From 2d540ea83bc0238b25f5bc1ee367b0b2fac6c0d4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Randy=20D=C3=B6ring?= <30527984+radoering@users.noreply.github.com> Date: Sat, 28 Dec 2024 20:39:52 +0100 Subject: [PATCH] chore: update github actions (#9922) --- .github/actions/bootstrap-poetry/action.yaml | 2 +- .github/actions/poetry-install/action.yaml | 2 +- .github/workflows/.tests-matrix.yaml | 10 +++++----- .github/workflows/docs.yaml | 8 ++++---- .github/workflows/release.yaml | 12 ++++++------ .github/workflows/tests.yaml | 8 ++++---- 6 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.github/actions/bootstrap-poetry/action.yaml b/.github/actions/bootstrap-poetry/action.yaml index 328e0417681..f2050ee3a1f 100644 --- a/.github/actions/bootstrap-poetry/action.yaml +++ b/.github/actions/bootstrap-poetry/action.yaml @@ -23,7 +23,7 @@ outputs: runs: using: composite steps: - - uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5 + - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 id: setup-python if: inputs.python-version != 'default' with: diff --git a/.github/actions/poetry-install/action.yaml b/.github/actions/poetry-install/action.yaml index 9340d7bef80..3465b23fd55 100644 --- a/.github/actions/poetry-install/action.yaml +++ b/.github/actions/poetry-install/action.yaml @@ -26,7 +26,7 @@ runs: if: inputs.cache == 'true' shell: bash - - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 + - uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 id: cache if: inputs.cache == 'true' with: diff --git a/.github/workflows/.tests-matrix.yaml b/.github/workflows/.tests-matrix.yaml index 41e93793168..93d262b1830 100644 --- a/.github/workflows/.tests-matrix.yaml +++ b/.github/workflows/.tests-matrix.yaml @@ -31,7 +31,7 @@ jobs: runs-on: ${{ inputs.runner }} if: inputs.run-mypy steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -42,7 +42,7 @@ jobs: - uses: ./.github/actions/poetry-install - - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + - uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: .mypy_cache key: mypy-${{ runner.os }}-py${{ steps.bootstrap-poetry.outputs.python-version }}-${{ hashFiles('pyproject.toml', 'poetry.lock') }} @@ -57,7 +57,7 @@ jobs: runs-on: ${{ inputs.runner }} if: inputs.run-pytest steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -81,7 +81,7 @@ jobs: runs-on: ${{ inputs.runner }} if: inputs.run-pytest-export steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false path: poetry @@ -98,7 +98,7 @@ jobs: id: poetry-plugin-export-version - name: Check out poetry-plugin-export - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false path: poetry-plugin-export diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml index c198812c75d..2d939384459 100644 --- a/.github/workflows/docs.yaml +++ b/.github/workflows/docs.yaml @@ -25,14 +25,14 @@ jobs: contents: read pull-requests: write steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false repository: python-poetry/website # use .github from pull request target instead of pull_request.head # for pull_request_target trigger to avoid arbitrary code execution - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false path: poetry-github @@ -40,14 +40,14 @@ jobs: # only checkout docs from pull_request.head to not use something else by accident # for pull_request_target trigger (security) - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false path: poetry-docs ref: ${{ github.event.pull_request.head.sha }} sparse-checkout: docs - - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: "18" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ee044515a9c..77201fe4104 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -9,13 +9,13 @@ jobs: name: Build runs-on: ubuntu-latest steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false - run: pipx run build - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: distfiles path: dist/ @@ -29,11 +29,11 @@ jobs: needs: build steps: # We need to be in a git repo for gh to work. - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: distfiles path: dist/ @@ -53,11 +53,11 @@ jobs: id-token: write needs: build steps: - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: distfiles path: dist/ - - uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14 + - uses: pypa/gh-action-pypi-publish@67339c736fd9354cd4f8cb0b744f2b82a74b5c70 # v1.12.3 with: print-hash: true diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 36eadec364b..4b2da9b9399 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -23,7 +23,7 @@ jobs: src: ${{ steps.changes.outputs.src }} tests: ${{ steps.changes.outputs.tests }} steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -56,7 +56,7 @@ jobs: if: needs.changes.outputs.project == 'true' needs: changes steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -70,7 +70,7 @@ jobs: if: needs.changes.outputs.project == 'true' needs: lockfile steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -91,7 +91,7 @@ jobs: if: needs.changes.outputs.fixtures-pypi == 'true' needs: changes steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false