gh-actions(deps): Bump the gh-actions-dependencies group with 6 updates

[dependabot]

Bumps the gh-actions-dependencies group with 6 updates:

Package	From	To
actions/checkout	3	4
hynek/build-and-inspect-python-package	1.5.3	1.5.4
python-semantic-release/python-semantic-release	8.2.0	8.3.0
pypa/gh-action-pypi-publish	1.8.8	1.8.10
actions/setup-node	3	4
thedoctor0/zip-release	0.7.1	0.7.6

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

• Update default runtime to node20 by @​takost in actions/checkout#1436
• Support fetching without the --progress option by @​simonbaird in actions/checkout#1067
• Release 4.0.0 by @​takost in actions/checkout#1447

New Contributors

• @​takost made their first contribution in actions/checkout#1436
• @​simonbaird made their first contribution in actions/checkout#1067

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

• Mark test scripts with Bash'isms to be run via Bash by @​dscho in actions/checkout#1377
• Add option to fetch tags even if fetch-depth > 0 by @​RobertWieczoreck in actions/checkout#579
• Release 3.6.0 by @​luketomlinson in actions/checkout#1437

New Contributors

• @​RobertWieczoreck made their first contribution in actions/checkout#579
• @​luketomlinson made their first contribution in actions/checkout#1437

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

• Fix: Checkout Issue in self hosted runner due to faulty submodule check-ins by @​megamanics in actions/checkout#1196
• Fix typos found by codespell by @​DimitriPapadopoulos in actions/checkout#1287
• Add support for sparse checkouts by @​dscho and @​dfdez in actions/checkout#1369
• Release v3.5.3 by @​TingluoHuang in actions/checkout#1376

New Contributors

• @​megamanics made their first contribution in actions/checkout#1196
• @​DimitriPapadopoulos made their first contribution in actions/checkout#1287
• @​dfdez made their first contribution in actions/checkout#1369

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

• Fix: Use correct API url / endpoint in GHES by @​fhammerl in actions/checkout#1289 based on #1286 by @​1newsr

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

• Improve checkout performance on Windows runners by upgrading @​actions/github dependency by @​BrettDong in actions/checkout#1246

New Contributors

• @​BrettDong made their first contribution in actions/checkout#1246

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.0

• Add support for partial checkout filters

v4.0.0

• Support fetching without the --progress option
• Update to node20

v3.6.0

• Fix: Mark test scripts with Bash'isms to be run via Bash
• Add option to fetch tags even if fetch-depth > 0

v3.5.3

• Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in
• Fix typos found by codespell
• Add support for sparse checkouts

v3.5.2

• Fix api endpoint for GHES

v3.5.1

• Fix slow checkout on Windows

v3.5.0

• Add new public key for known_hosts

v3.4.0

• Upgrade codeql actions to v2
• Upgrade dependencies
• Upgrade @​actions/io

v3.3.0

• Implement branch list using callbacks from exec function
• Add in explicit reference to private checkout options
• [Fix comment typos (that got added in #770)](actions/checkout#1057)

v3.2.0

• Add GitHub Action to perform release
• Fix status badge
• Replace datadog/squid with ubuntu/squid Docker image
• Wrap pipeline commands for submoduleForeach in quotes
• Update @​actions/io to 1.1.2
• Upgrading version to 3.2.0

v3.1.0

• Use @​actions/core saveState and getState
• Add github-server-url input

v3.0.2

... (truncated)

Commits

• b4ffde6 Link to release page from what's new section (#1514)
• 8530928 Correct link to GitHub Docs (#1511)
• 7cdaf2f Update CODEOWNERS to Launch team (#1510)
• 8ade135 Prepare 4.1.0 release (#1496)
• c533a0a Add support for partial checkout filters (#1396)
• 72f2cec Update README.md for V4 (#1452)
• 3df4ab1 Release 4.0.0 (#1447)
• 8b5e8b7 Support fetching without the --progress option (#1067)
• 97a652b Update default runtime to node20 (#1436)
• See full diff in compare view

Updates hynek/build-and-inspect-python-package from 1.5.3 to 1.5.4

Release notes

Sourced from hynek/build-and-inspect-python-package's releases.

v1.5.4

Fixed

• Stop trying to cache. Fixes Error: No file in /home/runner/work/pytest-cpp/pytest-cpp matched to [**/requirements.txt or **/pyproject.toml], make sure you have checked out the target repository #76

Changelog

Sourced from hynek/build-and-inspect-python-package's changelog.

1.5.4 - 2023-11-01

Fixed

• Stop trying to cache. Fixes Error: No file in /home/runner/work/pytest-cpp/pytest-cpp matched to [**/requirements.txt or **/pyproject.toml], make sure you have checked out the target repository #76

Commits

• 97459e6 v1.5.4
• d3afbdc Stop trying to cache
• 2e6cfbf Bump actions/checkout from 3 to 4 (#74)
• 625769b Bump actions/setup-python from 3 to 4 (#75)
• 971d8bd Automated dependency upgrades (#73)
• fd14e74 Start new cycle
• See full diff in compare view

Updates python-semantic-release/python-semantic-release from 8.2.0 to 8.3.0

Release notes

Sourced from python-semantic-release/python-semantic-release's releases.

v8.3.0 (2023-10-23)

Feature

• feat(action): use composite action for semantic release (#692)

Co-authored-by: Bernard Cooke <[email protected]> (4648d87)

Changelog

Sourced from python-semantic-release/python-semantic-release's changelog.

v8.3.0 (2023-10-23)

Feature

• feat(action): use composite action for semantic release (#692)

Co-authored-by: Bernard Cooke <[email protected]> (4648d87)

Commits

• d38d71e 8.3.0
• 4648d87 feat(action): use composite action for semantic release (#692)
• See full diff in compare view

Updates pypa/gh-action-pypi-publish from 1.8.8 to 1.8.10

Release notes

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.10

🐛 What's Fixed

@​woodruffw fixed decoding OIDC claims in debug output on failure by applying correct padding to the encoded payload via pypa/gh-action-pypi-publish#177.

Full Diff: pypa/gh-action-pypi-publish@v1.8.9...v1.8.10

v1.8.9

💅 Cosmetic output improvements

• @​woodruffw added debug output to the trusted publishing OIDC exchange on failures in pypa/gh-action-pypi-publish#174
• @​woodruffw implemented Markdown semantic callouts in README via pypa/gh-action-pypi-publish#175

🛠️ Internal dependencies

• Certifi was bumped from 2023.5.7 to 2023.7.22 @ pypa/gh-action-pypi-publish#171
• Cryptography was bumped from 41.0.2 to 41.0.3 @ pypa/gh-action-pypi-publish#172

Full Diff: pypa/gh-action-pypi-publish@v1.8.8...v1.8.9

Commits

• b7f401d Merge PR #177 into unstable/v1
• ba3ecc9 oidc-exchange: fix padding
• ade57f5 Merge PRs #174 #175 and #172 into unstable/v1
• 637917e README: re-add "pro tip" language
• 4864f13 README: use semantic callouts
• 326f9ad oidc-exchange: add-trailing-comma
• e5f0690 oidc-exchange: ignore a nested function
• 8bdd0cc oidc-exchange: lintage
• 71a0032 oidc-exchange: render claims if exchange fails
• adef75a Bump cryptography from 41.0.2 to 41.0.3 in /requirements
• Additional commits viewable in compare view

Updates actions/setup-node from 3 to 4

Release notes

Sourced from actions/setup-node's releases.

v4.0.0

What's Changed

In scope of this release we changed version of node runtime for action from node16 to node20 and updated dependencies in actions/setup-node#866

Besides, release contains such changes as:

• Upgrade actions/checkout to v4 by @​gmembre-zenika in actions/setup-node#868
• Update actions/checkout for documentation and yaml by @​dmitry-shibanov in actions/setup-node#876

New Contributors

• @​gmembre-zenika made their first contribution in actions/setup-node#868

Full Changelog: actions/setup-node@v3...v4.0.0

v3.8.2

What's Changed

• Update semver by @​dmitry-shibanov in actions/setup-node#861
• Update temp directory creation by @​nikolai-laevskii in actions/setup-node#859
• Bump @​babel/traverse from 7.15.4 to 7.23.2 by @​dependabot in actions/setup-node#870
• Add notice about binaries not being updated yet by @​nikolai-laevskii in actions/setup-node#872
• Update toolkit cache and core by @​dmitry-shibanov and @​seongwon-privatenote in actions/setup-node#875

Full Changelog: actions/setup-node@v3...v3.8.2

v3.8.1

What's Changed

In scope of this release, the filter was removed within the cache-save step by @​dmitry-shibanov in actions/setup-node#831. It is filtered and checked in the toolkit/cache library.

Full Changelog: actions/setup-node@v3...v3.8.1

v3.8.0

What's Changed

Bug fixes:

• Add check for existing paths by @​dmitry-shibanov in actions/setup-node#803
• Resolve SymbolicLink by @​dmitry-shibanov in actions/setup-node#809
• Change passing logic for cache input by @​dmitry-shibanov in actions/setup-node#816
• Fix armv7 cache issue by @​louislam in actions/setup-node#794
• Update check-dist workflow name by @​sinchang in actions/setup-node#710

Feature implementations:

• feat: handling the case where "node" is used for tool-versions file. by @​xytis in actions/setup-node#812

Documentation changes:

• Refer to semver package name in README.md by @​olleolleolle in actions/setup-node#808

Update dependencies:

• Update toolkit cache to fix zstd by @​dmitry-shibanov in actions/setup-node#804
• Bump tough-cookie and @​azure/ms-rest-js by @​dependabot in actions/setup-node#802
• Bump semver from 6.1.2 to 6.3.1 by @​dependabot in actions/setup-node#807

... (truncated)

Commits

• 8f152de Update actions/checkout for documentation and yaml (#876)
• 23755b5 upgrade actions/checkout to v4 (#868)
• 54534a2 Change node version for action to node20 (#866)
• See full diff in compare view

Updates thedoctor0/zip-release from 0.7.1 to 0.7.6

Release notes

Sourced from thedoctor0/zip-release's releases.

0.7.6

• Revert quotes for $INPUT_PATH parameter (#50)

0.7.5

• Add option to run a command before zipping (TheDoctor0/zip-release#48)

0.7.3

• Add support for 7z (#44)

0.7.2

• Add double quotes around filenames, and paths (#47)

Commits

• b57d897 Update README.md
• 1169b3f Quote $INPUT_FILENAME.
• 33bd241 Unquote $INPUT_FILENAME and $INPUT_PATH.
• 7fddfdd Fix double 'then'.
• 0111ccf Add option to run a command before zipping - closes #48
• 87a8468 Add command parameter.
• c7ee708 Allow to run a custom command when starting.
• 0144f6c Add quotes.
• 51801f7 Add support for 7z (#44)
• b83d190 Double quotes around filenames, paths (#47)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

Merging #92 (d025231) into main (3ad8547) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##              main       #92   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files          168       168           
  Lines         3768      3768           
  Branches       646       646           
=========================================
  Hits          3768      3768           

📣 Codecov offers a browser extension for seamless coverage viewing on GitHub. Try it in Chrome or Firefox today!

[nfelt14]

This will need to be reverted.

[nfelt14]

@dependabot ignore python-semantic-release/python-semantic-release minor version

[dependabot]

OK, I won't notify you about version 8.3.x of python-semantic-release/python-semantic-release again, unless you unignore it.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.