Bump the actions group across 1 directory with 10 updates

dependabot[bot] · web-flow · commit 0ab9548d99df · 2025-12-01T20:08:02.000Z
Bumps the actions group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/github-script](https://github.com/actions/github-script) | `7` | `8` | | [actions/checkout](https://github.com/actions/checkout) | `2` | `5` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `5` | | [peaceiris/actions-gh-pages](https://github.com/peaceiris/actions-gh-pages) | `3.9.3` | `4.0.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4` | `6` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.0.4` | `2.4.1` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `4` | `5` | | [docker/login-action](https://github.com/docker/login-action) | `1` | `3` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `1` | `3` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `4` | `6` | Updates `actions/github-script` from 7 to 8 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@v7...v8) Updates `actions/checkout` from 2 to 5 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v2...v5) Updates `actions/upload-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v5) Updates `peaceiris/actions-gh-pages` from 3.9.3 to 4.0.0 - [Release notes](https://github.com/peaceiris/actions-gh-pages/releases) - [Changelog](https://github.com/peaceiris/actions-gh-pages/blob/main/CHANGELOG.md) - [Commits](peaceiris/actions-gh-pages@373f7f2...4f9cc66) Updates `actions/download-artifact` from 4 to 6 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v4...v6) Updates `softprops/action-gh-release` from 2.0.4 to 2.4.1 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@9d7c94c...6da8fa9) Updates `codecov/codecov-action` from 4 to 5 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@v4...v5) Updates `docker/login-action` from 1 to 3 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v1...v3) Updates `docker/setup-buildx-action` from 1 to 3 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v1...v3) Updates `docker/build-push-action` from 4 to 6 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v4...v6) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: peaceiris/actions-gh-pages dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/download-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: softprops/action-gh-release dependency-version: 2.4.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: codecov/codecov-action dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: docker/login-action dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: docker/setup-buildx-action dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: docker/build-push-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/_check.yml b/.github/workflows/_check.yml
@@ -11,7 +11,7 @@ jobs:
     outputs:
       branch-pr: ${{ steps.script.outputs.result }}
     steps:
-      - uses: actions/github-script@v7
+      - uses: actions/github-script@v8
         id: script
         if: github.event_name == 'push'
         with:
diff --git a/.github/workflows/_dist.yml b/.github/workflows/_dist.yml
@@ -7,7 +7,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           # Need this to get version number from last tag
           fetch-depth: 0
@@ -18,7 +18,7 @@ jobs:
           pipx run build ./python
 
       - name: Upload sdist and wheel as artifacts
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: dist
           path: python/dist
diff --git a/.github/workflows/_docs.yml b/.github/workflows/_docs.yml
@@ -11,7 +11,7 @@ jobs:
         run: sleep 60
 
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           # Need this to get version number from last tag
           fetch-depth: 0
@@ -31,7 +31,7 @@ jobs:
         run: rm build/html/.doctrees/environment.pickle
 
       - name: Upload built docs artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: docs
           path: build
@@ -49,7 +49,7 @@ jobs:
         if: github.ref_type == 'tag' || github.ref_name == 'main'
         # We pin to the SHA, not the tag, for security reasons.
         # https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions
-        uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # v3.9.3
+        uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           publish_dir: .github/pages
diff --git a/.github/workflows/_release.yml b/.github/workflows/_release.yml
@@ -7,7 +7,7 @@ jobs:
 
     steps:
       - name: Download artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v6
         with:
           merge-multiple: true
 
@@ -23,7 +23,7 @@ jobs:
       - name: Create GitHub Release
         # We pin to the SHA, not the tag, for security reasons.
         # https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions
-        uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # v2.0.4
+        uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0
         with:
           prerelease: ${{ contains(github.ref_name, 'a') || contains(github.ref_name, 'b') || contains(github.ref_name, 'rc') }}
           files: "*"
diff --git a/.github/workflows/_test.yml b/.github/workflows/_test.yml
@@ -23,7 +23,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           # Need this to get version number from last tag
           fetch-depth: 0
@@ -41,7 +41,7 @@ jobs:
 
       - if: inputs.python-version == 'dev'
         name: Upload dev-requirements.txt
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: dev-requirements
           path: /tmp/dev-requirements.txt
@@ -57,7 +57,7 @@ jobs:
         run: cd python && tox -e tests
 
       - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@v4
+        uses: codecov/codecov-action@v5
         with:
           name: ${{ inputs.python-version }}/${{ inputs.runs-on }}
           files: cov.xml
diff --git a/.github/workflows/_tox.yml b/.github/workflows/_tox.yml
@@ -13,7 +13,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Install python packages
         uses: ./.github/actions/install_requirements
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
@@ -13,7 +13,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v6
         with:
           fetch-depth: 0 # All history
 
@@ -27,18 +27,18 @@ jobs:
 
       - name: Log in to GitHub Docker Registry
         if: github.event_name != 'pull_request'
-        uses: docker/login-action@v1
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
 
       - name: Build image
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: Dockerfile
@@ -58,7 +58,7 @@ jobs:
 
       - name: Push developer image
         if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }}
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: Dockerfile
@@ -80,7 +80,7 @@ jobs:
 
       - name: Push runtime image
         if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }}
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: Dockerfile
diff --git a/.github/workflows/cpp.yml b/.github/workflows/cpp.yml
@@ -7,7 +7,7 @@ jobs:
     container: ghcr.io/odin-detector/odin-data-build:latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v6
         with:
           fetch-depth: 0
       - name: Build eiger-detector
