diff --git a/.github/workflows/_check.yml b/.github/workflows/_check.yml index a6139c1..98897ff 100644 --- a/.github/workflows/_check.yml +++ b/.github/workflows/_check.yml @@ -11,7 +11,7 @@ jobs: outputs: branch-pr: ${{ steps.script.outputs.result }} steps: - - uses: actions/github-script@v7 + - uses: actions/github-script@v8 id: script if: github.event_name == 'push' with: diff --git a/.github/workflows/_container.yml b/.github/workflows/_container.yml index da5e493..95435be 100644 --- a/.github/workflows/_container.yml +++ b/.github/workflows/_container.yml @@ -7,25 +7,25 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: # Need this to get version number from last tag fetch-depth: 0 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Log in to GitHub Docker Registry if: github.event_name != 'pull_request' - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and export to Docker local cache - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 env: DOCKER_BUILD_RECORD_UPLOAD: false with: @@ -39,7 +39,7 @@ jobs: - name: Create tags for publishing image id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@v6 with: images: ghcr.io/${{ github.repository }} tags: | @@ -48,7 +48,7 @@ jobs: - name: Push cached image to container registry if: github.ref_type == 'tag' - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 env: DOCKER_BUILD_RECORD_UPLOAD: false # This does not build the image again, it will find the image in the diff --git a/.github/workflows/_dist.yml b/.github/workflows/_dist.yml index b1c4c93..bb46674 100644 --- a/.github/workflows/_dist.yml +++ b/.github/workflows/_dist.yml @@ -7,7 +7,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: # Need this to get version number from last tag fetch-depth: 0 @@ -18,7 +18,7 @@ jobs: pipx run build - name: Upload sdist and wheel as artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: dist path: dist diff --git a/.github/workflows/_release.yml b/.github/workflows/_release.yml index 517bcf8..37f700e 100644 --- a/.github/workflows/_release.yml +++ b/.github/workflows/_release.yml @@ -7,7 +7,7 @@ jobs: steps: - name: Download artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: merge-multiple: true @@ -23,7 +23,7 @@ jobs: - name: Create GitHub Release # We pin to the SHA, not the tag, for security reasons. # https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions - uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda # v2.2.1 + uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0 with: prerelease: ${{ contains(github.ref_name, 'a') || contains(github.ref_name, 'b') || contains(github.ref_name, 'rc') }} files: "*" diff --git a/.github/workflows/_test.yml b/.github/workflows/_test.yml index ffef2ea..bd06e40 100644 --- a/.github/workflows/_test.yml +++ b/.github/workflows/_test.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: # Need this to get version number from last tag fetch-depth: 0 @@ -38,7 +38,7 @@ jobs: - if: inputs.python-version == 'dev' name: Upload dev-requirements.txt - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: dev-requirements path: /tmp/dev-requirements.txt diff --git a/.github/workflows/_tox.yml b/.github/workflows/_tox.yml index a13536d..f7bd4d1 100644 --- a/.github/workflows/_tox.yml +++ b/.github/workflows/_tox.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Install python packages uses: ./.github/actions/install_requirements