Bump the github-action-dependencies group across 1 directory with 3 u…

…pdates Bumps the github-action-dependencies group with 3 updates in the / directory: [actions/setup-python](https://github.com/actions/setup-python), [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) and [SonarSource/sonarcloud-github-action](https://github.com/sonarsource/sonarcloud-github-action). Updates `actions/setup-python` from 5.1.0 to 5.2.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5.1.0...v5.2.0) Updates `pypa/gh-action-pypi-publish` from 1.9.0 to 1.10.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](pypa/gh-action-pypi-publish@v1.9.0...v1.10.0) Updates `SonarSource/sonarcloud-github-action` from 2.3.0 to 3.0.0 - [Release notes](https://github.com/sonarsource/sonarcloud-github-action/releases) - [Commits](SonarSource/sonarcloud-github-action@v2.3.0...v3.0.0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies - dependency-name: pypa/gh-action-pypi-publish dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies - dependency-name: SonarSource/sonarcloud-github-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-action-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>
statisticsnorway · Sep 1, 2024 · e406d04 · e406d04
1 parent 1e631a5
commit e406d04
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -34,7 +34,7 @@ jobs:
           poetry --version
 
       - name: Set up Python
-        uses: actions/setup-python@v5.1.0
+        uses: actions/setup-python@v5.2.0
         with:
           python-version: "3.11"
           cache: "poetry"

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -21,7 +21,7 @@ jobs:
           fetch-depth: 2
 
       - name: Set up Python
-        uses: actions/setup-python@v5.1.0
+        uses: actions/setup-python@v5.2.0
         with:
           python-version: "3.12"
 
@@ -61,11 +61,11 @@ jobs:
 
       - name: Publish package on PyPI
         if: steps.check-version.outputs.tag
-        uses: pypa/gh-action-pypi-publish@v1.9.0
+        uses: pypa/gh-action-pypi-publish@v1.10.0
 
       - name: Publish package on TestPyPI
         if: "! steps.check-version.outputs.tag"
-        uses: pypa/gh-action-pypi-publish@v1.9.0
+        uses: pypa/gh-action-pypi-publish@v1.10.0
         with:
           repository-url: https://test.pypi.org/legacy/
 

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -38,7 +38,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Python ${{ matrix.python }}
-        uses: actions/setup-python@v5.1.0
+        uses: actions/setup-python@v5.2.0
         with:
           python-version: ${{ matrix.python }}
 
@@ -120,7 +120,7 @@ jobs:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
 
       - name: Set up Python
-        uses: actions/setup-python@v5.1.0
+        uses: actions/setup-python@v5.2.0
         with:
           python-version: "3.12"
 
@@ -167,4 +167,4 @@ jobs:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         # No need to run SonarCloud analysis if dependabot update or token not defined
         if: env.SONAR_TOKEN != '' && (github.actor != 'dependabot[bot]')
-        uses: SonarSource/sonarcloud-github-action@v2.3.0
+        uses: SonarSource/sonarcloud-github-action@v3.0.0