From 3e43c5e1546bbf558e2e7c864d8a21e9b431a8ab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jun 2026 03:12:37 +0000 Subject: [PATCH] chore(deps,ci): bump the actions-minor-patch group with 4 updates Bumps the actions-minor-patch group with 4 updates: [actions/setup-python](https://github.com/actions/setup-python), [azure/setup-helm](https://github.com/azure/setup-helm), [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) and [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials). Updates `actions/setup-python` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/a309ff8b426b58ec0e2a45f0f869d46889d02405...ece7cb06caefa5fff74198d8649806c4678c61a1) Updates `azure/setup-helm` from 5.0.0 to 5.0.1 - [Release notes](https://github.com/azure/setup-helm/releases) - [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md) - [Commits](https://github.com/azure/setup-helm/compare/dda3372f752e03dde6b3237bc9431cdc2f7a02a2...9bc31f4ebc9c6b171d7bfbaa5d006ae7abdb4310) Updates `actions/attest-build-provenance` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32...0f67c3f4856b2e3261c31976d6725780e5e4c373) Updates `aws-actions/configure-aws-credentials` from 6.2.0 to 6.2.1 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/e7f100cf4c008499ea8adda475de1042d6975c7b...254c19bd240aabef8777f48595e9d2d7b972184b) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor-patch - dependency-name: azure/setup-helm dependency-version: 5.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-minor-patch - dependency-name: actions/attest-build-provenance dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-minor-patch - dependency-name: aws-actions/configure-aws-credentials dependency-version: 6.2.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-minor-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/backup.yml | 2 +- .github/workflows/benchmark-arm.yml | 2 +- .github/workflows/chaos.yml | 4 ++-- .github/workflows/ci.yml | 14 +++++++------- .github/workflows/container-attestation.yml | 4 ++-- .github/workflows/contract.yml | 2 +- .github/workflows/dora.yml | 2 +- .github/workflows/e2e.yml | 2 +- .github/workflows/load-test.yml | 2 +- .github/workflows/mutation.yml | 2 +- .github/workflows/perf-regression.yml | 2 +- .github/workflows/performance.yml | 2 +- .github/workflows/publish-pypi.yml | 2 +- .github/workflows/security.yml | 4 ++-- .github/workflows/staging-deploy.yml | 4 ++-- .github/workflows/terraform-apply.yml | 4 ++-- 16 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/workflows/backup.yml b/.github/workflows/backup.yml index 354cf4d..8dc5462 100644 --- a/.github/workflows/backup.yml +++ b/.github/workflows/backup.yml @@ -14,7 +14,7 @@ jobs: timeout-minutes: 20 steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Install dependencies diff --git a/.github/workflows/benchmark-arm.yml b/.github/workflows/benchmark-arm.yml index 655fd77..8df6e7e 100644 --- a/.github/workflows/benchmark-arm.yml +++ b/.github/workflows/benchmark-arm.yml @@ -18,7 +18,7 @@ jobs: timeout-minutes: 30 steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Install dependencies diff --git a/.github/workflows/chaos.yml b/.github/workflows/chaos.yml index f9f93bb..ed23b00 100644 --- a/.github/workflows/chaos.yml +++ b/.github/workflows/chaos.yml @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" @@ -72,7 +72,7 @@ jobs: steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e3feaf1..3b41c8c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Install dependencies @@ -37,7 +37,7 @@ jobs: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 2 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Install dependencies @@ -53,7 +53,7 @@ jobs: id-token: write steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Install dependencies @@ -181,7 +181,7 @@ jobs: CLICKHOUSE_DB: agentflow steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Install dependencies @@ -211,12 +211,12 @@ jobs: timeout-minutes: 8 steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Install dependencies run: pip install -e ".[dev]" - - uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0 + - uses: azure/setup-helm@9bc31f4ebc9c6b171d7bfbaa5d006ae7abdb4310 # v5.0.1 - uses: helm/kind-action@ef37e7f390d99f746eb8b610417061a60e82a6cc # v1.14.0 with: install_only: true @@ -233,7 +233,7 @@ jobs: timeout-minutes: 20 steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Install dependencies diff --git a/.github/workflows/container-attestation.yml b/.github/workflows/container-attestation.yml index 65c0dd7..dda8fac 100644 --- a/.github/workflows/container-attestation.yml +++ b/.github/workflows/container-attestation.yml @@ -124,7 +124,7 @@ jobs: IMAGE_DIGEST: ${{ steps.build.outputs.digest }} run: cosign sign --yes ${IMAGE_REF}@${IMAGE_DIGEST} - - uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 + - uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v4.1.1 with: subject-name: ${{ env.IMAGE_REF }} subject-digest: ${{ steps.build.outputs.digest }} @@ -166,7 +166,7 @@ jobs: IMAGE_DIGEST: ${{ env.IMAGE_DIGEST }} run: cosign sign --yes ${IMAGE_REF}@${IMAGE_DIGEST} - - uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 + - uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v4.1.1 with: subject-name: ${{ inputs.image_ref }} subject-digest: ${{ inputs.image_digest }} diff --git a/.github/workflows/contract.yml b/.github/workflows/contract.yml index b144be1..78fd871 100644 --- a/.github/workflows/contract.yml +++ b/.github/workflows/contract.yml @@ -61,7 +61,7 @@ jobs: - name: Skip note (no contract-relevant changes) if: steps.changes.outputs.relevant == 'false' run: echo "No contract-relevant changes - suite skipped, required check passes." - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 if: steps.changes.outputs.relevant == 'true' with: python-version: "3.11" diff --git a/.github/workflows/dora.yml b/.github/workflows/dora.yml index 69a063a..c8fba7c 100644 --- a/.github/workflows/dora.yml +++ b/.github/workflows/dora.yml @@ -20,7 +20,7 @@ jobs: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Ensure local main ref diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 6f83a05..322c388 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -21,7 +21,7 @@ jobs: steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" diff --git a/.github/workflows/load-test.yml b/.github/workflows/load-test.yml index 164a03d..a6af60e 100644 --- a/.github/workflows/load-test.yml +++ b/.github/workflows/load-test.yml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" diff --git a/.github/workflows/mutation.yml b/.github/workflows/mutation.yml index 42ef6b9..c031c41 100644 --- a/.github/workflows/mutation.yml +++ b/.github/workflows/mutation.yml @@ -14,7 +14,7 @@ jobs: timeout-minutes: 60 steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Install dependencies diff --git a/.github/workflows/perf-regression.yml b/.github/workflows/perf-regression.yml index b9a815c..3ebdf5b 100644 --- a/.github/workflows/perf-regression.yml +++ b/.github/workflows/perf-regression.yml @@ -14,7 +14,7 @@ jobs: steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" diff --git a/.github/workflows/performance.yml b/.github/workflows/performance.yml index 185ab71..0816252 100644 --- a/.github/workflows/performance.yml +++ b/.github/workflows/performance.yml @@ -14,7 +14,7 @@ jobs: timeout-minutes: 20 steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Install dependencies diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml index 91a353a..463a57b 100644 --- a/.github/workflows/publish-pypi.yml +++ b/.github/workflows/publish-pypi.yml @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index ec6dd6c..e830ed5 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Install Bandit @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" - name: Resolve Safety dependency inputs diff --git a/.github/workflows/staging-deploy.yml b/.github/workflows/staging-deploy.yml index 236e787..7d6cdd2 100644 --- a/.github/workflows/staging-deploy.yml +++ b/.github/workflows/staging-deploy.yml @@ -19,7 +19,7 @@ jobs: steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.11" @@ -34,7 +34,7 @@ jobs: - name: Prepare pytest temp directory run: mkdir -p .tmp - - uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0 + - uses: azure/setup-helm@9bc31f4ebc9c6b171d7bfbaa5d006ae7abdb4310 # v5.0.1 - uses: helm/kind-action@ef37e7f390d99f746eb8b610417061a60e82a6cc # v1.14.0 with: diff --git a/.github/workflows/terraform-apply.yml b/.github/workflows/terraform-apply.yml index d041071..2014f2b 100644 --- a/.github/workflows/terraform-apply.yml +++ b/.github/workflows/terraform-apply.yml @@ -88,7 +88,7 @@ jobs: *) echo "Unsupported environment: ${{ inputs.environment }}" >&2; exit 1 ;; esac - - uses: aws-actions/configure-aws-credentials@e7f100cf4c008499ea8adda475de1042d6975c7b # v6.2.0 + - uses: aws-actions/configure-aws-credentials@254c19bd240aabef8777f48595e9d2d7b972184b # v6.2.1 with: role-to-assume: ${{ vars.AWS_TERRAFORM_ROLE_ARN }} aws-region: ${{ vars.AWS_REGION }} @@ -135,7 +135,7 @@ jobs: *) echo "Unsupported environment: ${{ inputs.environment }}" >&2; exit 1 ;; esac - - uses: aws-actions/configure-aws-credentials@e7f100cf4c008499ea8adda475de1042d6975c7b # v6.2.0 + - uses: aws-actions/configure-aws-credentials@254c19bd240aabef8777f48595e9d2d7b972184b # v6.2.1 with: role-to-assume: ${{ vars.AWS_TERRAFORM_ROLE_ARN }} aws-region: ${{ vars.AWS_REGION }}