diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2bb6b84c9..e00554158 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false - name: Set up Python @@ -28,7 +28,7 @@ jobs: - name: Build a binary wheel and a source tarball run: python3 -m build - name: Store the distribution packages - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: python-package-distributions path: dist/ @@ -47,7 +47,7 @@ jobs: id-token: write # IMPORTANT: mandatory for trusted publishing steps: - name: Download all the dists - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v7 with: name: python-package-distributions path: dist/ @@ -68,12 +68,12 @@ jobs: steps: - name: Download all the dists - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v7 with: name: python-package-distributions path: dist/ - name: Sign the dists with Sigstore - uses: sigstore/gh-action-sigstore-python@f832326173235dcb00dd5d92cd3f353de3188e6c # v3.1.0 + uses: sigstore/gh-action-sigstore-python@a5caf349bc536fbef3668a10ed7f5cd309a4b53d # v3.2.0 with: inputs: >- ./dist/*.tar.gz @@ -113,7 +113,7 @@ jobs: steps: - name: Download all the dists - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v7 with: name: python-package-distributions path: dist/ diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index eb440220f..cc92324ca 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -41,7 +41,7 @@ jobs: - 3306:3306 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false @@ -57,7 +57,7 @@ jobs: echo "dir=$(pip cache dir)" >> $GITHUB_OUTPUT - name: Cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ${{ steps.pip-cache.outputs.dir }} key: @@ -82,7 +82,7 @@ jobs: COVERAGE_FILE: ".coverage.mysql.${{ matrix.python-version }}" - name: Store coverage file - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: coverage-mysql-${{ matrix.python-version }} path: .coverage.mysql.${{ matrix.python-version }}* @@ -137,7 +137,7 @@ jobs: --health-retries 5 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false @@ -153,7 +153,7 @@ jobs: echo "dir=$(pip cache dir)" >> $GITHUB_OUTPUT - name: Cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ${{ steps.pip-cache.outputs.dir }} key: @@ -182,7 +182,7 @@ jobs: COVERAGE_FILE: ".coverage.${{ matrix.database }}.${{ matrix.python-version }}" - name: Store coverage file - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: coverage-${{ matrix.database }}-${{ matrix.python-version }} path: .coverage.${{ matrix.database }}.${{ matrix.python-version }}* @@ -197,7 +197,7 @@ jobs: python-version: ['3.10', '3.11', '3.12', '3.13', '3.14'] steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false @@ -213,7 +213,7 @@ jobs: echo "dir=$(pip cache dir)" >> $GITHUB_OUTPUT - name: Cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ${{ steps.pip-cache.outputs.dir }} key: @@ -235,7 +235,7 @@ jobs: COVERAGE_FILE: ".coverage.sqlite.${{ matrix.python-version }}" - name: Store coverage file - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: coverage-sqlite-${{ matrix.python-version }} path: .coverage.sqlite.${{ matrix.python-version }}* @@ -247,7 +247,7 @@ jobs: fail-fast: false steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false @@ -262,7 +262,7 @@ jobs: echo "dir=$(pip cache dir)" >> $GITHUB_OUTPUT - name: Cache - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ${{ steps.pip-cache.outputs.dir }} key: @@ -290,12 +290,12 @@ jobs: pull-requests: write contents: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: # Persist the credentials because coverage_comment needs them too. persist-credentials: true - - uses: actions/download-artifact@v6 + - uses: actions/download-artifact@v7 id: download with: pattern: coverage-* @@ -309,7 +309,7 @@ jobs: MERGE_COVERAGE_FILES: true - name: Store Pull Request comment to be posted - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 if: steps.coverage_comment.outputs.COMMENT_FILE_WRITTEN == 'true' with: name: python-coverage-comment-action diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 41d2e7027..7d597a5ee 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -18,7 +18,7 @@ jobs: actions: read # only needed for private repos steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false