From 26e98b269c4f6382da3c041be6f388f029c074a3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Apr 2026 02:37:25 +0000 Subject: [PATCH] ci(deps): bump the github-actions group with 4 updates Bumps the github-actions group with 4 updates: [github/codeql-action](https://github.com/github/codeql-action), [ruby/setup-ruby](https://github.com/ruby/setup-ruby), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [PyO3/maturin-action](https://github.com/pyo3/maturin-action). Updates `github/codeql-action` from 4.35.1 to 4.35.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/c10b8064de6f491fea524254123dbe5e09572f13...95e58e9a2cdfd71adc6e0353d5c52f41a045d225) Updates `ruby/setup-ruby` from 1.300.0 to 1.302.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/e65c17d16e57e481586a6a5a0282698790062f92...7372622e62b60b3cb750dcd2b9e32c247ffec26a) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a) Updates `PyO3/maturin-action` from 1.50.1 to 1.51.0 - [Release notes](https://github.com/pyo3/maturin-action/releases) - [Commits](https://github.com/pyo3/maturin-action/compare/04ac600d27cdf7a9a280dadf7147097c42b757ad...e83996d129638aa358a18fbd1dfb82f0b0fb5d3b) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: ruby/setup-ruby dependency-version: 1.302.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: PyO3/maturin-action dependency-version: 1.51.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/publish-java.yml | 4 ++-- .github/workflows/publish-python.yml | 14 +++++++------- .github/workflows/rust-clippy.yml | 2 +- .github/workflows/test-csharp.yml | 4 ++-- .github/workflows/test-python.yml | 2 +- 6 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 3006813d..b8022a3d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -120,7 +120,7 @@ jobs: node-version: '18' - name: Initialize CodeQL - uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1 + uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -141,7 +141,7 @@ jobs: - name: Setup Ruby if: matrix.language == 'rust' && contains(matrix.working-directory, 'ruby') - uses: ruby/setup-ruby@e65c17d16e57e481586a6a5a0282698790062f92 # v1.300.0 + uses: ruby/setup-ruby@7372622e62b60b3cb750dcd2b9e32c247ffec26a # v1.302.0 with: ruby-version: '3.4.2' bundler-cache: true @@ -188,6 +188,6 @@ jobs: run: cargo xtask build-wasm --release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1 + uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2 with: category: "/language:${{matrix.language}}" \ No newline at end of file diff --git a/.github/workflows/publish-java.yml b/.github/workflows/publish-java.yml index 63d11eb4..96d82f53 100644 --- a/.github/workflows/publish-java.yml +++ b/.github/workflows/publish-java.yml @@ -56,7 +56,7 @@ jobs: - run: cargo ${{ matrix.build_cmd || 'build' }} --release --frozen --target ${{ matrix.target }}${{ matrix.glibc && format('.{0}', matrix.glibc) || '' }} --manifest-path ./bindings/java/Cargo.toml - run: mkdir -p native/${{ matrix.target }} - run: mv target/${{ matrix.target }}/release/*.${{ matrix.extension }} ./native/${{ matrix.target }}/ - - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: native-libraries-${{ matrix.target }} path: native/ @@ -83,7 +83,7 @@ jobs: path: ./bindings/java/native/ - run: mvn package working-directory: ./bindings/java - - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: built-jars path: ./bindings/java/target/regorus-java-*.jar diff --git a/.github/workflows/publish-python.yml b/.github/workflows/publish-python.yml index e42bfbcf..027b64c4 100644 --- a/.github/workflows/publish-python.yml +++ b/.github/workflows/publish-python.yml @@ -34,14 +34,14 @@ jobs: working-directory: bindings/python - name: Build wheels - uses: PyO3/maturin-action@04ac600d27cdf7a9a280dadf7147097c42b757ad # v1.43.0 + uses: PyO3/maturin-action@e83996d129638aa358a18fbd1dfb82f0b0fb5d3b # v1.43.0 with: target: ${{ matrix.target }} args: --release --out dist --manifest-path bindings/python/Cargo.toml --offline --strip sccache: 'true' manylinux: auto - name: Upload wheels - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: wheels-linux-${{ matrix.target }} path: dist @@ -67,13 +67,13 @@ jobs: working-directory: bindings/python - name: Build wheels - uses: PyO3/maturin-action@04ac600d27cdf7a9a280dadf7147097c42b757ad # v1.43.0 + uses: PyO3/maturin-action@e83996d129638aa358a18fbd1dfb82f0b0fb5d3b # v1.43.0 with: target: ${{ matrix.target }} args: --release --out dist --manifest-path bindings/python/Cargo.toml --frozen --strip sccache: 'true' - name: Upload wheels - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: wheels-windows-${{ matrix.target }} path: dist @@ -98,13 +98,13 @@ jobs: working-directory: bindings/python - name: Build wheels - uses: PyO3/maturin-action@04ac600d27cdf7a9a280dadf7147097c42b757ad # v1.43.0 + uses: PyO3/maturin-action@e83996d129638aa358a18fbd1dfb82f0b0fb5d3b # v1.43.0 with: target: ${{ matrix.target }} args: --release --out dist --manifest-path bindings/python/Cargo.toml --offline --strip sccache: 'true' - name: Upload wheels - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: wheels-macos-${{ matrix.host.target }} path: dist @@ -122,7 +122,7 @@ jobs: merge-multiple: true path: wheels - name: Publish to PyPI - uses: PyO3/maturin-action@04ac600d27cdf7a9a280dadf7147097c42b757ad # v1.43.0 + uses: PyO3/maturin-action@e83996d129638aa358a18fbd1dfb82f0b0fb5d3b # v1.43.0 env: MATURIN_PYPI_TOKEN: ${{ secrets.PYPI_API_TOKEN }} with: diff --git a/.github/workflows/rust-clippy.yml b/.github/workflows/rust-clippy.yml index 0f0932a4..6da0692f 100644 --- a/.github/workflows/rust-clippy.yml +++ b/.github/workflows/rust-clippy.yml @@ -52,7 +52,7 @@ jobs: - name: Upload analysis results to GitHub if: ${{ hashFiles('rust-clippy-results.sarif') != '' }} - uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.11 + uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v3.29.11 with: sarif_file: rust-clippy-results.sarif wait-for-processing: true diff --git a/.github/workflows/test-csharp.yml b/.github/workflows/test-csharp.yml index e3b34877..b2be295f 100644 --- a/.github/workflows/test-csharp.yml +++ b/.github/workflows/test-csharp.yml @@ -59,7 +59,7 @@ jobs: run: cargo xtask build-ffi --release --target ${{ matrix.runtime.target }} - name: Upload regorus ffi shared library - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: regorus-ffi-artifacts-${{ matrix.runtime.target }} # Note: The full path of each artifact relative to . is preserved. @@ -105,7 +105,7 @@ jobs: run: cargo xtask build-csharp --release --clean --artifacts-dir ./bindings/csharp/Regorus/tmp/bindings/ffi/target --enforce-artifacts --repository-commit ${{ github.sha }} --include-symbols - name: Upload Regorus nuget - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: regorus-nuget path: | diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index 054e8194..c9cdc914 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -51,7 +51,7 @@ jobs: run: cargo xtask build-python --release --target ${{ matrix.host.target }} --target-dir bindings/python/dist --frozen - name: Upload wheel artefacts - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: regorus-wheel-${{ matrix.host.name }} path: bindings/python/dist/regorus-*.whl