From 6681d62bef7e653acb6eedfb07f2cf007a771329 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jul 2024 03:42:22 +0000 Subject: [PATCH] gh-actions(deps): bump the gh-actions-dependencies group with 2 updates Bumps the gh-actions-dependencies group with 2 updates: [hynek/build-and-inspect-python-package](https://github.com/hynek/build-and-inspect-python-package) and [python-semantic-release/python-semantic-release](https://github.com/python-semantic-release/python-semantic-release). Updates `hynek/build-and-inspect-python-package` from 2.7.0 to 2.8.0 - [Release notes](https://github.com/hynek/build-and-inspect-python-package/releases) - [Changelog](https://github.com/hynek/build-and-inspect-python-package/blob/main/CHANGELOG.md) - [Commits](https://github.com/hynek/build-and-inspect-python-package/compare/v2.7.0...v2.8.0) Updates `python-semantic-release/python-semantic-release` from 9.8.3 to 9.8.6 - [Release notes](https://github.com/python-semantic-release/python-semantic-release/releases) - [Changelog](https://github.com/python-semantic-release/python-semantic-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/python-semantic-release/python-semantic-release/compare/v9.8.3...v9.8.6) --- updated-dependencies: - dependency-name: hynek/build-and-inspect-python-package dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions-dependencies - dependency-name: python-semantic-release/python-semantic-release dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-actions-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/package-build.yml | 2 +- .github/workflows/package-release.yml | 4 ++-- .github/workflows/package-testpypi.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/package-build.yml b/.github/workflows/package-build.yml index 8ee85822..a2155b16 100644 --- a/.github/workflows/package-build.yml +++ b/.github/workflows/package-build.yml @@ -27,7 +27,7 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 - - uses: hynek/build-and-inspect-python-package@v2.7.0 + - uses: hynek/build-and-inspect-python-package@v2.8.0 id: build-pkg with: attest-build-provenance-github: ${{ !(github.event.pull_request.head.repo.fork || github.event.workflow_call.pull_request.head.repo.fork) && github.actor != 'dependabot[bot]' }} diff --git a/.github/workflows/package-release.yml b/.github/workflows/package-release.yml index d7421093..c37b1385 100644 --- a/.github/workflows/package-release.yml +++ b/.github/workflows/package-release.yml @@ -82,7 +82,7 @@ jobs: python scripts/check_unreleased_changelog_items.py git config --global tag.gpgSign true - name: Python Semantic Release - uses: python-semantic-release/python-semantic-release@v9.8.3 + uses: python-semantic-release/python-semantic-release@v9.8.6 id: release with: force: ${{ inputs.release_level }} @@ -109,7 +109,7 @@ jobs: ref: main # Make sure to check out the latest commit on main, not the original commit that triggered the workflow fetch-depth: 0 - name: Build package - uses: hynek/build-and-inspect-python-package@v2.7.0 + uses: hynek/build-and-inspect-python-package@v2.8.0 with: attest-build-provenance-github: 'true' upload-testpypi: diff --git a/.github/workflows/package-testpypi.yml b/.github/workflows/package-testpypi.yml index e2a619f0..294cc597 100644 --- a/.github/workflows/package-testpypi.yml +++ b/.github/workflows/package-testpypi.yml @@ -54,7 +54,7 @@ jobs: python scripts/project_version.py --set-version=$NEW_VERSION echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_OUTPUT - name: Build package - uses: hynek/build-and-inspect-python-package@v2.7.0 + uses: hynek/build-and-inspect-python-package@v2.8.0 with: attest-build-provenance-github: 'true' outputs: