Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the github-actions group with 5 updates #32

Merged
merged 1 commit into from
Apr 29, 2024
Merged

Bump the github-actions group with 5 updates #32

merged 1 commit into from
Apr 29, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 29, 2024

Bumps the github-actions group with 5 updates:

Package From To
actions/checkout 3 4
hynek/build-and-inspect-python-package 1.5 2.4
actions/download-artifact 3 4
actions/setup-python 4 5
actions/cache 3 4

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

... (truncated)

Commits

Updates hynek/build-and-inspect-python-package from 1.5 to 2.4

Release notes

Sourced from hynek/build-and-inspect-python-package's releases.

v2.4.0

Changed

  • The action doesn't crash anymore if the user sets globally the UV_SYSTEM_PYTHON environment variable. #116

v2.3.0

Added

  • Cache busting for the uv cache. GitHub Actions's caching behavior is a bit idiosyncratic: Once a cache is created, it's immutable. But as long as it's accessed within 7 days, it never goes away.

    Therefore, baipp now uses the hash of the requirements file as part of the cache key. Behaviorally, nothing changes, except that the cache doesn't grow useless over time. #115

v2.2.1

Fixed

  • The action uses wheel to unpack wheels again (this is a revert of #103) due to incompatibilities with, for example, pytest. To avoid the confusion due to wrong timestamps, the wheel's tree output in the Summary has no timestamps anymore. #114

v2.2.0

Changed

  • Use uv as installer command for build for further speedups. #107

v2.1.0

Highlight

This is a very exciting release with two very exciting stand-out features:

  1. The action now uses uv to install its tools which made it much faster.

  2. The new supported_python_classifiers_json_array and supported_python_classifiers_json_job_matrix_value outputs allow you to use support Python classifiers from your package's metadata directly to build the CI matrix.

    One place fewer to update when adding support for a new Python version (or removing for one, for that matter) and this is how this feature looks in real life: hynek/structlog#608

Full Changelog

Added

  • New outputs: supported_python_classifiers_json_array and supported_python_classifiers_json_job_matrix_value.

    They are extracted from the trove classifiers defined in the package metadata (for example, Programming Language :: Python :: 3.12) and allow you to define the Python versions matrix for your CI jobs without duplicating this information. #80 #102

  • New input: skip-wheel to skip building the wheel in addition to the source distribution. This is useful if you need to build your wheels using advanced tools like cibuildwheel anyway. #98

  • New input: upload-name-suffix allows to build more than one package in a single workflow by distinguishing the artifact names. #97

Changed

  • The action now uses uv to install its tools to speed up your CI runs. #86

  • We now use unzip to extract wheels, which preserves timestamps in the "Wheel contents" summary. #103

... (truncated)

Changelog

Sourced from hynek/build-and-inspect-python-package's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

2.4.0 - 2024-04-11

Changed

  • The action doesn't crash anymore if the user sets globally the UV_SYSTEM_PYTHON environment variable. #116

2.3.0 - 2024-04-11

Added

  • Cache busting for the uv cache. GitHub Actions's caching behavior is a bit idiosyncratic: Once a cache is created, it's immutable. But as long as it's accessed within 7 days, it never goes away.

    Therefore, baipp now uses the hash of the requirements file as part of the cache key. Behaviorally, nothing changes, except that the cache doesn't grow useless over time. #115

2.2.1 - 2024-04-02

Fixed

  • The action uses wheel to unpack wheels again (this is a revert of #103) due to incompatibilities with, for example, pytest. To avoid the confusion due to wrong timestamps, the wheel's tree output in the Summary has no timestamps anymore. #114

2.2.0 - 2024-03-31

Changed

  • Use uv as installer command for build for further speedups. #107

2.1.0 - 2024-03-27

Added

... (truncated)

Commits

Updates actions/download-artifact from 3 to 4

Release notes

Sourced from actions/download-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

ℹ️ However, this is a major update that includes breaking changes. Artifacts created with versions v3 and below are not compatible with the v4 actions. Uploads and downloads must use the same major actions versions. There are also key differences from previous versions that may require updates to your workflows.

For more information, please see:

  1. The changelog post.
  2. The README.
  3. The migration documentation.
  4. As well as the underlying npm package, @​actions/artifact documentation.

New Contributors

Full Changelog: actions/download-artifact@v3...v4.0.0

v3.0.2

v3.0.1

Commits
  • 65a9edc Merge pull request #325 from bethanyj28/main
  • fdd1595 licensed
  • c13dba1 update @​actions/artifact dependency
  • 0daa75e Merge pull request #324 from actions/eggyhead/use-artifact-v2.1.6
  • 9c19ed7 Merge branch 'main' into eggyhead/use-artifact-v2.1.6
  • 3d3ea87 updating license
  • 89af5db updating artifact package v2.1.6
  • b4aefff Merge pull request #323 from actions/eggyhead/update-artifact-v215
  • 8caf195 package lock update
  • d7a2ec4 updating package version
  • Additional commits viewable in compare view

Updates actions/setup-python from 4 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: actions/setup-python@v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

New Contributors

Full Changelog: actions/setup-python@v4...v4.8.0

v4.7.1

What's Changed

Full Changelog: actions/setup-python@v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table>

... (truncated)

Commits
  • 82c7e63 Documentation changes for avoiding rate limit issues on GHES (#835)
  • 10aa35a feat: fallback to raw endpoint for manifest when rate limit is reached (#766)
  • 9a7ac94 Bump undici from 5.27.2 to 5.28.3 (#817)
  • 871daa9 Fix the "Specifying multiple Python/PyPy versions" link (#782)
  • 2f07895 Fix broken README.md link (#793)
  • e9d6f99 Replace setup-python@v4 by setup-python@v5 in README (#776)
  • 0a5c615 Update action to node20 (#772)
  • 0ae5836 Add example of GraalPy to docs (#773)
  • b64ffca update actions/checkout to v4 (#761)
  • 8d28961 Examples now use checkout@v4 (#738)
  • Additional commits viewable in compare view

Updates actions/cache from 3 to 4

Release notes

Sourced from actions/cache's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/cache@v3...v4.0.0

v3.3.3

What's Changed

New Contributors

Full Changelog: actions/cache@v3...v3.3.3

v3.3.2

What's Changed

New Contributors

Full Changelog: actions/cache@v3...v3.3.2

v3.3.1

What's Changed

Full Changelog: actions/cache@v3...v3.3.1

v3.3.0

What's Changed

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

4.0.2

  • Fixed restore fail-on-cache-miss not working.

4.0.1

  • Updated isGhes check

4.0.0

  • Updated minimum runner version support from node 12 -> node 20

3.3.3

  • Updates @​actions/cache to v3.2.3 to fix accidental mutated path arguments to getCacheVersion actions/toolkit#1378
  • Additional audit fixes of npm package(s)

3.3.2

  • Fixes bug with Azure SDK causing blob downloads to get stuck.

3.3.1

  • Reduced segment size to 128MB and segment timeout to 10 minutes to fail fast in case the cache download is stuck.

3.3.0

  • Added option to lookup cache without downloading it.

3.2.6

  • Fix zstd not being used after zstd version upgrade to 1.5.4 on hosted runners.

3.2.5

  • Added fix to prevent from setting MYSYS environment variable globally.

3.2.4

  • Added option to fail job on cache miss.

3.2.3

  • Support cross os caching on Windows as an opt-in feature.
  • Fix issue with symlink restoration on Windows for cross-os caches.

3.2.2

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the github-actions group with 5 updates
d3988c6 
Bumps the github-actions group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `3` | `4` |
| [hynek/build-and-inspect-python-package](https://github.com/hynek/build-and-inspect-python-package) | `1.5` | `2.4` |
| [actions/download-artifact](https://github.com/actions/download-artifact) | `3` | `4` |
| [actions/setup-python](https://github.com/actions/setup-python) | `4` | `5` |
| [actions/cache](https://github.com/actions/cache) | `3` | `4` |


Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

Updates `hynek/build-and-inspect-python-package` from 1.5 to 2.4
- [Release notes](https://github.com/hynek/build-and-inspect-python-package/releases)
- [Changelog](https://github.com/hynek/build-and-inspect-python-package/blob/main/CHANGELOG.md)
- [Commits](hynek/build-and-inspect-python-package@v1.5...v2.4)

Updates `actions/download-artifact` from 3 to 4
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v3...v4)

Updates `actions/setup-python` from 4 to 5
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v4...v5)

Updates `actions/cache` from 3 to 4
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: hynek/build-and-inspect-python-package
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 29, 2024
@cclauss cclauss mentioned this pull request Apr 29, 2024
Merged
@cclauss
Copy link
Contributor

cclauss commented Apr 29, 2024

The test failures are fixed in https://github.com/pytest-dev/nose2pytest/pull/30/files

@nicoddemus nicoddemus merged commit 4de8785 into master Apr 29, 2024
32 of 36 checks passed
@nicoddemus nicoddemus deleted the dependabot/github_actions/github-actions-24f3cc095e branch April 29, 2024 12:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicoddemus nicoddemus nicoddemus approved these changes

@cclauss cclauss cclauss approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@cclauss @nicoddemus