Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 10 additions & 10 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,15 +22,15 @@ jobs:
timeout-minutes: 5
steps:
- name: Harden runner
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
egress-policy: audit

- uses: actions/checkout@v4
- uses: actions/checkout@v7
with:
persist-credentials: false

- uses: actions/setup-python@v5
- uses: actions/setup-python@v6
with:
python-version: "3.13"

Expand All @@ -49,15 +49,15 @@ jobs:
timeout-minutes: 5
steps:
- name: Harden runner
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
egress-policy: audit

- uses: actions/checkout@v4
- uses: actions/checkout@v7
with:
persist-credentials: false

- uses: actions/setup-python@v5
- uses: actions/setup-python@v6
with:
python-version: "3.13"

Expand All @@ -77,15 +77,15 @@ jobs:
python-version: ["3.11", "3.12", "3.13"]
steps:
- name: Harden runner
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
egress-policy: audit

- uses: actions/checkout@v4
- uses: actions/checkout@v7
with:
persist-credentials: false

- uses: actions/setup-python@v5
- uses: actions/setup-python@v6
with:
python-version: ${{ matrix.python-version }}

Expand All @@ -97,7 +97,7 @@ jobs:

- name: Upload coverage
if: matrix.python-version == '3.13'
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v7
with:
name: coverage-report
path: coverage.xml
10 changes: 5 additions & 5 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,28 +29,28 @@ jobs:

steps:
- name: Harden runner
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
egress-policy: audit

- uses: actions/checkout@v4
- uses: actions/checkout@v7
with:
fetch-depth: 0
token: ${{ secrets.GITHUB_TOKEN }}

- uses: actions/setup-python@v5
- uses: actions/setup-python@v6
with:
python-version: "3.13"

- name: Python Semantic Release
id: release
uses: python-semantic-release/python-semantic-release@v9
uses: python-semantic-release/python-semantic-release@v10
with:
github_token: ${{ secrets.GITHUB_TOKEN }}

- name: Publish to GitHub Releases
if: steps.release.outputs.released == 'true'
uses: python-semantic-release/publish-action@v9
uses: python-semantic-release/publish-action@v10
with:
github_token: ${{ secrets.GITHUB_TOKEN }}

Expand Down
16 changes: 8 additions & 8 deletions .github/workflows/security.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,25 +26,25 @@ jobs:
security-events: write
steps:
- name: Harden runner
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
egress-policy: audit

- uses: actions/checkout@v4
- uses: actions/checkout@v7
with:
persist-credentials: false

- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@v4
with:
languages: python
queries: security-and-quality

- name: Autobuild
uses: github/codeql-action/autobuild@v3
uses: github/codeql-action/autobuild@v4

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@v4
with:
category: "/language:python"

Expand All @@ -55,13 +55,13 @@ jobs:
if: github.event_name == 'pull_request'
steps:
- name: Harden runner
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
egress-policy: audit

- uses: actions/checkout@v4
- uses: actions/checkout@v7
with:
persist-credentials: false

- name: Dependency Review
uses: actions/dependency-review-action@v4
uses: actions/dependency-review-action@v5