From 0e5e5738c79aa8c6f8f84bc690a2ee3d1bd6176f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 17 Jul 2026 07:27:37 +0000 Subject: [PATCH] chore(deps): bump the dependencies group with 8 updates Bumps the dependencies group with 8 updates: | Package | From | To | | --- | --- | --- | | [github-community-projects/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml](https://github.com/github-community-projects/ospo-reusable-workflows) | `1.2.1` | `1.2.2` | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.19.4` | `2.20.0` | | [github/codeql-action/init](https://github.com/github/codeql-action) | `4.36.3` | `4.37.0` | | [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.36.3` | `4.37.0` | | [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `8.2.0` | `8.3.2` | | [github-community-projects/ospo-reusable-workflows/.github/workflows/pr-title.yaml](https://github.com/github-community-projects/ospo-reusable-workflows) | `1.2.1` | `1.2.2` | | [github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml](https://github.com/github-community-projects/ospo-reusable-workflows) | `1.2.1` | `1.2.2` | | [actions/stale](https://github.com/actions/stale) | `10.3.0` | `10.4.0` | Updates `github-community-projects/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml` from 1.2.1 to 1.2.2 - [Release notes](https://github.com/github-community-projects/ospo-reusable-workflows/releases) - [Changelog](https://github.com/github-community-projects/ospo-reusable-workflows/blob/main/docs/release.md) - [Commits](https://github.com/github-community-projects/ospo-reusable-workflows/compare/7fc8753b3666b929250bb6241ce4b2d35f316a11...5193129233b450e9174d4d92fcc467919a989882) Updates `step-security/harden-runner` from 2.19.4 to 2.20.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/9af89fc71515a100421586dfdb3dc9c984fbf411...bf7454d06d71f1098171f2acdf0cd4708d7b5920) Updates `github/codeql-action/init` from 4.36.3 to 4.37.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/54f647b7e1bb85c95cddabcd46b0c578ec92bc1a...99df26d4f13ea111d4ec1a7dddef6063f76b97e9) Updates `github/codeql-action/analyze` from 4.36.3 to 4.37.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/54f647b7e1bb85c95cddabcd46b0c578ec92bc1a...99df26d4f13ea111d4ec1a7dddef6063f76b97e9) Updates `astral-sh/setup-uv` from 8.2.0 to 8.3.2 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/fac544c07dec837d0ccb6301d7b5580bf5edae39...11f9893b081a58869d3b5fccaea48c9e9e46f990) Updates `github-community-projects/ospo-reusable-workflows/.github/workflows/pr-title.yaml` from 1.2.1 to 1.2.2 - [Release notes](https://github.com/github-community-projects/ospo-reusable-workflows/releases) - [Changelog](https://github.com/github-community-projects/ospo-reusable-workflows/blob/main/docs/release.md) - [Commits](https://github.com/github-community-projects/ospo-reusable-workflows/compare/7fc8753b3666b929250bb6241ce4b2d35f316a11...5193129233b450e9174d4d92fcc467919a989882) Updates `github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml` from 1.2.1 to 1.2.2 - [Release notes](https://github.com/github-community-projects/ospo-reusable-workflows/releases) - [Changelog](https://github.com/github-community-projects/ospo-reusable-workflows/blob/main/docs/release.md) - [Commits](https://github.com/github-community-projects/ospo-reusable-workflows/compare/7fc8753b3666b929250bb6241ce4b2d35f316a11...5193129233b450e9174d4d92fcc467919a989882) Updates `actions/stale` from 10.3.0 to 10.4.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899...1e223db275d687790206a7acac4d1a11bd6fe629) --- updated-dependencies: - dependency-name: github-community-projects/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml dependency-version: 1.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: step-security/harden-runner dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action/init dependency-version: 4.37.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action/analyze dependency-version: 4.37.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: astral-sh/setup-uv dependency-version: 8.3.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github-community-projects/ospo-reusable-workflows/.github/workflows/pr-title.yaml dependency-version: 1.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml dependency-version: 1.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: actions/stale dependency-version: 10.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/auto-labeler.yml | 2 +- .github/workflows/codeql.yml | 6 +++--- .github/workflows/copilot-setup-steps.yml | 4 ++-- .github/workflows/dependency-review.yml | 2 +- .github/workflows/docker-ci.yml | 2 +- .github/workflows/linter.yaml | 4 ++-- .github/workflows/mark-ready-when-ready.yml | 2 +- .github/workflows/pr-title.yml | 2 +- .github/workflows/python-ci.yml | 4 ++-- .github/workflows/release.yml | 2 +- .github/workflows/stale.yaml | 4 ++-- 11 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/auto-labeler.yml b/.github/workflows/auto-labeler.yml index 7ad34bd..05cecfc 100644 --- a/.github/workflows/auto-labeler.yml +++ b/.github/workflows/auto-labeler.yml @@ -11,7 +11,7 @@ jobs: permissions: contents: write pull-requests: write - uses: github-community-projects/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml@7fc8753b3666b929250bb6241ce4b2d35f316a11 + uses: github-community-projects/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml@5193129233b450e9174d4d92fcc467919a989882 with: config-name: release-drafter.yml secrets: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b6dc066..c879942 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit @@ -52,7 +52,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 + uses: github/codeql-action/init@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4.37.0 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -67,6 +67,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 + uses: github/codeql-action/analyze@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4.37.0 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index 301c55b..da84b55 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -26,7 +26,7 @@ jobs: # If you do not check out your code, Copilot will do this for you. steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit @@ -36,7 +36,7 @@ jobs: persist-credentials: false - name: Install uv - uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 + uses: astral-sh/setup-uv@11f9893b081a58869d3b5fccaea48c9e9e46f990 # v8.3.2 with: version: "0.10.9" enable-cache: true diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 1f71472..dfa90f4 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit diff --git a/.github/workflows/docker-ci.yml b/.github/workflows/docker-ci.yml index 42d28a4..466d705 100644 --- a/.github/workflows/docker-ci.yml +++ b/.github/workflows/docker-ci.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit diff --git a/.github/workflows/linter.yaml b/.github/workflows/linter.yaml index 085fd74..f3752d1 100644 --- a/.github/workflows/linter.yaml +++ b/.github/workflows/linter.yaml @@ -22,7 +22,7 @@ jobs: statuses: write steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit @@ -34,7 +34,7 @@ jobs: fetch-depth: 0 persist-credentials: false - name: Install uv - uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 + uses: astral-sh/setup-uv@11f9893b081a58869d3b5fccaea48c9e9e46f990 # v8.3.2 with: version: "0.10.9" enable-cache: true diff --git a/.github/workflows/mark-ready-when-ready.yml b/.github/workflows/mark-ready-when-ready.yml index 83df844..a378b89 100644 --- a/.github/workflows/mark-ready-when-ready.yml +++ b/.github/workflows/mark-ready-when-ready.yml @@ -25,7 +25,7 @@ jobs: github.event.pull_request.draft == true steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index d753cf9..ed71e7e 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -12,6 +12,6 @@ jobs: contents: read pull-requests: read statuses: write - uses: github-community-projects/ospo-reusable-workflows/.github/workflows/pr-title.yaml@7fc8753b3666b929250bb6241ce4b2d35f316a11 + uses: github-community-projects/ospo-reusable-workflows/.github/workflows/pr-title.yaml@5193129233b450e9174d4d92fcc467919a989882 secrets: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/python-ci.yml b/.github/workflows/python-ci.yml index 5606837..18bead9 100644 --- a/.github/workflows/python-ci.yml +++ b/.github/workflows/python-ci.yml @@ -18,7 +18,7 @@ jobs: python-version: [3.11, 3.12, 3.13, 3.14] steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit @@ -26,7 +26,7 @@ jobs: with: persist-credentials: false - name: Install uv - uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 + uses: astral-sh/setup-uv@11f9893b081a58869d3b5fccaea48c9e9e46f990 # v8.3.2 with: version: "0.10.9" enable-cache: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 203dd55..d8df02f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,7 +16,7 @@ jobs: id-token: write # Federate for artifact attestation attestations: write # Generate build provenance attestations discussions: write # Create release announcement discussion - uses: github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml@7fc8753b3666b929250bb6241ce4b2d35f316a11 # v1.2.1 + uses: github-community-projects/ospo-reusable-workflows/.github/workflows/release.yaml@5193129233b450e9174d4d92fcc467919a989882 # v1.2.2 with: publish: true release-config-name: release-drafter.yml diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index 6021501..b1cc008 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -14,11 +14,11 @@ jobs: pull-requests: read steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - - uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0 + - uses: actions/stale@1e223db275d687790206a7acac4d1a11bd6fe629 # v10.4.0 with: stale-issue-message: "This issue is stale because it has been open 21 days with no activity. Remove stale label or comment or this will be closed in 14 days." close-issue-message: "This issue was closed because it has been stalled for 35 days with no activity."