diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 66f21a8..f54a520 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,15 +22,15 @@ jobs: timeout-minutes: 5 steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit - - uses: actions/checkout@v4 + - uses: actions/checkout@v7 with: persist-credentials: false - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: "3.13" @@ -49,15 +49,15 @@ jobs: timeout-minutes: 5 steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit - - uses: actions/checkout@v4 + - uses: actions/checkout@v7 with: persist-credentials: false - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: "3.13" @@ -77,15 +77,15 @@ jobs: python-version: ["3.11", "3.12", "3.13"] steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit - - uses: actions/checkout@v4 + - uses: actions/checkout@v7 with: persist-credentials: false - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: ${{ matrix.python-version }} @@ -97,7 +97,7 @@ jobs: - name: Upload coverage if: matrix.python-version == '3.13' - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: coverage-report path: coverage.xml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 47cc75f..5ab0e72 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,28 +29,28 @@ jobs: steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit - - uses: actions/checkout@v4 + - uses: actions/checkout@v7 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: "3.13" - name: Python Semantic Release id: release - uses: python-semantic-release/python-semantic-release@v9 + uses: python-semantic-release/python-semantic-release@v10 with: github_token: ${{ secrets.GITHUB_TOKEN }} - name: Publish to GitHub Releases if: steps.release.outputs.released == 'true' - uses: python-semantic-release/publish-action@v9 + uses: python-semantic-release/publish-action@v10 with: github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 51b4534..abec7f0 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -26,25 +26,25 @@ jobs: security-events: write steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit - - uses: actions/checkout@v4 + - uses: actions/checkout@v7 with: persist-credentials: false - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: python queries: security-and-quality - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@v4 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "/language:python" @@ -55,13 +55,13 @@ jobs: if: github.event_name == 'pull_request' steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit - - uses: actions/checkout@v4 + - uses: actions/checkout@v7 with: persist-credentials: false - name: Dependency Review - uses: actions/dependency-review-action@v4 + uses: actions/dependency-review-action@v5