From ab1d4ea2b8cebe84c4a6f734fe78cb31329a7332 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 21 Jun 2026 21:02:44 +0000 Subject: [PATCH] [actions] (deps): Bump the dev-dependencies group across 1 directory with 2 updates Bumps the dev-dependencies group with 2 updates in the / directory: [actions/checkout](https://github.com/actions/checkout) and [sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python). Updates `actions/checkout` from 6 to 7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v6...v7) Updates `sigstore/gh-action-sigstore-python` from 3.3.0 to 3.4.0 - [Release notes](https://github.com/sigstore/gh-action-sigstore-python/releases) - [Changelog](https://github.com/sigstore/gh-action-sigstore-python/blob/main/CHANGELOG.md) - [Commits](https://github.com/sigstore/gh-action-sigstore-python/compare/04cffa1d795717b140764e8b640de88853c92acc...5b79a39c381910c090341a2c9b0bf022c8b387e1) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: dev-dependencies - dependency-name: sigstore/gh-action-sigstore-python dependency-version: 3.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/publish-to-pypi.yaml | 4 ++-- .github/workflows/pyright.yaml | 2 +- .github/workflows/pytest.yaml | 4 ++-- .github/workflows/ruff.yaml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/publish-to-pypi.yaml b/.github/workflows/publish-to-pypi.yaml index b627892..ea667db 100644 --- a/.github/workflows/publish-to-pypi.yaml +++ b/.github/workflows/publish-to-pypi.yaml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Python uses: actions/setup-python@v6 with: @@ -71,7 +71,7 @@ jobs: name: python-package-distributions path: dist/ - name: Sign the dists with Sigstore - uses: sigstore/gh-action-sigstore-python@04cffa1d795717b140764e8b640de88853c92acc #v3.3.0 + uses: sigstore/gh-action-sigstore-python@5b79a39c381910c090341a2c9b0bf022c8b387e1 #v3.4.0 with: inputs: >- ./dist/*.tar.gz diff --git a/.github/workflows/pyright.yaml b/.github/workflows/pyright.yaml index fb99257..b0da9d6 100644 --- a/.github/workflows/pyright.yaml +++ b/.github/workflows/pyright.yaml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Python uses: actions/setup-python@v6 with: diff --git a/.github/workflows/pytest.yaml b/.github/workflows/pytest.yaml index 961ff89..312e6fc 100644 --- a/.github/workflows/pytest.yaml +++ b/.github/workflows/pytest.yaml @@ -18,7 +18,7 @@ jobs: python-version: ["3.10", "3.11", "3.12", "3.13", "3.14"] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Python uses: actions/setup-python@v6 with: @@ -51,7 +51,7 @@ jobs: pull-requests: write contents: write steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/download-artifact@v8 id: download with: diff --git a/.github/workflows/ruff.yaml b/.github/workflows/ruff.yaml index c3c1eea..ff87d99 100644 --- a/.github/workflows/ruff.yaml +++ b/.github/workflows/ruff.yaml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Python uses: actions/setup-python@v6 with: