From b7306ae95a20bcf5221eb337d684da1b97e005d2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 11 Mar 2026 11:11:18 +0000 Subject: [PATCH] Update GitHub Actions dependencies --- .github/actions/config-poetry/action.yml | 6 ++--- .github/workflows/Iris.yml | 8 +++---- .github/workflows/MacOsNightly.yml | 4 ++-- .github/workflows/SlackNotify.yml | 2 +- .github/workflows/build.yml | 28 ++++++++++++------------ .github/workflows/release.yml | 4 ++-- 6 files changed, 26 insertions(+), 26 deletions(-) diff --git a/.github/actions/config-poetry/action.yml b/.github/actions/config-poetry/action.yml index 811cfa43..1aefae26 100644 --- a/.github/actions/config-poetry/action.yml +++ b/.github/actions/config-poetry/action.yml @@ -48,7 +48,7 @@ runs: # python needs to be installed before jfrog and poetry # (see https://xtranet-sonarsource.atlassian.net/wiki/spaces/Platform/pages/4344217683/Mise+Poetry+Install+-+GitHub) - name: Install mise and python - uses: jdx/mise-action@5ac50f778e26fac95da98d50503682459e86d566 # v3.2.0 + uses: jdx/mise-action@5228313ee0372e111a38da051671ca30fc5a96db # v3.6.3 with: version: 2025.7.12 tool_versions: | @@ -56,7 +56,7 @@ runs: experimental: true # needed to use the http backend for installation of jfrog on windows - name: Install jfrog and poetry through mise - uses: jdx/mise-action@5ac50f778e26fac95da98d50503682459e86d566 # v3.2.0 + uses: jdx/mise-action@5228313ee0372e111a38da051671ca30fc5a96db # v3.6.3 with: version: 2025.7.12 experimental: true # needed to use the http backend for installation of jfrog on windows @@ -64,7 +64,7 @@ runs: - name: Vault # yamllint disable rule:line-length id: secrets - uses: SonarSource/vault-action-wrapper@320bd31b03e5dacaac6be51bbbb15adf7caccc32 # 3.1.0 + uses: SonarSource/vault-action-wrapper@3d5c87cb535e4a2c7a09adcbcfdefa751854dee3 # 3.3.0 with: secrets: | development/artifactory/token/{REPO_OWNER_NAME_DASH}-${{ env.ARTIFACTORY_READER_ROLE }} access_token | ARTIFACTORY_ACCESS_TOKEN; diff --git a/.github/workflows/Iris.yml b/.github/workflows/Iris.yml index c9b39c83..89bbc211 100644 --- a/.github/workflows/Iris.yml +++ b/.github/workflows/Iris.yml @@ -17,14 +17,14 @@ jobs: contents: write steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Configure poetry uses: ./.github/actions/config-poetry - run: | poetry run pytest --cov-report=xml:coverage.xml --cov-config=pyproject.toml --cov=src --cov-branch tests poetry run mypy src/ > mypy-report.txt || true - name: Upload coverage artifacts - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: coverage-reports path: | @@ -40,10 +40,10 @@ jobs: contents: write steps: - name: Checkout code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Download coverage artifacts - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: name: coverage-reports diff --git a/.github/workflows/MacOsNightly.yml b/.github/workflows/MacOsNightly.yml index 3ef7d49e..c5de9edc 100644 --- a/.github/workflows/MacOsNightly.yml +++ b/.github/workflows/MacOsNightly.yml @@ -30,7 +30,7 @@ jobs: python-version: ["3.9.18", "3.10.13", "3.11.7", "3.12.1", "3.13.2"] steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Setup Cloudflare WARP uses: SonarSource/gh-action_setup-cloudflare-warp@v1 @@ -55,7 +55,7 @@ jobs: SKIP_DOCKER: true steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Setup Cloudflare WARP uses: SonarSource/gh-action_setup-cloudflare-warp@v1 diff --git a/.github/workflows/SlackNotify.yml b/.github/workflows/SlackNotify.yml index 9c168d68..6d5f7471 100644 --- a/.github/workflows/SlackNotify.yml +++ b/.github/workflows/SlackNotify.yml @@ -17,6 +17,6 @@ jobs: - name: Send Slack Notification env: GITHUB_TOKEN: ${{ github.token }} - uses: SonarSource/gh-action_slack-notify@1.0.1 + uses: SonarSource/gh-action_slack-notify@9532fdcfa4143ed5da2da7b0e77172abbe24ae33 # 1.0.2 with: slackChannel: squad-python-notifs diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index bc1722d1..e5573053 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,9 +20,9 @@ jobs: contents: write steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Install mise and tools - uses: jdx/mise-action@e3d7b8d67a7958d1207f6ed871e83b1ea780e7b0 #v3.3.1 + uses: jdx/mise-action@5228313ee0372e111a38da051671ca30fc5a96db # v3.6.3 - name: Build the scanner uses: SonarSource/ci-github-actions/build-poetry@v1 id: build-poetry @@ -40,7 +40,7 @@ jobs: contents: write steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Configure poetry uses: ./.github/actions/config-poetry # We use this job to cache the poetry depend - run: | @@ -55,7 +55,7 @@ jobs: contents: write steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Configure poetry uses: ./.github/actions/config-poetry - run: | @@ -73,9 +73,9 @@ jobs: contents: read steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Install mise and tools - uses: jdx/mise-action@e3d7b8d67a7958d1207f6ed871e83b1ea780e7b0 #v3.3.1 + uses: jdx/mise-action@5228313ee0372e111a38da051671ca30fc5a96db # v3.6.3 - name: Check for incorrect documentation run: | poetry run python tools/generate_cli_documentation.py @@ -90,14 +90,14 @@ jobs: contents: write steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Configure poetry uses: ./.github/actions/config-poetry - run: | poetry run pytest --cov-report=xml:coverage.xml --cov-config=pyproject.toml --cov=src --cov-branch tests poetry run mypy src/ > mypy-report.txt || true - name: Upload coverage artifacts - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: coverage-reports path: | @@ -113,13 +113,13 @@ jobs: contents: write steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Download coverage artifacts - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: name: coverage-reports - name: Install mise and tools - uses: jdx/mise-action@e3d7b8d67a7958d1207f6ed871e83b1ea780e7b0 #v3.3.1 + uses: jdx/mise-action@5228313ee0372e111a38da051671ca30fc5a96db # v3.6.3 - name: Analysis the project on next uses: SonarSource/ci-github-actions/build-poetry@v1 with: @@ -141,7 +141,7 @@ jobs: ["3.9.18", "3.9.6", "3.10.13", "3.11.7", "3.12.1", "3.13.2", "3.14.0"] steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Configure poetry uses: ./.github/actions/config-poetry with: @@ -159,7 +159,7 @@ jobs: contents: write steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Configure poetry for Windows uses: ./.github/actions/config-poetry - name: Execute the test suite @@ -177,7 +177,7 @@ jobs: SKIP_DOCKER: true steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - name: Cache SonarQube uses: SonarSource/gh-action_cache@v1 id: sonarqube-cache diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5cf7e667..ce5a4862 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,7 +11,7 @@ jobs: permissions: id-token: write contents: write - uses: SonarSource/gh-action_release/.github/workflows/main.yaml@51c77454eebdc43965dd3aa9b91bc5b5171edcac # 6.1.0 + uses: SonarSource/gh-action_release/.github/workflows/main.yaml@7b055eca5ce771ff254fbec2697c0fc1c7207e1e # 6.4.0 with: publishToTestPyPI: true skipPythonReleasabilityChecks: true @@ -20,7 +20,7 @@ jobs: permissions: id-token: write contents: write - uses: SonarSource/gh-action_release/.github/workflows/main.yaml@51c77454eebdc43965dd3aa9b91bc5b5171edcac # 6.1.0 + uses: SonarSource/gh-action_release/.github/workflows/main.yaml@7b055eca5ce771ff254fbec2697c0fc1c7207e1e # 6.4.0 with: publishToPyPI: true skipPythonReleasabilityChecks: true