swift_project

You can see their usage in the action.yml file.

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5 Release

v5 of the Codecov GitHub Action will use the Codecov Wrapper to encapsulate the CLI. This will help ensure that the Action gets updates quicker.

Migration Guide

The v5 release also coincides with the opt-out feature for tokens for public repositories. In the Global Upload Token section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see how to upload without a token.

[!WARNING] The following arguments have been changed

  • file (this has been deprecated in favor of files)
  • plugin (this has been deprecated in favor of plugins)

The following arguments have been added:

  • binary
  • gcov_args
  • gcov_executable
  • gcov_ignore
  • gcov_include
  • report_type
  • skip_validation
  • swift_project

You can see their usage in the action.yml file.

What's Changed

... (truncated)

Commits

Updates snok/install-poetry from 1.3.4 to 1.4.1

Release notes

Sourced from snok/install-poetry's releases.

v1.4.1

What's Changed

New Contributors

Full Changelog: snok/install-poetry@v1...v1.4.1

v1.4.0

What's Changed

New Contributors

Full Changelog: snok/install-poetry@v1...v1.4.0

Commits
  • 76e04a9 Use python3 instead of python
  • 972a0e7 docs: Fix trailing whitespace
  • 929c2d5 Improve cache Poetry install instructions
  • d80b6da chore: Disable shellcheck via actionlint
  • ee581f3 chore: Correct python version to fix test matrix
  • 98e97e2 feat: support with plugins
  • 0a8188c Remove curl dependency (#153)
  • a7f4164 chore: Update dependencies and add pre-commit hook
  • 9849dc5 Add virtualenvs-path to the Install Poetry step
  • 4e96961 chore(deps): bump actions/cache from 3 to 4
  • Additional commits viewable in compare view

Updates python-semantic-release/python-semantic-release from 9.12.0 to 9.16.1

Release notes

Sourced from python-semantic-release/python-semantic-release's releases.

v9.16.1 (2025-01-12)

Bug Fixes

  • parser-custom: Handle relative parent directory paths to module file better (#1142, c4056fc)

Documentation

  • github-actions: Update PSR versions in github workflow examples (#1140, 9bdd626)

Detailed Changes: v9.16.0...v9.16.1

Installable artifacts are available from:

v9.16.0 (2025-01-12)

Features

  • config: Expand dynamic parser import to handle a filepath to module (#1135, 0418fd8)

Bug Fixes

  • changelog: Fixes PSR release commit exclusions for customized commit messages (#1139, f9a2078)

  • cmd-version: Fixes --print-tag result to match configured tag format (#1134, a990aa7)

  • cmd-version: Fixes tag format on default version when force bump for initial release (#1138, 007fd00)

  • config-changelog: Validates changelog.exclude_commit_patterns on config load (#1139, f9a2078)

Documentation

  • commit-parsing: Add the new custom parser import spec description for direct path imports (#1135, 0418fd8)

  • configuration: Adjust commit_parser option definition for direct path imports (#1135, 0418fd8)

Resolved Issues

  • #687: Fix: custom commit parser path loading
  • #1137: Configured tag_format is ignored if there are no tags in the repository

... (truncated)

Changelog

Sourced from python-semantic-release/python-semantic-release's changelog.

v9.16.1 (2025-01-12)

Bug Fixes

  • parser-custom: Handle relative parent directory paths to module file better (#1142, c4056fc)

The dynamic import originally would just replace "/" with "." to make the import module name more pythonic, however this would be problematic in monorepos which would use "../../misc/commit_parser.py" to locate the parser and so the resulting sys.modules entry would have numerous periods (.) as a prefix. This removes that possibility. Still always an issue if the imported module name matches an existing module but the likelihood is low.

Documentation

  • github-actions: Update PSR versions in github workflow examples (#1140, 9bdd626)

v9.16.0 (2025-01-12)

Bug Fixes

  • changelog: Fixes PSR release commit exclusions for customized commit messages (#1139, f9a2078)

  • fix(config-changelog): validate changelog.exclude_commit_patterns on config load

  • test(fixtures): relocate sanitize changelog functions

  • test(cmd-version): add test to validate that custom release messages are ignored in changelog

  • test(config): add changelog.exclude_commit_patterns validation check

  • style(config): refactor import names of re module

  • cmd-version: Fix --print-tag result to match configured tag format (#1134, a990aa7)

  • test(fixtures): add new trunk repo that has a different tag format

  • test(fixtures): add helper to extract config settings from repo action definition

  • test(cmd-version): expand testing of --print-tag & --print-last-released-tag

PSR did not have enough testing to demonstrate testing of the tag generation when the tag format was

... (truncated)

Commits
  • d6a3be3 9.16.1
  • c4056fc fix(parser-custom): handle relative parent directory paths to module file bet...
  • 3cf32b8 ci(cicd-wkflow): add version updater for documentation before release (#1141)
  • 9bdd626 docs(github-actions): update PSR versions in github workflow examples (#1140)
  • de838f3 9.16.0
  • 0418fd8 feat(config): expand dynamic parser import to handle a filepath to module (#...
  • f9a2078 fix(changelog): fixes PSR release commit exclusions for customized commit mes...
  • 007fd00 fix(cmd-version): fix tag format on default version when force bump for initi...
  • a990aa7 fix(cmd-version): fix --print-tag result to match configured tag format (#1...
  • 33b9371 ci(deps): bump tj-actions/changed-files action from 45.0.5 to 45.0.6 (#1133)
  • Additional commits viewable in compare view

Updates pypa/gh-action-pypi-publish from 1.5.0 to 1.12.3

Release notes

Sourced from pypa/gh-action-pypi-publish's releases.

v1.12.3

✨ What's Improved

With the updates by @​woodruffw💰 and @​webknjaz💰 via #309 and #313, it is now possible to publish distribution packages that include core metadata v2.4, like those built using maturin. This is done by bumping Twine to v6.0.1 and pkginfo to v1.12.0.

📝 Docs

We've made an attempt to clarify the runtime and workflow shape that are expected to be supported for calling this action in: https://github.com/marketplace/actions/pypi-publish#Non-goals.

[!TIP] Please, let us know in the release discussion if anything still remains unclear. TL;DR always call pypi-publish once per job; don't invoke it in reusable workflows; physically move building the dists into separate jobs having restricted permissions and storing the dists as GitHub Actions artifacts; when using self-hosted runners, make sure to still use pypi-publ...

Description has been truncated

@dependabot
chore(ci): bump the github-actions group across 1 directory with 7 up…
06fa2cf 
…dates

Bumps the github-actions group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `3` | `4` |
| [actions/setup-python](https://github.com/actions/setup-python) | `4` | `5` |
| [wagoid/commitlint-github-action](https://github.com/wagoid/commitlint-github-action) | `5` | `6` |
| [codecov/codecov-action](https://github.com/codecov/codecov-action) | `3` | `5` |
| [snok/install-poetry](https://github.com/snok/install-poetry) | `1.3.4` | `1.4.1` |
| [python-semantic-release/python-semantic-release](https://github.com/python-semantic-release/python-semantic-release) | `9.12.0` | `9.16.1` |
| [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) | `1.5.0` | `1.12.3` |



Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

Updates `actions/setup-python` from 4 to 5
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v4...v5)

Updates `wagoid/commitlint-github-action` from 5 to 6
- [Changelog](https://github.com/wagoid/commitlint-github-action/blob/master/CHANGELOG.md)
- [Commits](wagoid/commitlint-github-action@v5...v6)

Updates `codecov/codecov-action` from 3 to 5
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v3...v5)

Updates `snok/install-poetry` from 1.3.4 to 1.4.1
- [Release notes](https://github.com/snok/install-poetry/releases)
- [Commits](snok/install-poetry@v1.3.4...v1.4.1)

Updates `python-semantic-release/python-semantic-release` from 9.12.0 to 9.16.1
- [Release notes](https://github.com/python-semantic-release/python-semantic-release/releases)
- [Changelog](https://github.com/python-semantic-release/python-semantic-release/blob/master/CHANGELOG.md)
- [Commits](python-semantic-release/python-semantic-release@v9.12.0...v9.16.1)

Updates `pypa/gh-action-pypi-publish` from 1.5.0 to 1.12.3
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](pypa/gh-action-pypi-publish@v1.5.0...v1.12.3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: wagoid/commitlint-github-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: snok/install-poetry
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: python-semantic-release/python-semantic-release
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jan 22, 2025
@codspeed-hq

codspeed-hq Bot commented Jan 22, 2025
edited
Loading

Copy link
Copy Markdown

CodSpeed Performance Report

Merging #1488 will not alter performance

Comparing dependabot/github_actions/github-actions-c079bac023 (fd79a0c) with master (7db6436)

Summary

✅ 4 untouched benchmarks

@codecov

codecov Bot commented Jan 22, 2025
edited
Loading

Copy link
Copy Markdown

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 99.78%. Comparing base (7db6436) to head (fd79a0c).
Report is 1 commits behind head on master.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #1488   +/-   ##
=======================================
  Coverage   99.78%   99.78%           
=======================================
  Files          30       30           
  Lines        3311     3311           
  Branches      453      453           
=======================================
  Hits         3304     3304           
  Misses          5        5           
  Partials        2        2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@bdraco bdraco merged commit 8f86b35 into master Jan 22, 2025
@bdraco bdraco deleted the dependabot/github_actions/github-actions-c079bac023 branch January 22, 2025 04:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bdraco bdraco bdraco approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bdraco