From d39fd0aa207a156f48396ff13e2a303d868db02a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Apr 2026 20:36:36 +0000 Subject: [PATCH] build(deps): bump the actions-monthly group with 5 updates Bumps the actions-monthly group with 5 updates: | Package | From | To | | --- | --- | --- | | [korthout/backport-action](https://github.com/korthout/backport-action) | `4.1.0` | `4.3.0` | | [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `7.3.1` | `8.0.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.32.5` | `4.35.1` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `7.0.0` | `8.0.1` | | [pypa/cibuildwheel](https://github.com/pypa/cibuildwheel) | `3.3.1` | `3.4.0` | Updates `korthout/backport-action` from 4.1.0 to 4.3.0 - [Release notes](https://github.com/korthout/backport-action/releases) - [Commits](https://github.com/korthout/backport-action/compare/01619ebc9a6e3f6820274221b9956b3e7365000a...3c06f323a58619da1e8522229ebc8d5de2633e46) Updates `astral-sh/setup-uv` from 7.3.1 to 8.0.0 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/5a095e7a2014a4212f075830d4f7277575a9d098...cec208311dfd045dd5311c1add060b2062131d57) Updates `github/codeql-action` from 4.32.5 to 4.35.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](https://github.com/github/codeql-action/compare/v4.32.5...v4.35.1) Updates `actions/download-artifact` from 7.0.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v7...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c) Updates `pypa/cibuildwheel` from 3.3.1 to 3.4.0 - [Release notes](https://github.com/pypa/cibuildwheel/releases) - [Changelog](https://github.com/pypa/cibuildwheel/blob/main/docs/changelog.md) - [Commits](https://github.com/pypa/cibuildwheel/compare/298ed2fb2c105540f5ed055e8a6ad78d82dd3a7e...ee02a1537ce3071a004a6b08c41e72f0fdc42d9a) --- updated-dependencies: - dependency-name: korthout/backport-action dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-monthly - dependency-name: astral-sh/setup-uv dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-monthly - dependency-name: github/codeql-action dependency-version: 4.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-monthly - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-monthly - dependency-name: pypa/cibuildwheel dependency-version: 3.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-monthly ... Signed-off-by: dependabot[bot] --- .github/workflows/backport.yml | 4 ++-- .github/workflows/bandit.yml | 4 ++-- .github/workflows/build-docs.yml | 12 ++++++------ .github/workflows/build-wheel.yml | 6 +++--- .github/workflows/codeql.yml | 4 ++-- .github/workflows/coverage.yml | 8 ++++---- .github/workflows/test-wheel-linux.yml | 12 ++++++------ .github/workflows/test-wheel-windows.yml | 12 ++++++------ 8 files changed, 31 insertions(+), 31 deletions(-) diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index f983b36379..35646370b7 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -43,7 +43,7 @@ jobs: echo "OLD_BRANCH=${OLD_BRANCH}" >> $GITHUB_ENV - name: Create backport pull requests - uses: korthout/backport-action@01619ebc9a6e3f6820274221b9956b3e7365000a # v4.1.0 + uses: korthout/backport-action@3c06f323a58619da1e8522229ebc8d5de2633e46 # v4.3.0 with: copy_assignees: true copy_labels_pattern: true @@ -67,7 +67,7 @@ jobs: run: echo "BACKPORT_BRANCH=${{ inputs.backport-branch }}" >> $GITHUB_ENV - name: Create backport pull requests - uses: korthout/backport-action@01619ebc9a6e3f6820274221b9956b3e7365000a # v4.1.0 + uses: korthout/backport-action@3c06f323a58619da1e8522229ebc8d5de2633e46 # v4.3.0 with: copy_assignees: true copy_labels_pattern: true diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml index 7ecbcdd1a1..2567ab6eb7 100644 --- a/.github/workflows/bandit.yml +++ b/.github/workflows/bandit.yml @@ -23,7 +23,7 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Install uv - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 # v8.0.0 with: enable-cache: false @@ -42,6 +42,6 @@ jobs: with: args: "check --select S --ignore ${{ steps.ignore-codes.outputs.codes }} --output-format sarif --output-file results.sarif" - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@v4.32.5 + uses: github/codeql-action/upload-sarif@v4.35.1 with: sarif_file: results.sarif diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yml index adbf8a11be..123f2300f6 100644 --- a/.github/workflows/build-docs.yml +++ b/.github/workflows/build-docs.yml @@ -109,7 +109,7 @@ jobs: echo "CUDA_BINDINGS_ARTIFACTS_DIR=$(realpath "$REPO_DIR/cuda_bindings/dist")" >> $GITHUB_ENV - name: Download cuda-python build artifacts - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: cuda-python-wheel path: . @@ -122,7 +122,7 @@ jobs: ls -lahR . - name: Download cuda-pathfinder build artifacts - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: cuda-pathfinder-wheel path: ./cuda_pathfinder @@ -136,14 +136,14 @@ jobs: - name: Download cuda.bindings build artifacts if: ${{ !inputs.is-release }} - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ env.CUDA_BINDINGS_ARTIFACT_NAME }} path: ${{ env.CUDA_BINDINGS_ARTIFACTS_DIR }} - name: Download cuda.bindings build artifacts if: ${{ inputs.is-release }} - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: pattern: ${{ env.CUDA_BINDINGS_ARTIFACT_NAME }} merge-multiple: true @@ -158,14 +158,14 @@ jobs: - name: Download cuda.core build artifacts if: ${{ !inputs.is-release }} - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ env.CUDA_CORE_ARTIFACT_NAME }} path: ${{ env.CUDA_CORE_ARTIFACTS_DIR }} - name: Download cuda.core build artifacts if: ${{ inputs.is-release }} - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: pattern: ${{ env.CUDA_CORE_ARTIFACT_NAME }} merge-multiple: true diff --git a/.github/workflows/build-wheel.yml b/.github/workflows/build-wheel.yml index 2a227d4ee9..eb084c429d 100644 --- a/.github/workflows/build-wheel.yml +++ b/.github/workflows/build-wheel.yml @@ -150,7 +150,7 @@ jobs: cuda-version: ${{ inputs.cuda-version }} - name: Build cuda.bindings wheel - uses: pypa/cibuildwheel@298ed2fb2c105540f5ed055e8a6ad78d82dd3a7e # v3.3.1 + uses: pypa/cibuildwheel@ee02a1537ce3071a004a6b08c41e72f0fdc42d9a # v3.4.0 with: package-dir: ./cuda_bindings/ output-dir: ${{ env.CUDA_BINDINGS_ARTIFACTS_DIR }} @@ -204,7 +204,7 @@ jobs: if-no-files-found: error - name: Build cuda.core wheel - uses: pypa/cibuildwheel@298ed2fb2c105540f5ed055e8a6ad78d82dd3a7e # v3.3.1 + uses: pypa/cibuildwheel@ee02a1537ce3071a004a6b08c41e72f0fdc42d9a # v3.4.0 with: package-dir: ./cuda_core/ output-dir: ${{ env.CUDA_CORE_ARTIFACTS_DIR }} @@ -383,7 +383,7 @@ jobs: rmdir $OLD_BASENAME - name: Build cuda.core wheel - uses: pypa/cibuildwheel@298ed2fb2c105540f5ed055e8a6ad78d82dd3a7e # v3.3.1 + uses: pypa/cibuildwheel@ee02a1537ce3071a004a6b08c41e72f0fdc42d9a # v3.4.0 with: package-dir: ./cuda_core/ output-dir: ${{ env.CUDA_CORE_ARTIFACTS_DIR }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index eea2466f7d..0bde4858fd 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -31,13 +31,13 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Initialize CodeQL - uses: github/codeql-action/init@40f0fa95c41fede7b43f035cb47aac899ee0ba0a # v3.31.8 + uses: github/codeql-action/init@34950e1b113b30df4edee1a6d3a605242df0c40b # v3.31.8 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} queries: security-extended - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@40f0fa95c41fede7b43f035cb47aac899ee0ba0a # v3.31.8 + uses: github/codeql-action/analyze@34950e1b113b30df4edee1a6d3a605242df0c40b # v3.31.8 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 3c0d4fa700..354af0959c 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -295,7 +295,7 @@ jobs: cuda-version: ${{ env.CUDA_VER }} - name: Download Windows wheel artifacts - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: coverage-windows-wheels path: ./wheels/ @@ -420,19 +420,19 @@ jobs: pip install coverage[toml] Cython - name: Download Linux coverage data - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: coverage-data-linux path: ./ - name: Download cuda source code - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: cuda-source-linux path: ./cuda/ - name: Download Windows coverage data - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: coverage-data-windows path: ./ diff --git a/.github/workflows/test-wheel-linux.yml b/.github/workflows/test-wheel-linux.yml index 0574094683..0b0f8e1103 100644 --- a/.github/workflows/test-wheel-linux.yml +++ b/.github/workflows/test-wheel-linux.yml @@ -115,21 +115,21 @@ jobs: run: ./ci/tools/env-vars test - name: Download cuda-pathfinder build artifacts - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: cuda-pathfinder-wheel path: ./cuda_pathfinder - name: Download cuda-python build artifacts if: ${{ env.SKIP_CUDA_BINDINGS_TEST == '0'}} - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: cuda-python-wheel path: . - name: Download cuda.bindings build artifacts if: ${{ env.SKIP_CUDA_BINDINGS_TEST == '0'}} - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ env.CUDA_BINDINGS_ARTIFACT_NAME }} path: ${{ env.CUDA_BINDINGS_ARTIFACTS_DIR }} @@ -181,7 +181,7 @@ jobs: - name: Download cuda.bindings Cython tests if: ${{ env.SKIP_CYTHON_TEST == '0' }} - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ env.CUDA_BINDINGS_ARTIFACT_NAME }}-tests path: ${{ env.CUDA_BINDINGS_CYTHON_TESTS_DIR }} @@ -193,7 +193,7 @@ jobs: ls -lahR $CUDA_BINDINGS_CYTHON_TESTS_DIR - name: Download cuda.core build artifacts - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ env.CUDA_CORE_ARTIFACT_NAME }} path: ${{ env.CUDA_CORE_ARTIFACTS_DIR }} @@ -205,7 +205,7 @@ jobs: - name: Download cuda.core Cython tests if: ${{ env.SKIP_CYTHON_TEST == '0' }} - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ env.CUDA_CORE_ARTIFACT_NAME }}-tests path: ${{ env.CUDA_CORE_CYTHON_TESTS_DIR }} diff --git a/.github/workflows/test-wheel-windows.yml b/.github/workflows/test-wheel-windows.yml index 5cfee3b892..91f098b0e9 100644 --- a/.github/workflows/test-wheel-windows.yml +++ b/.github/workflows/test-wheel-windows.yml @@ -111,21 +111,21 @@ jobs: run: ./ci/tools/env-vars test - name: Download cuda-pathfinder build artifacts - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: cuda-pathfinder-wheel path: ./cuda_pathfinder - name: Download cuda-python build artifacts if: ${{ env.SKIP_CUDA_BINDINGS_TEST == '0'}} - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: cuda-python-wheel path: . - name: Download cuda.bindings build artifacts if: ${{ env.SKIP_CUDA_BINDINGS_TEST == '0'}} - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ env.CUDA_BINDINGS_ARTIFACT_NAME }} path: ${{ env.CUDA_BINDINGS_ARTIFACTS_DIR }} @@ -168,7 +168,7 @@ jobs: - name: Download cuda.bindings Cython tests if: ${{ env.SKIP_CYTHON_TEST == '0' }} - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ env.CUDA_BINDINGS_ARTIFACT_NAME }}-tests path: ${{ env.CUDA_BINDINGS_CYTHON_TESTS_DIR }} @@ -180,7 +180,7 @@ jobs: Get-ChildItem -Recurse -Force $env:CUDA_BINDINGS_CYTHON_TESTS_DIR | Select-Object Mode, LastWriteTime, Length, FullName - name: Download cuda.core build artifacts - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ env.CUDA_CORE_ARTIFACT_NAME }} path: ${{ env.CUDA_CORE_ARTIFACTS_DIR }} @@ -192,7 +192,7 @@ jobs: - name: Download cuda.core Cython tests if: ${{ env.SKIP_CYTHON_TEST == '0' }} - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ env.CUDA_CORE_ARTIFACT_NAME }}-tests path: ${{ env.CUDA_CORE_CYTHON_TESTS_DIR }}