From 8ff6c3fc2a154e87d6f8d5b9dc3632f095098321 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 5 Mar 2026 02:40:25 +0000 Subject: [PATCH] build(deps): bump the per-dependency group with 7 updates Bumps the per-dependency group with 7 updates: | Package | From | To | | --- | --- | --- | | [actions/setup-go](https://github.com/actions/setup-go) | `6.2.0` | `6.3.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `6.2.0` | `6.3.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.32.4` | `4.32.5` | | [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.288.0` | `1.289.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `6.0.0` | `7.0.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `7.0.0` | `8.0.0` | | [PyO3/maturin-action](https://github.com/pyo3/maturin-action) | `1.50.0` | `1.50.1` | Updates `actions/setup-go` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5...4b73464bb391d4059bd26b0524d20df3927bd417) Updates `actions/setup-node` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/6044e13b5dc448c55e2357c09f80417699197238...53b83947a5a98c8d113130e565377fae1a50d02f) Updates `github/codeql-action` from 4.32.4 to 4.32.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/89a39a4e59826350b863aa6b6252a07ad50cf83e...c793b717bc78562f491db7b0e93a3a178b099162) Updates `ruby/setup-ruby` from 1.288.0 to 1.289.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/09a7688d3b55cf0e976497ff046b70949eeaccfd...19a43a6a2428d455dbd1b85344698725179c9d8c) Updates `actions/upload-artifact` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f) Updates `actions/download-artifact` from 7.0.0 to 8.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/37930b1c2abaa49bbe596cd826c3c89aef350131...70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3) Updates `PyO3/maturin-action` from 1.50.0 to 1.50.1 - [Release notes](https://github.com/pyo3/maturin-action/releases) - [Commits](https://github.com/pyo3/maturin-action/compare/b1bd829e37fef14c63f19162034228a2f3dc1021...04ac600d27cdf7a9a280dadf7147097c42b757ad) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: per-dependency - dependency-name: actions/setup-node dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: per-dependency - dependency-name: github/codeql-action dependency-version: 4.32.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: per-dependency - dependency-name: ruby/setup-ruby dependency-version: 1.289.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: per-dependency - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: per-dependency - dependency-name: actions/download-artifact dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: per-dependency - dependency-name: PyO3/maturin-action dependency-version: 1.50.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: per-dependency ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 10 +++++----- .github/workflows/publish-java.yml | 6 +++--- .github/workflows/publish-python.yml | 16 ++++++++-------- .github/workflows/publish-wasm.yml | 2 +- .github/workflows/rust-clippy.yml | 2 +- .github/workflows/test-csharp.yml | 8 ++++---- .github/workflows/test-go.yml | 2 +- .github/workflows/test-python.yml | 2 +- .github/workflows/test-wasm.yml | 2 +- 9 files changed, 25 insertions(+), 25 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 60f04690..12640f82 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -99,7 +99,7 @@ jobs: - name: Setup Go if: matrix.language == 'go' - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: '1.21' @@ -115,12 +115,12 @@ jobs: - name: Setup Node.js if: matrix.language == 'javascript-typescript' - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 + uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: '18' - name: Initialize CodeQL - uses: github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 + uses: github/codeql-action/init@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -141,7 +141,7 @@ jobs: - name: Setup Ruby if: matrix.language == 'rust' && contains(matrix.working-directory, 'ruby') - uses: ruby/setup-ruby@09a7688d3b55cf0e976497ff046b70949eeaccfd # v1.288.0 + uses: ruby/setup-ruby@19a43a6a2428d455dbd1b85344698725179c9d8c # v1.289.0 with: ruby-version: '3.4.2' bundler-cache: true @@ -188,6 +188,6 @@ jobs: run: cargo xtask build-wasm --release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 + uses: github/codeql-action/analyze@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 with: category: "/language:${{matrix.language}}" \ No newline at end of file diff --git a/.github/workflows/publish-java.yml b/.github/workflows/publish-java.yml index b7c244ed..08242d4e 100644 --- a/.github/workflows/publish-java.yml +++ b/.github/workflows/publish-java.yml @@ -56,7 +56,7 @@ jobs: - run: cargo ${{ matrix.build_cmd || 'build' }} --release --frozen --target ${{ matrix.target }}${{ matrix.glibc && format('.{0}', matrix.glibc) || '' }} --manifest-path ./bindings/java/Cargo.toml - run: mkdir -p native/${{ matrix.target }} - run: mv target/${{ matrix.target }}/release/*.${{ matrix.extension }} ./native/${{ matrix.target }}/ - - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: native-libraries-${{ matrix.target }} path: native/ @@ -76,14 +76,14 @@ jobs: server-id: ossrh server-username: MAVEN_USERNAME server-password: MAVEN_PASSWORD - - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 with: pattern: native-libraries-* merge-multiple: true path: ./bindings/java/native/ - run: mvn package working-directory: ./bindings/java - - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: built-jars path: ./bindings/java/target/regorus-java-*.jar diff --git a/.github/workflows/publish-python.yml b/.github/workflows/publish-python.yml index c801471b..6bbd109a 100644 --- a/.github/workflows/publish-python.yml +++ b/.github/workflows/publish-python.yml @@ -34,14 +34,14 @@ jobs: working-directory: bindings/python - name: Build wheels - uses: PyO3/maturin-action@b1bd829e37fef14c63f19162034228a2f3dc1021 # v1.43.0 + uses: PyO3/maturin-action@04ac600d27cdf7a9a280dadf7147097c42b757ad # v1.43.0 with: target: ${{ matrix.target }} args: --release --out dist --manifest-path bindings/python/Cargo.toml --offline --strip sccache: 'true' manylinux: auto - name: Upload wheels - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: wheels-linux-${{ matrix.target }} path: dist @@ -67,13 +67,13 @@ jobs: working-directory: bindings/python - name: Build wheels - uses: PyO3/maturin-action@b1bd829e37fef14c63f19162034228a2f3dc1021 # v1.43.0 + uses: PyO3/maturin-action@04ac600d27cdf7a9a280dadf7147097c42b757ad # v1.43.0 with: target: ${{ matrix.target }} args: --release --out dist --manifest-path bindings/python/Cargo.toml --frozen --strip sccache: 'true' - name: Upload wheels - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: wheels-windows-${{ matrix.target }} path: dist @@ -98,13 +98,13 @@ jobs: working-directory: bindings/python - name: Build wheels - uses: PyO3/maturin-action@b1bd829e37fef14c63f19162034228a2f3dc1021 # v1.43.0 + uses: PyO3/maturin-action@04ac600d27cdf7a9a280dadf7147097c42b757ad # v1.43.0 with: target: ${{ matrix.target }} args: --release --out dist --manifest-path bindings/python/Cargo.toml --offline --strip sccache: 'true' - name: Upload wheels - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: wheels-macos-${{ matrix.host.target }} path: dist @@ -116,13 +116,13 @@ jobs: # if: "startsWith(github.ref, 'refs/tags/')" needs: [linux, windows, macos] steps: - - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 with: pattern: wheels-* merge-multiple: true path: wheels - name: Publish to PyPI - uses: PyO3/maturin-action@b1bd829e37fef14c63f19162034228a2f3dc1021 # v1.43.0 + uses: PyO3/maturin-action@04ac600d27cdf7a9a280dadf7147097c42b757ad # v1.43.0 env: MATURIN_PYPI_TOKEN: ${{ secrets.PYPI_API_TOKEN }} with: diff --git a/.github/workflows/publish-wasm.yml b/.github/workflows/publish-wasm.yml index 24438a8d..9a7b6cb4 100644 --- a/.github/workflows/publish-wasm.yml +++ b/.github/workflows/publish-wasm.yml @@ -19,7 +19,7 @@ jobs: with: fetch-depth: 0 # Setup .npmrc file to publish to npm - - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 + - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: '20.x' registry-url: 'https://registry.npmjs.org' diff --git a/.github/workflows/rust-clippy.yml b/.github/workflows/rust-clippy.yml index 1b9ce46a..d8e25a7f 100644 --- a/.github/workflows/rust-clippy.yml +++ b/.github/workflows/rust-clippy.yml @@ -52,7 +52,7 @@ jobs: - name: Upload analysis results to GitHub if: ${{ hashFiles('rust-clippy-results.sarif') != '' }} - uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v3.29.11 + uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 # v3.29.11 with: sarif_file: rust-clippy-results.sarif wait-for-processing: true diff --git a/.github/workflows/test-csharp.yml b/.github/workflows/test-csharp.yml index 20ad0c77..4257ebd2 100644 --- a/.github/workflows/test-csharp.yml +++ b/.github/workflows/test-csharp.yml @@ -59,7 +59,7 @@ jobs: run: cargo xtask build-ffi --release --target ${{ matrix.runtime.target }} - name: Upload regorus ffi shared library - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: regorus-ffi-artifacts-${{ matrix.runtime.target }} # Note: The full path of each artifact relative to . is preserved. @@ -92,7 +92,7 @@ jobs: run: cargo fetch --locked - name: Download regorus ffi shared libraries - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 with: pattern: regorus-ffi-artifacts-* merge-multiple: true @@ -105,7 +105,7 @@ jobs: run: cargo xtask build-csharp --release --clean --artifacts-dir ./bindings/csharp/Regorus/tmp/bindings/ffi/target --enforce-artifacts --repository-commit ${{ github.sha }} --include-symbols - name: Upload Regorus nuget - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: regorus-nuget path: | @@ -152,7 +152,7 @@ jobs: run: cargo fetch --locked - name: Download regorus nuget - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 with: name: regorus-nuget path: ./bindings/csharp/Regorus/bin/Release diff --git a/.github/workflows/test-go.yml b/.github/workflows/test-go.yml index 80eb4843..3bd63e19 100644 --- a/.github/workflows/test-go.yml +++ b/.github/workflows/test-go.yml @@ -30,7 +30,7 @@ jobs: - name: Fetch FFI crate dependencies run: cargo fetch --locked --manifest-path bindings/ffi/Cargo.toml - - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 + - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: architecture: x64 diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index 10601bdd..7aaa2376 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -51,7 +51,7 @@ jobs: run: cargo xtask build-python --release --target ${{ matrix.host.target }} --target-dir bindings/python/dist --frozen - name: Upload wheel artefacts - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: regorus-wheel-${{ matrix.host.name }} path: bindings/python/dist/regorus-*.whl diff --git a/.github/workflows/test-wasm.yml b/.github/workflows/test-wasm.yml index 2c23325e..0f421c20 100644 --- a/.github/workflows/test-wasm.yml +++ b/.github/workflows/test-wasm.yml @@ -33,7 +33,7 @@ jobs: run: cargo fetch --locked --manifest-path bindings/wasm/Cargo.toml - name: Setup Node - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 + uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: 22