chore: bump the action-dependencies group with 4 updates (#2156)

dependabot[bot] · web-flow · commit 2705a9ed3a6f · 2026-04-12T12:19:47.000-04:00
Bumps the action-dependencies group with 4 updates: [github/codeql-action](https://github.com/github/codeql-action), [schneegans/dynamic-badges-action](https://github.com/schneegans/dynamic-badges-action), [sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python) and [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv). Updates `github/codeql-action` from 4.31.9 to 4.35.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@5d4e8d1...c10b806) Updates `schneegans/dynamic-badges-action` from 1.7.0 to 1.8.0 - [Release notes](https://github.com/schneegans/dynamic-badges-action/releases) - [Changelog](https://github.com/Schneegans/dynamic-badges-action/blob/master/changelog.md) - [Commits](Schneegans/dynamic-badges-action@e9a478b...0e50b8b) Updates `sigstore/gh-action-sigstore-python` from 3.2.0 to 3.3.0 - [Release notes](https://github.com/sigstore/gh-action-sigstore-python/releases) - [Changelog](https://github.com/sigstore/gh-action-sigstore-python/blob/main/CHANGELOG.md) - [Commits](sigstore/gh-action-sigstore-python@a5caf34...04cffa1) Updates `astral-sh/setup-uv` from 7.6.0 to 8.0.0 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](astral-sh/setup-uv@37802ad...cec2083) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: action-dependencies - dependency-name: schneegans/dynamic-badges-action dependency-version: 1.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: action-dependencies - dependency-name: sigstore/gh-action-sigstore-python dependency-version: 3.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: action-dependencies - dependency-name: astral-sh/setup-uv dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: action-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -55,7 +55,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+        uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -66,7 +66,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+        uses: github/codeql-action/autobuild@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 https://git.io/JvXDl
@@ -80,4 +80,4 @@ jobs:
       #   make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
+        uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
@@ -338,7 +338,7 @@ jobs:
           github.repository_owner == 'coveragepy'
           && github.ref == 'refs/heads/main'
         # https://gist.githubusercontent.com/nedbat/8c6980f77988a327348f9b02bbaf67f5
-        uses: schneegans/dynamic-badges-action@e9a478b16159b4d31420099ba146cdc50f134483 # v1.7.0
+        uses: schneegans/dynamic-badges-action@0e50b8bad39e7e1afd3e4e9c2b7dd145fad07501 # v1.8.0
         with:
           # Personal access token: gist access
           auth: ${{ secrets.METACOV_GIST_SECRET }}
diff --git a/.github/workflows/kit.yml b/.github/workflows/kit.yml
@@ -295,7 +295,7 @@ jobs:
           files=$(ls coverage-* 2>/dev/null | wc -l) && [ "$files" -eq $EXPECTED ] || exit 1
 
       - name: "Sign artifacts"
-        uses: sigstore/gh-action-sigstore-python@a5caf349bc536fbef3668a10ed7f5cd309a4b53d # v3.2.0
+        uses: sigstore/gh-action-sigstore-python@04cffa1d795717b140764e8b640de88853c92acc # v3.3.0
         with:
           inputs: coverage-*.*
 
diff --git a/.github/workflows/quality.yml b/.github/workflows/quality.yml
@@ -184,7 +184,7 @@ jobs:
           persist-credentials: false
 
       - name: "Install uv"
-        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0
+        uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 # v8.0.0
         with:
           enable-cache: false
 
