From fb1ccaa0cea1a6c5b612dc0515a50bee0f2b1635 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Dec 2025 10:26:48 +0000 Subject: [PATCH] chore(deps): update github-actions: bump the github-actions-version-updates group across 1 directory with 5 updates Bumps the github-actions-version-updates group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4` | `6` | | [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `4` | `7` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `5` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4` | `6` | | [actions/setup-python](https://github.com/actions/setup-python) | `6.0.0` | `6.1.0` | Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4...v6) Updates `astral-sh/setup-uv` from 4 to 7 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/v4...v7) Updates `actions/upload-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v5) Updates `actions/download-artifact` from 4 to 6 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v6) Updates `actions/setup-python` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/e797f83bcb11b83ae66e0230d6156d7c80228e7c...83679a892e2d95755f2dac6acb0bfd1e9ac5d548) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-version-updates - dependency-name: astral-sh/setup-uv dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-version-updates - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-version-updates - dependency-name: actions/download-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-version-updates - dependency-name: actions/setup-python dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-version-updates ... Signed-off-by: dependabot[bot] --- .github/workflows/bandit.yml | 2 +- .github/workflows/pypi-publish-on-release.yml | 10 +++++----- .github/workflows/python-integ.yml | 6 +++--- .github/workflows/python.yml | 10 +++++----- .github/workflows/test-pypi-publish.yml | 10 +++++----- 5 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml index 119672e..864139f 100644 --- a/.github/workflows/bandit.yml +++ b/.github/workflows/bandit.yml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Bandit Scan uses: shundor/python-bandit-scan@ab1d87dfccc5a0ffab88be3aaac6ffe35c10d6cd diff --git a/.github/workflows/pypi-publish-on-release.yml b/.github/workflows/pypi-publish-on-release.yml index d7567c9..dc4b947 100644 --- a/.github/workflows/pypi-publish-on-release.yml +++ b/.github/workflows/pypi-publish-on-release.yml @@ -35,18 +35,18 @@ jobs: contents: read steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false - name: Set up uv - uses: astral-sh/setup-uv@v4 + uses: astral-sh/setup-uv@v7 - name: Build distribution packages run: uv build - name: Upload distribution packages - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v6 with: name: python-package-distributions path: dist/ @@ -61,13 +61,13 @@ jobs: id-token: write steps: - name: Download distribution packages - uses: actions/download-artifact@v5 + uses: actions/download-artifact@v7 with: name: python-package-distributions path: dist/ - name: Set up uv - uses: astral-sh/setup-uv@v4 + uses: astral-sh/setup-uv@v7 - name: Publish to PyPI run: uv publish diff --git a/.github/workflows/python-integ.yml b/.github/workflows/python-integ.yml index a6302c3..f590f6e 100644 --- a/.github/workflows/python-integ.yml +++ b/.github/workflows/python-integ.yml @@ -28,15 +28,15 @@ jobs: AGENTCORE_RUNTIME_ARN: ${{ secrets.AgentCoreRuntimeArn }} steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ inputs.ref || github.ref }} - name: Install uv - uses: astral-sh/setup-uv@85856786d1ce8acfbcc2f13a5f3fbd6b938f9f41 # v7.1.2 + uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ matrix.python-version }} diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index fbc2384..8c87027 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -30,15 +30,15 @@ jobs: security-events: write actions: read steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ inputs.ref || github.ref }} - name: Install uv - uses: astral-sh/setup-uv@85856786d1ce8acfbcc2f13a5f3fbd6b938f9f41 # v7.1.2 + uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6 - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version-file: ".python-version" # cache: uv (not supported) @@ -81,7 +81,7 @@ jobs: run: uv build - name: Upload distribution - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: path: dist/ @@ -191,7 +191,7 @@ jobs: python - - name: Upload Software Bill of Materials - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: sbom-mcp-proxy-for-aws path: sbom.json diff --git a/.github/workflows/test-pypi-publish.yml b/.github/workflows/test-pypi-publish.yml index 3ced2fd..7d9cf19 100644 --- a/.github/workflows/test-pypi-publish.yml +++ b/.github/workflows/test-pypi-publish.yml @@ -33,18 +33,18 @@ jobs: contents: read steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false - name: Set up uv - uses: astral-sh/setup-uv@v4 + uses: astral-sh/setup-uv@v7 - name: Build distribution packages run: uv build - name: Upload distribution packages - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v6 with: name: python-package-distributions path: dist/ @@ -59,13 +59,13 @@ jobs: id-token: write steps: - name: Download distribution packages - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v7 with: name: python-package-distributions path: dist/ - name: Set up uv - uses: astral-sh/setup-uv@v4 + uses: astral-sh/setup-uv@v7 - name: Publish to TestPyPI run: uv publish --publish-url https://test.pypi.org/legacy/