From 050326bbee74540ca9ad006b5ad15b451cac7474 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Mar 2025 17:48:47 +0000 Subject: [PATCH 01/16] chore(deps): bump numpy from 2.2.3 to 2.2.4 in the dependencies group Bumps the dependencies group with 1 update: [numpy](https://github.com/numpy/numpy). Updates `numpy` from 2.2.3 to 2.2.4 - [Release notes](https://github.com/numpy/numpy/releases) - [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst) - [Commits](https://github.com/numpy/numpy/compare/v2.2.3...v2.2.4) --- updated-dependencies: - dependency-name: numpy dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 2a75024..a0cb948 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,5 @@ github3.py==4.0.1 -numpy==2.2.3 +numpy==2.2.4 python-dotenv==1.0.1 pytz==2025.1 requests==2.32.3 From 33c023da9faed217f8e934775fd56ae055982ca7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Mar 2025 17:36:42 +0000 Subject: [PATCH 02/16] chore(deps): bump the dependencies group with 2 updates Bumps the dependencies group with 2 updates: [actions/upload-artifact](https://github.com/actions/upload-artifact) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/upload-artifact` from 4.6.1 to 4.6.2 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4.6.1...v4.6.2) Updates `github/codeql-action` from 3.28.11 to 3.28.13 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/6bb031afdd8eb862ea3fc1848194185e076637e5...1b549b9259bda1cb5ddde3b41741a82a2d15a841) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/scorecard.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index e2dd8b5..ef7ee63 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -36,12 +36,12 @@ jobs: results_format: sarif publish_results: true - name: "Upload artifact" - uses: actions/upload-artifact@v4.6.1 + uses: actions/upload-artifact@v4.6.2 with: name: SARIF file path: results.sarif retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.24.9 + uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.24.9 with: sarif_file: results.sarif From 4894f994741e058a87ea8c7175975337882db05e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Mar 2025 18:21:44 +0000 Subject: [PATCH 03/16] chore(deps): bump python from `f3614d9` to `8f3aba4` Bumps python from `f3614d9` to `8f3aba4`. --- updated-dependencies: - dependency-name: python dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 1f4595e..e2d475c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ #checkov:skip=CKV_DOCKER_2 #checkov:skip=CKV_DOCKER_3 -FROM python:3.13-slim@sha256:f3614d98f38b0525d670f287b0474385952e28eb43016655dd003d0e28cf8652 +FROM python:3.13-slim@sha256:8f3aba466a471c0ab903dbd7cb979abd4bda370b04789d25440cc90372b50e04 LABEL com.github.actions.name="issue-metrics" \ com.github.actions.description="Gather metrics on issues/prs/discussions such as time to first response, count of issues opened, closed, etc." \ com.github.actions.icon="check-square" \ From 10c915ad0f52b38bc216ab3fb4b83104a2b5ae13 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Mar 2025 18:35:29 +0000 Subject: [PATCH 04/16] chore(deps): bump pylint from 3.3.4 to 3.3.6 in the dependencies group Bumps the dependencies group with 1 update: [pylint](https://github.com/pylint-dev/pylint). Updates `pylint` from 3.3.4 to 3.3.6 - [Release notes](https://github.com/pylint-dev/pylint/releases) - [Commits](https://github.com/pylint-dev/pylint/compare/v3.3.4...v3.3.6) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index 985fbd9..c624856 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -2,7 +2,7 @@ black==25.1.0 flake8==7.1.2 mypy==1.15.0 mypy-extensions==1.0.0 -pylint==3.3.4 +pylint==3.3.6 pytest==8.3.5 pytest-cov==6.0.0 types-pytz==2025.1.0.20250204 From d71bb6644b4f6b48bf64a6494ee2c7c4b7760f8e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Mar 2025 18:41:49 +0000 Subject: [PATCH 05/16] chore(deps): bump types-pytz from 2025.1.0.20250204 to 2025.1.0.20250318 Bumps [types-pytz](https://github.com/python/typeshed) from 2025.1.0.20250204 to 2025.1.0.20250318. - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-pytz dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index c624856..9d53069 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -5,5 +5,5 @@ mypy-extensions==1.0.0 pylint==3.3.6 pytest==8.3.5 pytest-cov==6.0.0 -types-pytz==2025.1.0.20250204 +types-pytz==2025.1.0.20250318 types-requests==2.32.0.20250306 From 46537ff620a82cb6d08fa50d5ed5df34fc56b20c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Mar 2025 18:01:45 +0000 Subject: [PATCH 06/16] chore(deps): bump actions/setup-python in the dependencies group Bumps the dependencies group with 1 update: [actions/setup-python](https://github.com/actions/setup-python). Updates `actions/setup-python` from 5.4.0 to 5.5.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5.4.0...v5.5.0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/linter.yaml | 2 +- .github/workflows/python-package.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/linter.yaml b/.github/workflows/linter.yaml index 6e8db3f..de76ffc 100644 --- a/.github/workflows/linter.yaml +++ b/.github/workflows/linter.yaml @@ -23,7 +23,7 @@ jobs: # Full git history is needed to get a proper # list of changed files within `super-linter` fetch-depth: 0 - - uses: actions/setup-python@v5.4.0 + - uses: actions/setup-python@v5.5.0 with: python-version: "3.12" - name: Install dependencies diff --git a/.github/workflows/python-package.yml b/.github/workflows/python-package.yml index 4a6f098..5258d18 100644 --- a/.github/workflows/python-package.yml +++ b/.github/workflows/python-package.yml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@v4.2.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5.4.0 + uses: actions/setup-python@v5.5.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies From f2fd76034460c36b2bec52b129c4e9c93d03b02c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Mar 2025 18:02:05 +0000 Subject: [PATCH 07/16] chore(deps): bump the dependencies group with 4 updates Bumps the dependencies group with 4 updates: [flake8](https://github.com/pycqa/flake8), [types-pytz](https://github.com/python/typeshed), [python-dotenv](https://github.com/theskumar/python-dotenv) and [pytz](https://github.com/stub42/pytz). Updates `flake8` from 7.1.2 to 7.2.0 - [Commits](https://github.com/pycqa/flake8/compare/7.1.2...7.2.0) Updates `types-pytz` from 2025.1.0.20250318 to 2025.2.0.20250326 - [Commits](https://github.com/python/typeshed/commits) Updates `python-dotenv` from 1.0.1 to 1.1.0 - [Release notes](https://github.com/theskumar/python-dotenv/releases) - [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md) - [Commits](https://github.com/theskumar/python-dotenv/compare/v1.0.1...v1.1.0) Updates `pytz` from 2025.1 to 2025.2 - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](https://github.com/stub42/pytz/compare/release_2025.1...release_2025.2) --- updated-dependencies: - dependency-name: flake8 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: types-pytz dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: python-dotenv dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 4 ++-- requirements.txt | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/requirements-test.txt b/requirements-test.txt index 9d53069..e3c5501 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -1,9 +1,9 @@ black==25.1.0 -flake8==7.1.2 +flake8==7.2.0 mypy==1.15.0 mypy-extensions==1.0.0 pylint==3.3.6 pytest==8.3.5 pytest-cov==6.0.0 -types-pytz==2025.1.0.20250318 +types-pytz==2025.2.0.20250326 types-requests==2.32.0.20250306 diff --git a/requirements.txt b/requirements.txt index a0cb948..a2f0904 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,5 @@ github3.py==4.0.1 numpy==2.2.4 -python-dotenv==1.0.1 -pytz==2025.1 +python-dotenv==1.1.0 +pytz==2025.2 requests==2.32.3 From 84cb8d4790f8cf4112f11610abddae5f7728bfd4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Mar 2025 18:05:51 +0000 Subject: [PATCH 08/16] chore(deps): bump types-requests from 2.32.0.20250306 to 2.32.0.20250328 Bumps [types-requests](https://github.com/python/typeshed) from 2.32.0.20250306 to 2.32.0.20250328. - [Commits](https://github.com/python/typeshed/commits) --- updated-dependencies: - dependency-name: types-requests dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index e3c5501..f4e0afd 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -6,4 +6,4 @@ pylint==3.3.6 pytest==8.3.5 pytest-cov==6.0.0 types-pytz==2025.2.0.20250326 -types-requests==2.32.0.20250306 +types-requests==2.32.0.20250328 From bfd15465fa170544efef915969adbc9ecdefb2d5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Apr 2025 17:52:46 +0000 Subject: [PATCH 09/16] chore(deps): bump github/codeql-action in the dependencies group Bumps the dependencies group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3.28.13 to 3.28.14 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/1b549b9259bda1cb5ddde3b41741a82a2d15a841...fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.28.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index ef7ee63..b74fbe1 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -42,6 +42,6 @@ jobs: path: results.sarif retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.24.9 + uses: github/codeql-action/upload-sarif@fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2 # v3.24.9 with: sarif_file: results.sarif From c8e591870e0e1bccb85f81faf9d16f4f16e7b77a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Apr 2025 18:18:27 +0000 Subject: [PATCH 10/16] chore(deps): bump pytest-cov in the dependencies group Bumps the dependencies group with 1 update: [pytest-cov](https://github.com/pytest-dev/pytest-cov). Updates `pytest-cov` from 6.0.0 to 6.1.1 - [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest-cov/compare/v6.0.0...v6.1.1) --- updated-dependencies: - dependency-name: pytest-cov dependency-version: 6.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index f4e0afd..7d6d42c 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -4,6 +4,6 @@ mypy==1.15.0 mypy-extensions==1.0.0 pylint==3.3.6 pytest==8.3.5 -pytest-cov==6.0.0 +pytest-cov==6.1.1 types-pytz==2025.2.0.20250326 types-requests==2.32.0.20250328 From 4718c931f21c0ca45fc8a57002599c952e0ca77b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 14 Apr 2025 17:20:33 +0000 Subject: [PATCH 11/16] chore(deps): bump the dependencies group with 2 updates Bumps the dependencies group with 2 updates: [github/ospo-reusable-workflows](https://github.com/github/ospo-reusable-workflows) and [github/codeql-action](https://github.com/github/codeql-action). Updates `github/ospo-reusable-workflows` from 0.4.6 to 0.5.0 - [Release notes](https://github.com/github/ospo-reusable-workflows/releases) - [Changelog](https://github.com/github/ospo-reusable-workflows/blob/main/docs/release-image.md) - [Commits](https://github.com/github/ospo-reusable-workflows/compare/ecdd405ebb379e0713e348440e6e26e85fc06773...10cfc2f9be5fce5e90150dfbffc7c0f4e68108ab) Updates `github/codeql-action` from 3.28.14 to 3.28.15 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2...45775bd8235c68ba998cffa5171334d58593da47) --- updated-dependencies: - dependency-name: github/ospo-reusable-workflows dependency-version: 0.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action dependency-version: 3.28.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/auto-labeler.yml | 2 +- .github/workflows/pr-title.yml | 2 +- .github/workflows/release.yml | 6 +++--- .github/workflows/scorecard.yml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/auto-labeler.yml b/.github/workflows/auto-labeler.yml index f6da5ce..eb586cc 100644 --- a/.github/workflows/auto-labeler.yml +++ b/.github/workflows/auto-labeler.yml @@ -11,7 +11,7 @@ jobs: permissions: contents: write pull-requests: write - uses: github/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml@ecdd405ebb379e0713e348440e6e26e85fc06773 + uses: github/ospo-reusable-workflows/.github/workflows/auto-labeler.yaml@10cfc2f9be5fce5e90150dfbffc7c0f4e68108ab with: config-name: release-drafter.yml secrets: diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index 0655a34..e8d9e67 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -12,6 +12,6 @@ jobs: contents: read pull-requests: read statuses: write - uses: github/ospo-reusable-workflows/.github/workflows/pr-title.yaml@ecdd405ebb379e0713e348440e6e26e85fc06773 + uses: github/ospo-reusable-workflows/.github/workflows/pr-title.yaml@10cfc2f9be5fce5e90150dfbffc7c0f4e68108ab secrets: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 48c5387..d0b95bc 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,7 +12,7 @@ jobs: permissions: contents: write pull-requests: read - uses: github/ospo-reusable-workflows/.github/workflows/release.yaml@ecdd405ebb379e0713e348440e6e26e85fc06773 + uses: github/ospo-reusable-workflows/.github/workflows/release.yaml@10cfc2f9be5fce5e90150dfbffc7c0f4e68108ab with: publish: true release-config-name: release-drafter.yml @@ -25,7 +25,7 @@ jobs: packages: write id-token: write attestations: write - uses: github/ospo-reusable-workflows/.github/workflows/release-image.yaml@ecdd405ebb379e0713e348440e6e26e85fc06773 + uses: github/ospo-reusable-workflows/.github/workflows/release-image.yaml@10cfc2f9be5fce5e90150dfbffc7c0f4e68108ab with: image-name: ${{ github.repository_owner }}/issue_metrics full-tag: ${{ needs.release.outputs.full-tag }} @@ -40,7 +40,7 @@ jobs: permissions: contents: read discussions: write - uses: github/ospo-reusable-workflows/.github/workflows/release-discussion.yaml@ecdd405ebb379e0713e348440e6e26e85fc06773 + uses: github/ospo-reusable-workflows/.github/workflows/release-discussion.yaml@10cfc2f9be5fce5e90150dfbffc7c0f4e68108ab with: full-tag: ${{ needs.release.outputs.full-tag }} body: ${{ needs.release.outputs.body }} diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index b74fbe1..df8ef00 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -42,6 +42,6 @@ jobs: path: results.sarif retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2 # v3.24.9 + uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.24.9 with: sarif_file: results.sarif From 3765d396f4214baab8b55eb8c68391880d74bdcf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 14 Apr 2025 17:55:35 +0000 Subject: [PATCH 12/16] chore(deps): bump python from `8f3aba4` to `21e39cf` Bumps python from `8f3aba4` to `21e39cf`. --- updated-dependencies: - dependency-name: python dependency-version: 3.13-slim dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index e2d475c..51d286b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ #checkov:skip=CKV_DOCKER_2 #checkov:skip=CKV_DOCKER_3 -FROM python:3.13-slim@sha256:8f3aba466a471c0ab903dbd7cb979abd4bda370b04789d25440cc90372b50e04 +FROM python:3.13-slim@sha256:21e39cf1815802d4c6f89a0d3a166cc67ce58f95b6d1639e68a394c99310d2e5 LABEL com.github.actions.name="issue-metrics" \ com.github.actions.description="Gather metrics on issues/prs/discussions such as time to first response, count of issues opened, closed, etc." \ com.github.actions.icon="check-square" \ From d8bc64348ff29579ec571bc69a0a31f1ccef3a09 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Apr 2025 18:06:33 +0000 Subject: [PATCH 13/16] chore(deps): bump mypy-extensions in the dependencies group Bumps the dependencies group with 1 update: [mypy-extensions](https://github.com/python/mypy_extensions). Updates `mypy-extensions` from 1.0.0 to 1.1.0 - [Commits](https://github.com/python/mypy_extensions/compare/1.0.0...1.1.0) --- updated-dependencies: - dependency-name: mypy-extensions dependency-version: 1.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index 7d6d42c..de1d781 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -1,7 +1,7 @@ black==25.1.0 flake8==7.2.0 mypy==1.15.0 -mypy-extensions==1.0.0 +mypy-extensions==1.1.0 pylint==3.3.6 pytest==8.3.5 pytest-cov==6.1.1 From 896dd5548223dfb54667180cdc747d4434180dac Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Apr 2025 18:48:14 +0000 Subject: [PATCH 14/16] chore(deps): bump the dependencies group with 2 updates Bumps the dependencies group with 2 updates: [actions/setup-python](https://github.com/actions/setup-python) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/setup-python` from 5.5.0 to 5.6.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5.5.0...v5.6.0) Updates `github/codeql-action` from 3.28.15 to 3.28.16 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/45775bd8235c68ba998cffa5171334d58593da47...28deaeda66b76a05916b6923827895f2b14ab387) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: 5.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action dependency-version: 3.28.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/linter.yaml | 2 +- .github/workflows/python-package.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/linter.yaml b/.github/workflows/linter.yaml index de76ffc..94418b6 100644 --- a/.github/workflows/linter.yaml +++ b/.github/workflows/linter.yaml @@ -23,7 +23,7 @@ jobs: # Full git history is needed to get a proper # list of changed files within `super-linter` fetch-depth: 0 - - uses: actions/setup-python@v5.5.0 + - uses: actions/setup-python@v5.6.0 with: python-version: "3.12" - name: Install dependencies diff --git a/.github/workflows/python-package.yml b/.github/workflows/python-package.yml index 5258d18..2853bb1 100644 --- a/.github/workflows/python-package.yml +++ b/.github/workflows/python-package.yml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@v4.2.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5.5.0 + uses: actions/setup-python@v5.6.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index df8ef00..7583297 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -42,6 +42,6 @@ jobs: path: results.sarif retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.24.9 + uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3.24.9 with: sarif_file: results.sarif From d22ebb6d8f7e5539d0be6bbf13ff1fc366c421d9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 May 2025 17:32:39 +0000 Subject: [PATCH 15/16] chore(deps): bump pylint from 3.3.6 to 3.3.7 in the dependencies group Bumps the dependencies group with 1 update: [pylint](https://github.com/pylint-dev/pylint). Updates `pylint` from 3.3.6 to 3.3.7 - [Release notes](https://github.com/pylint-dev/pylint/releases) - [Commits](https://github.com/pylint-dev/pylint/compare/v3.3.6...v3.3.7) --- updated-dependencies: - dependency-name: pylint dependency-version: 3.3.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index de1d781..b629065 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -2,7 +2,7 @@ black==25.1.0 flake8==7.2.0 mypy==1.15.0 mypy-extensions==1.1.0 -pylint==3.3.6 +pylint==3.3.7 pytest==8.3.5 pytest-cov==6.1.1 types-pytz==2025.2.0.20250326 From fedbb43cc1fdd2978fd2c68dc97dea3a16f85fd4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 May 2025 17:43:29 +0000 Subject: [PATCH 16/16] chore(deps): bump the dependencies group with 2 updates Bumps the dependencies group with 2 updates: [github/contributors](https://github.com/github/contributors) and [github/codeql-action](https://github.com/github/codeql-action). Updates `github/contributors` from 1.5.6 to 1.5.7 - [Release notes](https://github.com/github/contributors/releases) - [Commits](https://github.com/github/contributors/compare/ed5a1f1c7c0038f4c9ad790685b6b8a549ab3f64...9e9ce8e51fe186c4d699ebb3d35c1f1fd755a357) Updates `github/codeql-action` from 3.28.16 to 3.28.17 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/28deaeda66b76a05916b6923827895f2b14ab387...60168efe1c415ce0f5521ea06d5c2062adbeed1b) --- updated-dependencies: - dependency-name: github/contributors dependency-version: 1.5.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github/codeql-action dependency-version: 3.28.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/contributor_report.yaml | 2 +- .github/workflows/scorecard.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/contributor_report.yaml b/.github/workflows/contributor_report.yaml index 604a39e..8c71042 100644 --- a/.github/workflows/contributor_report.yaml +++ b/.github/workflows/contributor_report.yaml @@ -27,7 +27,7 @@ jobs: echo "END_DATE=$end_date" >> "$GITHUB_ENV" - name: Run contributor action - uses: github/contributors@ed5a1f1c7c0038f4c9ad790685b6b8a549ab3f64 # v1.5.6 + uses: github/contributors@9e9ce8e51fe186c4d699ebb3d35c1f1fd755a357 # v1.5.7 env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} START_DATE: ${{ env.START_DATE }} diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7583297..5074dcd 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -42,6 +42,6 @@ jobs: path: results.sarif retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3.24.9 + uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.24.9 with: sarif_file: results.sarif