From a5b0e612af84201a12bf91bc4ccdc41ab49af5c6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Jun 2025 12:58:26 +0000 Subject: [PATCH] Bump the ci-dependencies group across 1 directory with 3 updates Bumps the ci-dependencies group with 3 updates in the / directory: [actions/dependency-review-action](https://github.com/actions/dependency-review-action), [pypa/cibuildwheel](https://github.com/pypa/cibuildwheel) and [actions/download-artifact](https://github.com/actions/download-artifact). Updates `actions/dependency-review-action` from 4.6.0 to 4.7.1 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/ce3cf9537a52e8119d91fd484ab5b8a807627bf8...da24556b548a50705dd671f47852072ea4c105d9) Updates `pypa/cibuildwheel` from 2.23.2 to 2.23.3 - [Release notes](https://github.com/pypa/cibuildwheel/releases) - [Changelog](https://github.com/pypa/cibuildwheel/blob/main/docs/changelog.md) - [Commits](https://github.com/pypa/cibuildwheel/compare/d04cacbc9866d432033b1d09142936e6a0e2121a...faf86a6ed7efa889faf6996aa23820831055001a) Updates `actions/download-artifact` from 4.2.1 to 4.3.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/95815c38cf2ff2164869cbab79da8d1f422bc89e...d3f86a106a0bac45b974a628896c90dbdf5c8093) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-version: 4.7.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies - dependency-name: pypa/cibuildwheel dependency-version: 2.23.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci-dependencies - dependency-name: actions/download-artifact dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/dependency-review.yaml | 2 +- .github/workflows/python-build-publish.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml index 67161af..f3382a8 100644 --- a/.github/workflows/dependency-review.yaml +++ b/.github/workflows/dependency-review.yaml @@ -14,6 +14,6 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: 'Dependency Review' - uses: actions/dependency-review-action@ce3cf9537a52e8119d91fd484ab5b8a807627bf8 # v4.6.0 + uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4.7.1 with: config-file: darbiadev/.github/.github/dependency-review-config.yaml@a5bf74504f1a843e026621c41517952fa3a09f81 diff --git a/.github/workflows/python-build-publish.yaml b/.github/workflows/python-build-publish.yaml index 9625236..816ba36 100644 --- a/.github/workflows/python-build-publish.yaml +++ b/.github/workflows/python-build-publish.yaml @@ -20,7 +20,7 @@ jobs: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Build wheels - uses: pypa/cibuildwheel@d04cacbc9866d432033b1d09142936e6a0e2121a # v2.23.2 + uses: pypa/cibuildwheel@faf86a6ed7efa889faf6996aa23820831055001a # v2.23.3 - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: @@ -51,7 +51,7 @@ jobs: id-token: write if: github.event_name == 'release' && github.event.action == 'published' steps: - - uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1 + - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: # unpacks all CIBW artifacts into dist/ pattern: cibw-*