Merge pull request #665 from byllyfish/deps2

Update dev. dependencies and github actions.
byllyfish · Oct 15, 2024 · 75860b7 · 75860b7
2 parents 85718fc + 1ab67ff
commit 75860b7
Show file tree

Hide file tree

Showing 9 changed files with 263 additions and 256 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -62,7 +62,7 @@ jobs:
       run: |
         FINSY_TEST_NO_BENCHMARK=1 COVERAGE_RUN=true pytest --cov finsy
     - name: Upload Coverage to Codecov
-      uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
+      uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
       with:
         token: ${{ secrets.FINSY_CODECOV_TOKEN }}
     - name: Format Check

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -50,7 +50,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
+        uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -60,7 +60,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
+        uses: github/codeql-action/autobuild@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -73,6 +73,6 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
+        uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
         with:
           category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -28,7 +28,7 @@ jobs:
           poetry --version
           poetry build
       - name: Upload packages
-        uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: package_dists
           path: dist/

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -63,14 +63,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
+        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
         with:
           sarif_file: results.sarif
diff --git a/ci/requirements-demonet.txt b/ci/requirements-demonet.txt
@@ -1,3 +1,3 @@
-# Poetry (version 1.8.3) export at Fri Oct 11 10:49:49 MST 2024
+# Poetry (version 1.8.4) export at Tue Oct 15 09:58:28 MST 2024
 pygraphviz==1.14 ; python_version >= "3.10" and python_version < "4.0" \
     --hash=sha256:c10df02377f4e39b00ae17c862f4ee7e5767317f1c6b2dfd04cea6acc7fc2bea
diff --git a/ci/requirements-dev.txt b/ci/requirements-dev.txt
diff --git a/ci/requirements.txt b/ci/requirements.txt
@@ -1,4 +1,4 @@
-# Poetry (version 1.8.3) export at Fri Oct 11 10:49:49 MST 2024
+# Poetry (version 1.8.4) export at Tue Oct 15 09:58:28 MST 2024
 grpcio==1.66.1 ; python_version >= "3.10" and python_version < "4.0" \
     --hash=sha256:0e6c9b42ded5d02b6b1fea3a25f036a2236eeb75d0579bfd43c0018c88bf0a3e \
     --hash=sha256:161d5c535c2bdf61b95080e7f0f017a1dfcb812bf54093e71e5562b16225b4ce \

diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -39,9 +39,9 @@ shellous = { version = "^0.37.0", optional = true }
 demonet = ["shellous"]
 
 [tool.poetry.group.dev.dependencies]
-black = "24.8.0"
+black = "24.10.0"
 mypy = "^1.11.2"
-pdoc = "^14.7.0"
+pdoc = "^15.0.0"
 prometheus-client = "^0.21.0"
 pylint = "^3.3.1"
 pyright = "^1.1.383"
@@ -108,7 +108,7 @@ reportUnnecessaryTypeIgnoreComment = "warning"
 
 [tool.black]
 target-version = ['py310']
-required-version = "24.8.0"
+required-version = "24.10.0"
 force-exclude = "_pb2(_grpc)?\\.pyi?$"
 
 #************