From a1046762959f59c41429dea01941e001f42aac10 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Feb 2025 00:29:20 +0000 Subject: [PATCH 1/7] chore(deps): bump the dependencies group with 3 updates Bumps the dependencies group with 3 updates: [github/contributors](https://github.com/github/contributors), [actions/setup-python](https://github.com/actions/setup-python) and [github/codeql-action](https://github.com/github/codeql-action). Updates `github/contributors` from 1.5.3 to 1.5.4 - [Release notes](https://github.com/github/contributors/releases) - [Commits](https://github.com/github/contributors/compare/695ea9d3f1c31f6ff67ab7d6a964a15f8ef9fa04...3387722e41cbcd1560376fe7575b4b0e372633c5) Updates `actions/setup-python` from 5.3.0 to 5.4.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5.3.0...v5.4.0) Updates `github/codeql-action` from 3.28.5 to 3.28.8 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4...dd746615b3b9d728a6a37ca2045b68ca76d4841a) --- updated-dependencies: - dependency-name: github/contributors dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/contributors_report.yaml | 2 +- .github/workflows/python-ci.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/contributors_report.yaml b/.github/workflows/contributors_report.yaml index 8d18eb6..a3465e0 100644 --- a/.github/workflows/contributors_report.yaml +++ b/.github/workflows/contributors_report.yaml @@ -30,7 +30,7 @@ jobs: echo "END_DATE=$end_date" >> "$GITHUB_ENV" - name: Run contributor action - uses: github/contributors@695ea9d3f1c31f6ff67ab7d6a964a15f8ef9fa04 + uses: github/contributors@3387722e41cbcd1560376fe7575b4b0e372633c5 env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} START_DATE: ${{ env.START_DATE }} diff --git a/.github/workflows/python-ci.yml b/.github/workflows/python-ci.yml index 5eef415..3c0d52c 100644 --- a/.github/workflows/python-ci.yml +++ b/.github/workflows/python-ci.yml @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/checkout@v4.2.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5.3.0 + uses: actions/setup-python@v5.4.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index e6f29ba..a746325 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -42,6 +42,6 @@ jobs: path: results.sarif retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5 + uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8 with: sarif_file: results.sarif From 1ffa8c08c44d8db32fc33fec1bb3c611d6558bf2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Feb 2025 00:39:35 +0000 Subject: [PATCH 2/7] chore(deps): bump pylint from 3.3.3 to 3.3.4 in the dependencies group Bumps the dependencies group with 1 update: [pylint](https://github.com/pylint-dev/pylint). Updates `pylint` from 3.3.3 to 3.3.4 - [Release notes](https://github.com/pylint-dev/pylint/releases) - [Commits](https://github.com/pylint-dev/pylint/compare/v3.3.3...v3.3.4) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index 272bda9..d5df219 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -2,7 +2,7 @@ black==24.10.0 flake8==7.1.1 mypy==1.14.1 mypy-extensions==1.0.0 -pylint==3.3.3 +pylint==3.3.4 pytest==8.3.4 pytest-cov==6.0.0 types-requests==2.32.0.20241016 From d370b5b27d0d7125061ea5d8d0a9734fb9a0a38b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Feb 2025 01:43:04 +0000 Subject: [PATCH 3/7] chore(deps): bump black from 24.10.0 to 25.1.0 Bumps [black](https://github.com/psf/black) from 24.10.0 to 25.1.0. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/compare/24.10.0...25.1.0) --- updated-dependencies: - dependency-name: black dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index d5df219..ea233ea 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -1,4 +1,4 @@ -black==24.10.0 +black==25.1.0 flake8==7.1.1 mypy==1.14.1 mypy-extensions==1.0.0 From dc2a0ba0c2c76c37a98e76bc53b5f26d53f65295 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Feb 2025 00:40:21 +0000 Subject: [PATCH 4/7] chore(deps): bump github/codeql-action in the dependencies group Bumps the dependencies group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3.28.8 to 3.28.9 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/dd746615b3b9d728a6a37ca2045b68ca76d4841a...9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index a746325..7b5d92d 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -42,6 +42,6 @@ jobs: path: results.sarif retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8 + uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 with: sarif_file: results.sarif From f0f44bdbce534f45d7a9f02bb075f5d4985dfa42 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Feb 2025 00:40:53 +0000 Subject: [PATCH 5/7] chore(deps): bump python from `026dd41` to `ae9f9ac` Bumps python from `026dd41` to `ae9f9ac`. --- updated-dependencies: - dependency-name: python dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index a9fd5c6..1d020f1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ #checkov:skip=CKV_DOCKER_2 #checkov:skip=CKV_DOCKER_3 -FROM python:3.13-slim@sha256:026dd417a88d0be8ed5542a05cff5979d17625151be8a1e25a994f85c87962a5 +FROM python:3.13-slim@sha256:ae9f9ac89467077ed1efefb6d9042132d28134ba201b2820227d46c9effd3174 LABEL com.github.actions.name="contributors" \ com.github.actions.description="GitHub Action that given an organization or repository, produces information about the contributors over the specified time period." \ com.github.actions.icon="users" \ From 2e2d8c9edf36f3dd0d0b5ec584a8db0de6126430 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Feb 2025 00:40:59 +0000 Subject: [PATCH 6/7] chore(deps): bump mypy from 1.14.1 to 1.15.0 in the dependencies group Bumps the dependencies group with 1 update: [mypy](https://github.com/python/mypy). Updates `mypy` from 1.14.1 to 1.15.0 - [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md) - [Commits](https://github.com/python/mypy/compare/v1.14.1...v1.15.0) --- updated-dependencies: - dependency-name: mypy dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index ea233ea..f82bd27 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -1,6 +1,6 @@ black==25.1.0 flake8==7.1.1 -mypy==1.14.1 +mypy==1.15.0 mypy-extensions==1.0.0 pylint==3.3.4 pytest==8.3.4 From a94db6ace6ebd8da38e62bd31087b7fccd1ae22b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Feb 2025 00:18:17 +0000 Subject: [PATCH 7/7] chore(deps): bump flake8 from 7.1.1 to 7.1.2 in the dependencies group Bumps the dependencies group with 1 update: [flake8](https://github.com/pycqa/flake8). Updates `flake8` from 7.1.1 to 7.1.2 - [Commits](https://github.com/pycqa/flake8/compare/7.1.1...7.1.2) --- updated-dependencies: - dependency-name: flake8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- requirements-test.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index f82bd27..7cf50e5 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -1,5 +1,5 @@ black==25.1.0 -flake8==7.1.1 +flake8==7.1.2 mypy==1.15.0 mypy-extensions==1.0.0 pylint==3.3.4