From f5926983511dee5f126da45035ae965be96402b3 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 1 Jul 2026 02:14:34 +0000 Subject: [PATCH] chore(deps): Update GitHub Actions --- .github/workflows/codecov.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/coverage.yml | 2 +- .github/workflows/docs.yml | 2 +- .github/workflows/fips-compatibility.yml | 2 +- .github/workflows/mutation-testing.yml | 2 +- .github/workflows/pr-validation.yml | 2 +- .github/workflows/python-compatibility.yml | 2 +- .github/workflows/qlty.yml | 2 +- .github/workflows/sbom.yml | 2 +- .github/workflows/slsa-provenance.yml | 6 +++--- .github/workflows/sonarcloud.yml | 2 +- 12 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/codecov.yml b/.github/workflows/codecov.yml index 60b29bf..20dacb6 100644 --- a/.github/workflows/codecov.yml +++ b/.github/workflows/codecov.yml @@ -23,7 +23,7 @@ jobs: name: Upload Coverage # Only run on successful CI completion if: ${{ github.event.workflow_run.conclusion == 'success' }} - uses: ByronWilliamsCPA/.github/.github/workflows/python-codecov.yml@987d517d3c8e4b180f4dd15de6d9575f0df91182 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-codecov.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: artifact-name: 'coverage-reports' coverage-files: '*.xml' diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fba484f..66c3677 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -44,7 +44,7 @@ jobs: persist-credentials: false - name: Set up Python - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.12" diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index d3c142f..773b311 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -23,7 +23,7 @@ jobs: upload-coverage: name: Upload Coverage to Qlty if: ${{ github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success' }} - uses: ByronWilliamsCPA/.github/.github/workflows/python-qlty-coverage.yml@987d517d3c8e4b180f4dd15de6d9575f0df91182 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-qlty-coverage.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: coverage-artifact-name: coverage-reports coverage-file-path: coverage.xml diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 9b55ad1..9e9701c 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -31,7 +31,7 @@ jobs: contents: write pages: write id-token: write - uses: ByronWilliamsCPA/.github/.github/workflows/python-docs.yml@987d517d3c8e4b180f4dd15de6d9575f0df91182 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-docs.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: # Repo uses hatchling; --no-build cannot install the editable root package no-build: false diff --git a/.github/workflows/fips-compatibility.yml b/.github/workflows/fips-compatibility.yml index 9aa388d..b822f8e 100644 --- a/.github/workflows/fips-compatibility.yml +++ b/.github/workflows/fips-compatibility.yml @@ -54,7 +54,7 @@ jobs: permissions: contents: read pull-requests: write - uses: ByronWilliamsCPA/.github/.github/workflows/python-fips-compatibility.yml@987d517d3c8e4b180f4dd15de6d9575f0df91182 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-fips-compatibility.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: # Repo uses hatchling; --no-build cannot install the editable root package no-build: false diff --git a/.github/workflows/mutation-testing.yml b/.github/workflows/mutation-testing.yml index 8029844..bc37031 100644 --- a/.github/workflows/mutation-testing.yml +++ b/.github/workflows/mutation-testing.yml @@ -39,7 +39,7 @@ permissions: jobs: mutation: name: Mutation Testing - uses: ByronWilliamsCPA/.github/.github/workflows/python-mutation.yml@987d517d3c8e4b180f4dd15de6d9575f0df91182 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-mutation.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: # Repo uses hatchling; --no-build cannot install the editable root package no-build: false diff --git a/.github/workflows/pr-validation.yml b/.github/workflows/pr-validation.yml index d89b8c7..ab6c934 100644 --- a/.github/workflows/pr-validation.yml +++ b/.github/workflows/pr-validation.yml @@ -29,7 +29,7 @@ jobs: # Supplemental PR Checks (Changelog, Link Validation) # ========================================================================== supplemental-checks: - uses: ByronWilliamsCPA/.github/.github/workflows/python-supplemental-checks.yml@987d517d3c8e4b180f4dd15de6d9575f0df91182 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-supplemental-checks.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: # Changelog enforcement enable-changelog-check: true diff --git a/.github/workflows/python-compatibility.yml b/.github/workflows/python-compatibility.yml index 36dfda0..69f950a 100644 --- a/.github/workflows/python-compatibility.yml +++ b/.github/workflows/python-compatibility.yml @@ -34,7 +34,7 @@ permissions: jobs: compatibility: - uses: ByronWilliamsCPA/.github/.github/workflows/python-compatibility.yml@987d517d3c8e4b180f4dd15de6d9575f0df91182 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-compatibility.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: # Repo uses hatchling; --no-build cannot install the editable root package no-build: false diff --git a/.github/workflows/qlty.yml b/.github/workflows/qlty.yml index 9a97793..231c2ce 100644 --- a/.github/workflows/qlty.yml +++ b/.github/workflows/qlty.yml @@ -15,7 +15,7 @@ concurrency: jobs: qlty: if: ${{ github.event.workflow_run.conclusion == 'success' }} - uses: ByronWilliamsCPA/.github/.github/workflows/python-qlty-coverage.yml@987d517d3c8e4b180f4dd15de6d9575f0df91182 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-qlty-coverage.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main permissions: contents: read actions: read diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml index 02b3750..a38f706 100644 --- a/.github/workflows/sbom.yml +++ b/.github/workflows/sbom.yml @@ -37,7 +37,7 @@ jobs: permissions: contents: read security-events: write - uses: ByronWilliamsCPA/.github/.github/workflows/python-sbom.yml@987d517d3c8e4b180f4dd15de6d9575f0df91182 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-sbom.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: python-version: '3.12' fail-on-vulnerabilities: true diff --git a/.github/workflows/slsa-provenance.yml b/.github/workflows/slsa-provenance.yml index c6b0f47..91c36bc 100644 --- a/.github/workflows/slsa-provenance.yml +++ b/.github/workflows/slsa-provenance.yml @@ -53,7 +53,7 @@ jobs: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.12" @@ -90,7 +90,7 @@ jobs: retention-days: 90 - name: Generate artifact attestation - uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 + uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v4.1.1 with: subject-path: 'dist/*' @@ -100,7 +100,7 @@ jobs: slsa: name: SLSA Level 3 needs: [build] - uses: ByronWilliamsCPA/.github/.github/workflows/python-slsa.yml@987d517d3c8e4b180f4dd15de6d9575f0df91182 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-slsa.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: base64-subjects: ${{ needs.build.outputs.hashes }} upload-assets: true diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index 8640eaf..3406a5a 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -32,7 +32,7 @@ permissions: jobs: sonarcloud: - uses: ByronWilliamsCPA/.github/.github/workflows/python-sonarcloud.yml@987d517d3c8e4b180f4dd15de6d9575f0df91182 # main + uses: ByronWilliamsCPA/.github/.github/workflows/python-sonarcloud.yml@1502ecdde74ba30e2db1c91778f98b550bcf100e # main with: # Repo uses hatchling; --no-build cannot install the editable root package no-build: false