Bump the github-actions group with 3 updates

author dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Thu, 1 Aug 2024 07:36:57 +0000 (07:36 +0000)

committer GitHub <noreply@github.com>

Thu, 1 Aug 2024 07:36:57 +0000 (07:36 +0000)
author dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Thu, 1 Aug 2024 07:36:57 +0000 (07:36 +0000)
committer GitHub <noreply@github.com>
Thu, 1 Aug 2024 07:36:57 +0000 (07:36 +0000)
diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml

index 4b8d652ccb0153cae516d87152c647406470a2dc..2d6d66e8d485967a220ff98ad31067f2c7c7295a 100644 (file)
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@@ -10,7 +10,7 @@ jobs:
        hash: ${{ steps.hash.outputs.hash }}
      steps:
        - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-      - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
+      - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
          with:
            python-version: '3.x'
            cache: pip
@@ -23,7 +23,7 @@ jobs:
        - name: generate hash
          id: hash
          run: cd dist && echo "hash=$(sha256sum * | base64 -w0)" >> $GITHUB_OUTPUT
-      - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
+      - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
          with:
            path: ./dist
    provenance:
@@ -44,7 +44,7 @@ jobs:
      permissions:
        contents: write
      steps:
-      - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+      - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
        - name: create release
          run: >
            gh release create --draft --repo ${{ github.repository }}
@@ -63,7 +63,7 @@ jobs:
      permissions:
        id-token: write
      steps:
-      - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+      - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
        - uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # v1.9.0
          with:
            repository-url: https://test.pypi.org/legacy/
diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml

index 9fa3bd2bce634d8839c7282acbb604a00c8253b3..4a755422f72a56dfbf70776e67db72e4ac39b2a4 100644 (file)
--- a/.github/workflows/tests.yaml
+++ b/.github/workflows/tests.yaml
@@ -32,7 +32,7 @@ jobs:
            - {name: PyPy, python: 'pypy-3.10', tox: pypy310}
      steps:
        - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-      - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
+      - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
          with:
            python-version: ${{ matrix.python }}
            allow-prereleases: true
@@ -44,7 +44,7 @@ jobs:
      runs-on: ubuntu-latest
      steps:
        - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
-      - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
+      - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
          with:
            python-version: '3.x'
            cache: pip
author	dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
	Thu, 1 Aug 2024 07:36:57 +0000 (07:36 +0000)
committer	GitHub <noreply@github.com>
	Thu, 1 Aug 2024 07:36:57 +0000 (07:36 +0000)
.github/workflows/publish.yaml		patch \| blob \| blame \| history
.github/workflows/tests.yaml		patch \| blob \| blame \| history