Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump the actions group across 1 directory with 3 updates #542

Merged
merged 1 commit into from
Sep 28, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 16, 2024

Bumps the actions group with 3 updates in the / directory: pypa/cibuildwheel, actions/attest-build-provenance and peter-evans/create-pull-request.

Updates pypa/cibuildwheel from 2.20 to 2.21

Release notes

Sourced from pypa/cibuildwheel's releases.

v2.21.0

  • ⚠️ Update CPython 3.12 to 3.12.6, which changes the macOS minimum deployment target on CPython 3.12 from macOS 10.9 to macOS 10.13 (#1998)
  • 🛠 Changes the behaviour when inheriting config-settings in TOML overrides - rather than extending each key, which is rarely useful, individual keys will override previously set values. (#1803)
  • 🛠 Update CPython 3.13 to 3.13.0rc2 (#1998)
  • ✨ Adds support for multiarch OCI images (#1961)
  • 🐛 Fixes some bugs building Linux wheels on macOS. (#1961)
  • ⚠️ Changes the minimum version of Docker/Podman to Docker API version 1.43, Podman API version 3. The only mainstream runner this should affect is Travis Graviton2 runners - if so you can upgrade your version of Docker. (#1961)
Changelog

Sourced from pypa/cibuildwheel's changelog.


title: Changelog

Changelog

v2.21.0

13 September 2024

  • ⚠️ Update CPython 3.12 to 3.12.6, which changes the macOS minimum deployment target on CPython 3.12 from macOS 10.9 to macOS 10.13 (#1998)
  • 🛠 Changes the behaviour when inheriting config-settings in TOML overrides - rather than extending each key, which is rarely useful, individual keys will override previously set values. (#1803)
  • 🛠 Update CPython 3.13 to 3.13.0rc2 (#1998)
  • ✨ Adds support for multiarch OCI images (#1961)
  • 🐛 Fixes some bugs building Linux wheels on macOS. (#1961)
  • ⚠️ Changes the minimum version of Docker/Podman to Docker API version 1.43, Podman API version 3. The only mainstream runner this should affect is Travis Graviton2 runners - if so you can upgrade your version of Docker. (#1961)

v2.20.0

4 August 2024

  • 🌟 CPython 3.13 wheels are now built by default - without the CIBW_PRERELEASE_PYTHONS flag. It's time to build and upload these wheels to PyPI! This release includes CPython 3.13.0rc1, which is guaranteed to be ABI compatible with the final release. Free-threading is still behind a flag/config option. (#1950)
  • ✨ Provide a CIBW_ALLOW_EMPTY environment variable as an alternative to the command line flag. (#1937)
  • 🐛 Don't use uv on PyPy3.8 on Windows, it stopped working starting in 0.2.25. Note that PyPy 3.8 is EoL. (#1868)
  • 🛠 Set the VSCMD_ARG_TGT_ARCH variable based on target arch. (#1876)
  • 🛠 Undo cleaner output on pytest 8-8.2 now that 8.3 is out. (#1943)
  • 📚 Update examples to use Python 3.12 on host (cibuildwheel will require Python 3.11+ on the host machine starting in October 2024) (#1919)

v2.19.2

2 July 2024

  • 🐛 Update manylinux2014 pins to versions that support past-EoL CentOS 7 mirrors. (#1917)
  • 🐛 Support --no-isolation with build[uv] build-frontend. (#1889)
  • 🛠 Provide attestations for releases at https://github.com/pypa/cibuildwheel/attestations. (#1916)
  • 🛠 Provide CPython 3.13.0b3. (#1913)
  • 🛠 Remove some workarounds now that pip 21.1 is available. (#1891, #1892)
  • 📚 Remove nosetest from our docs. (#1821)
  • 📚 Document the macOS ARM workaround for 3.8 on GHA. (#1871)
  • 📚 GitLab CI + macOS is now a supported platform with an example. (#1911)

v2.19.1

13 June 2024

  • 🐛 Don't require setup-python on GHA for Pyodide (#1868)
  • 🐛 Specify full python path for uv (fixes issue in 0.2.10 & 0.2.11) (#1881)

... (truncated)

Commits

Updates actions/attest-build-provenance from 1.4.2 to 1.4.3

Release notes

Sourced from actions/attest-build-provenance's releases.

v1.4.3

What's Changed

Full Changelog: actions/attest-build-provenance@v1.4.2...v1.4.3

Commits

Updates peter-evans/create-pull-request from 6 to 7

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v7.0.0

✨ Now supports commit signing with bot-generated tokens! See "What's new" below. ✍️🤖

Behaviour changes

  • Action input git-token has been renamed branch-token, to be more clear about its purpose. The branch-token is the token that the action will use to create and update the branch.
  • The action now handles requests that have been rate-limited by GitHub. Requests hitting a primary rate limit will retry twice, for a total of three attempts. Requests hitting a secondary rate limit will not be retried.
  • The pull-request-operation output now returns none when no operation was executed.
  • Removed deprecated output environment variable PULL_REQUEST_NUMBER. Please use the pull-request-number action output instead.

What's new

  • The action can now sign commits as github-actions[bot] when using GITHUB_TOKEN, or your own bot when using GitHub App tokens. See commit signing for details.
  • Action input draft now accepts a new value always-true. This will set the pull request to draft status when the pull request is updated, as well as on creation.
  • A new action input maintainer-can-modify indicates whether maintainers can modify the pull request. The default is true, which retains the existing behaviour of the action.
  • A new output pull-request-commits-verified returns true or false, indicating whether GitHub considers the signature of the branch's commits to be verified.

What's Changed

New Contributors

Full Changelog: peter-evans/create-pull-request@v6.1.0...v7.0.0

Create Pull Request v6.1.0

✨ Adds pull-request-branch as an action output.

What's Changed

... (truncated)

Commits
  • d121e62 fix: disable diff detection for renames and copies (#3330)
  • f4d66f4 build(deps-dev): bump typescript from 5.5.4 to 5.6.2 (#3319)
  • 488c869 build(deps-dev): bump @​types/node from 18.19.48 to 18.19.50 (#3320)
  • 5354f85 docs: update readme
  • 8867c4a fix: handle ambiguous argument failure on diff stat (#3312)
  • 6073f54 build(deps-dev): bump @​typescript-eslint/eslint-plugin (#3291)
  • 6d01b56 build(deps-dev): bump eslint-plugin-import from 2.29.1 to 2.30.0 (#3290)
  • 25cf845 build(deps-dev): bump @​typescript-eslint/parser from 7.17.0 to 7.18.0 (#3289)
  • d87b980 build(deps-dev): bump @​types/node from 18.19.46 to 18.19.48 (#3288)
  • 119d131 build(deps): bump peter-evans/create-pull-request from 6 to 7 (#3283)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions group with 3 updates in the / directory: [pypa/cibuildwheel](https://github.com/pypa/cibuildwheel), [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `pypa/cibuildwheel` from 2.20 to 2.21
- [Release notes](https://github.com/pypa/cibuildwheel/releases)
- [Changelog](https://github.com/pypa/cibuildwheel/blob/main/docs/changelog.md)
- [Commits](pypa/cibuildwheel@v2.20...v2.21)

Updates `actions/attest-build-provenance` from 1.4.2 to 1.4.3
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](actions/attest-build-provenance@6149ea5...1c608d1)

Updates `peter-evans/create-pull-request` from 6 to 7
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v6...v7)

---
updated-dependencies:
- dependency-name: pypa/cibuildwheel
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: actions/attest-build-provenance
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Sep 16, 2024
@mayeut mayeut merged commit b31975f into main Sep 28, 2024
25 checks passed
@mayeut mayeut deleted the dependabot/github_actions/actions-b9ed21a349 branch September 28, 2024 16:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant