From ed6c02dfcd316de2bd298ffbb684a6b7869f16f6 Mon Sep 17 00:00:00 2001 From: "update-github-actions[bot]" Date: Fri, 1 Dec 2023 00:06:36 +0000 Subject: [PATCH] Update GitHub Action Versions --- .github/workflows/bump-version.yml | 6 +++--- .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/conda-build.yml | 8 ++++---- .github/workflows/first_pull_request.yml | 2 +- .github/workflows/label.yml | 2 +- .github/workflows/main.yml | 14 +++++++------- .github/workflows/publish-pypi.yml | 6 +++--- .github/workflows/remove-obsolete-cache.yml | 2 +- .github/workflows/tag-testpypi.yml | 8 ++++---- 9 files changed, 28 insertions(+), 28 deletions(-) diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml index 5b90fdcf..d198cbc6 100644 --- a/.github/workflows/bump-version.yml +++ b/.github/workflows/bump-version.yml @@ -38,10 +38,10 @@ jobs: bump_patch_version: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4.1.1 with: persist-credentials: false - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v4.7.1 with: python-version: "3.x" - name: Config Commit Bot @@ -57,7 +57,7 @@ jobs: bump-my-version bump --tag patch echo "new_version=$(grep -E '__version__' xscen/__init__.py | cut -d ' ' -f3)" - name: Push Changes - uses: ad-m/github-push-action@master + uses: ad-m/github-push-action@v0.8.0 with: force: false github_token: ${{ secrets.BUMPVERSION_TOKEN }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 12ed9d9d..1c91693c 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -22,13 +22,13 @@ jobs: - 'python' steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4.1.1 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@codeql-bundle-20230524 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@v1 + uses: github/codeql-action/autobuild@codeql-bundle-20230524 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@codeql-bundle-20230524 diff --git a/.github/workflows/conda-build.yml b/.github/workflows/conda-build.yml index b32ed127..b30dc882 100644 --- a/.github/workflows/conda-build.yml +++ b/.github/workflows/conda-build.yml @@ -27,15 +27,15 @@ jobs: matrix: python-version: ["3.9"] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4.1.1 if: ${{ github.event.inputs.tag == '' }} - - uses: actions/checkout@v3 + - uses: actions/checkout@v4.1.1 if: ${{ github.event.inputs.tag != '' }} with: fetch-depth: 0 ref: ${{ inputs.tag }} - name: Setup Conda (Micromamba) with Python${{ matrix.python-version }} - uses: mamba-org/provision-with-micromamba@main + uses: mamba-org/provision-with-micromamba@v16 with: cache-downloads: true channels: conda-forge,defaults @@ -44,7 +44,7 @@ jobs: anaconda-client conda-build - name: Conditionally set label - uses: haya14busa/action-cond@v1 + uses: haya14busa/action-cond@v1.1.1 id: label with: cond: ${{ github.event_name == 'workflow_dispatch' }} diff --git a/.github/workflows/first_pull_request.yml b/.github/workflows/first_pull_request.yml index adc51fe0..7eef1e97 100644 --- a/.github/workflows/first_pull_request.yml +++ b/.github/workflows/first_pull_request.yml @@ -10,7 +10,7 @@ jobs: name: Welcome runs-on: ubuntu-latest steps: - - uses: actions/github-script@v6 + - uses: actions/github-script@v7.0.1 with: script: | // Get a list of all issues created by the PR opener diff --git a/.github/workflows/label.yml b/.github/workflows/label.yml index 31aa79f6..6060fe1c 100644 --- a/.github/workflows/label.yml +++ b/.github/workflows/label.yml @@ -20,6 +20,6 @@ jobs: label: runs-on: ubuntu-latest steps: - - uses: actions/labeler@v4 + - uses: actions/labeler@v4.3.0 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index c2975451..8ad7fd5e 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -23,11 +23,11 @@ jobs: - "3.x" steps: - name: Cancel previous runs - uses: styfle/cancel-workflow-action@0.11.0 + uses: styfle/cancel-workflow-action@0.12.0 with: access_token: ${{ github.token }} - - uses: actions/checkout@v4 - - uses: actions/setup-python@v4 + - uses: actions/checkout@v4.1.1 + - uses: actions/setup-python@v4.7.1 with: python-version: "3.x" - name: Install tox @@ -58,9 +58,9 @@ jobs: run: shell: bash -l {0} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - name: Setup Conda (Micromamba) with Python ${{ matrix.python-version }} - uses: mamba-org/setup-micromamba@v1 + uses: mamba-org/setup-micromamba@v1.6.0 with: cache-downloads: true environment-name: xscen-pypi @@ -114,9 +114,9 @@ jobs: run: shell: bash -l {0} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - name: Setup Conda (Micromamba) with Python ${{ matrix.python-version }} - uses: mamba-org/setup-micromamba@v1 + uses: mamba-org/setup-micromamba@v1.6.0 with: cache-downloads: true environment-file: environment-dev.yml diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml index b1cb4219..a9fb333f 100644 --- a/.github/workflows/publish-pypi.yml +++ b/.github/workflows/publish-pypi.yml @@ -14,9 +14,9 @@ jobs: # IMPORTANT: this permission is mandatory for trusted publishing id-token: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - name: Set up Python3 - uses: actions/setup-python@v4 + uses: actions/setup-python@v4.7.1 with: python-version: "3.x" - name: Install packaging libraries @@ -27,4 +27,4 @@ jobs: make translate python -m build --sdist --wheel - name: Publish distribution 📦 to PyPI - uses: pypa/gh-action-pypi-publish@release/v1 + uses: pypa/gh-action-pypi-publish@v1.8.11 diff --git a/.github/workflows/remove-obsolete-cache.yml b/.github/workflows/remove-obsolete-cache.yml index 0dc8f957..905de524 100644 --- a/.github/workflows/remove-obsolete-cache.yml +++ b/.github/workflows/remove-obsolete-cache.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@v4.1.1 - name: Cleanup run: | diff --git a/.github/workflows/tag-testpypi.yml b/.github/workflows/tag-testpypi.yml index bd977c3d..e082214b 100644 --- a/.github/workflows/tag-testpypi.yml +++ b/.github/workflows/tag-testpypi.yml @@ -12,7 +12,7 @@ jobs: if: startsWith(github.ref, 'refs/tags/v') && endsWith(github.ref, '.0') steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 - name: Create Release uses: softprops/action-gh-release@v1 env: @@ -32,9 +32,9 @@ jobs: # IMPORTANT: this permission is mandatory for trusted publishing id-token: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - name: Set up Python3 - uses: actions/setup-python@v4 + uses: actions/setup-python@v4.7.1 with: python-version: "3.x" - name: Install packaging libraries @@ -45,7 +45,7 @@ jobs: make translate python -m build --sdist --wheel - name: Publish distribution 📦 to Test PyPI - uses: pypa/gh-action-pypi-publish@release/v1 + uses: pypa/gh-action-pypi-publish@v1.8.11 with: repository_url: https://test.pypi.org/legacy/ skip_existing: true