diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 5350997..64284b9 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,7 +5,3 @@ updates: directory: "/" schedule: interval: "monthly" - - package-ecosystem: "uv" - directory: "/" - schedule: - interval: "monthly" diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index ab6eceb..cb42246 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -10,5 +10,5 @@ jobs: pre-commit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 - - uses: j178/prek-action@v2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: j178/prek-action@cbc2f23eb5539cf20d82d1aabd0d0ecbcc56f4e3 # v2.0.2 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index d1e3f30..61031ab 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -3,7 +3,7 @@ name: Upload Python Package "on": release: - types: [created] + types: [ created ] jobs: publish: @@ -13,13 +13,13 @@ jobs: # IMPORTANT: this permission is mandatory for trusted publishing id-token: write steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version-file: "pyproject.toml" - name: Install uv - uses: astral-sh/setup-uv@v7 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 with: activate-environment: "true" - name: Install dependencies @@ -28,4 +28,4 @@ jobs: - name: Build run: python -m build - name: Publish package distributions to PyPI - uses: pypa/gh-action-pypi-publish@release/v1 + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0 diff --git a/.github/workflows/test-release.yaml b/.github/workflows/test-release.yaml index 8606a89..094cb64 100644 --- a/.github/workflows/test-release.yaml +++ b/.github/workflows/test-release.yaml @@ -3,7 +3,7 @@ name: Test Upload Python Package to Test PyPI "on": push: - branches: [main] + branches: [ main ] jobs: publish: @@ -13,17 +13,17 @@ jobs: # IMPORTANT: this permission is mandatory for trusted publishing id-token: write env: - SETUPTOOLS_SCM_OVERRIDES_FOR_CO2MINI: '{local_scheme = "no-local-version"}' + SETUPTOOLS_SCM_OVERRIDES_FOR_CO2MINI: "{local_scheme = \"no-local-version\"}" steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version-file: "pyproject.toml" - name: Install uv - uses: astral-sh/setup-uv@v7 + uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 with: activate-environment: "true" - name: Install dependencies @@ -32,7 +32,7 @@ jobs: - name: Build run: python -m build - name: Publish package distributions to PyPI - uses: pypa/gh-action-pypi-publish@release/v1 + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0 with: repository-url: https://test.pypi.org/legacy/ verbose: true diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index c9508da..4ff1d61 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -10,7 +10,7 @@ repos: - id: trailing-whitespace - repo: https://github.com/astral-sh/ruff-pre-commit # Ruff version. - rev: v0.14.10 + rev: v0.15.12 hooks: # Run the linter. - id: ruff-check