From 1707f8751de2541b63ea32571cca5f272dcd0296 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Aug 2025 02:25:41 +0000 Subject: [PATCH] Bump the actions group with 2 updates Bumps the actions group with 2 updates: [github/codeql-action](https://github.com/github/codeql-action) and [actions/download-artifact](https://github.com/actions/download-artifact). Updates `github/codeql-action` from 3.29.7 to 3.29.8 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/51f77329afa6477de8c49fc9c7046c15b9a4e79d...76621b61decf072c1cee8dd1ce2d2a82d33c17ed) Updates `actions/download-artifact` from 4 to 5 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.29.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/download-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-actions.yml | 4 ++-- .github/workflows/codeql-python.yml | 4 ++-- .github/workflows/dist-python.yml | 2 +- .github/workflows/release-python.yml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/codeql-actions.yml b/.github/workflows/codeql-actions.yml index ac179bd9d..e86f58c7a 100644 --- a/.github/workflows/codeql-actions.yml +++ b/.github/workflows/codeql-actions.yml @@ -37,7 +37,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3 + uses: github/codeql-action/init@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3 with: languages: actions build-mode: none @@ -45,6 +45,6 @@ jobs: queries: security-extended - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3 + uses: github/codeql-action/analyze@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3 with: category: "/language:actions" diff --git a/.github/workflows/codeql-python.yml b/.github/workflows/codeql-python.yml index 449288842..8b40b5f7a 100644 --- a/.github/workflows/codeql-python.yml +++ b/.github/workflows/codeql-python.yml @@ -42,7 +42,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3 + uses: github/codeql-action/init@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3 with: languages: python build-mode: none @@ -61,6 +61,6 @@ jobs: pip install dist/*.whl - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3 + uses: github/codeql-action/analyze@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3 with: category: "/language:python" diff --git a/.github/workflows/dist-python.yml b/.github/workflows/dist-python.yml index 554c0f357..de5d7dc69 100644 --- a/.github/workflows/dist-python.yml +++ b/.github/workflows/dist-python.yml @@ -70,7 +70,7 @@ jobs: name: Collect dist files steps: - name: Download all workflow run artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 - name: Flatten directory working-directory: . run: | diff --git a/.github/workflows/release-python.yml b/.github/workflows/release-python.yml index f87c3ccd2..4a2e39a72 100644 --- a/.github/workflows/release-python.yml +++ b/.github/workflows/release-python.yml @@ -82,7 +82,7 @@ jobs: id-token: write steps: - name: Download all the dists - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 with: name: all-dist-${{ github.run_id }} path: dist/