chore(deps): update github actions updates

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
SonarSource/gh-action_releasability	action	patch	2.1.0 -> 2.1.2
pypa/gh-action-pypi-publish	action	patch	v1.12.2 -> v1.12.3

---

Release Notes

SonarSource/gh-action_releasability (SonarSource/gh-action_releasability)

v2.1.2

Compare Source

What's Changed

• BUILD-7112 EREQ-118 fix versions getting duplicated in github output by @​SamirM-BE in https://github.com/SonarSource/gh-action_releasability/pull/77

Full Changelog: SonarSource/gh-action_releasability@2.1.1...2.1.2

v2.1.1

Compare Source

What's Changed

• chore(deps): update actions/checkout action to v4.2.1 by @​renovate in https://github.com/SonarSource/gh-action_releasability/pull/61
• BUILD-5928 Improve error message by @​sebastienvermeille in https://github.com/SonarSource/gh-action_releasability/pull/62
• chore(deps): lock file maintenance by @​renovate in https://github.com/SonarSource/gh-action_releasability/pull/63
• chore(deps): lock file maintenance by @​renovate in https://github.com/SonarSource/gh-action_releasability/pull/64
• chore(deps): update sonarsource/gh-action_pre-commit action to v1.0.4 by @​renovate in https://github.com/SonarSource/gh-action_releasability/pull/66
• chore(deps): update actions/checkout action to v4.2.2 by @​renovate in https://github.com/SonarSource/gh-action_releasability/pull/65
• chore(deps): update actions/setup-python action to v5.3.0 by @​renovate in https://github.com/SonarSource/gh-action_releasability/pull/67
• chore(deps): lock file maintenance by @​renovate in https://github.com/SonarSource/gh-action_releasability/pull/68
• chore(deps): update sonarsource/vault-action-wrapper action to v3.0.2 by @​renovate in https://github.com/SonarSource/gh-action_releasability/pull/70
• chore(deps): update sonarsource/gh-action_pre-commit action to v1.0.5 by @​renovate in https://github.com/SonarSource/gh-action_releasability/pull/69
• chore(deps): lock file maintenance by @​renovate in https://github.com/SonarSource/gh-action_releasability/pull/71
• chore(deps): lock file maintenance by @​renovate in https://github.com/SonarSource/gh-action_releasability/pull/72
• chore(deps): update sonarsource/sonarcloud-github-action action to v4 by @​renovate in https://github.com/SonarSource/gh-action_releasability/pull/73
• BUILD-7112 skip if no version found by @​julien-carsique-sonarsource in https://github.com/SonarSource/gh-action_releasability/pull/75

Full Changelog: SonarSource/gh-action_releasability@2.1.0...2.1.1

pypa/gh-action-pypi-publish (pypa/gh-action-pypi-publish)

v1.12.3

Compare Source

✨ What's Improved

With the updates by @​woodruffw💰 and @​webknjaz💰 via #​309 and #​313, it is now possible to publish distribution packages that include core metadata v2.4, like those built using maturin. This is done by bumping Twine to v6.0.1 and pkginfo to v1.12.0.

📝 Docs

We've made an attempt to clarify the runtime and workflow shape that are expected to be supported for calling this action in: https://github.com/marketplace/actions/pypi-publish#Non-goals.

[!TIP]
Please, let us know in the release discussion if anything still remains unclear.
TL;DR always call [pypi-publish][pypi-publish] once per job; don't invoke it in reusable workflows; physically move building the dists into separate jobs having restricted permissions and storing the dists as GitHub Actions artifacts; when using self-hosted runners, make sure to still use [pypi-publish][pypi-publish] on a GitHub-provided infra with runs-on: ubuntu-latest, while building and testing may remain self-hosted; don't perform any other actions in the publishing job; don't call [pypi-publish][pypi-publish] from composite actions.

🛠️ Internal Updates

@​br3ndonland💰 improved the container image generation automation to include Git SHA in #​301. And @​woodruffw💰 added the workflow_ref context to Trusted Publishing debug logging in #​305, helping us diagnose misconfigurations faster. #​313 also extends the smoke test in the CI to check against the maturin-made dists. Additionally, jeepney and secretstorage transitive deps have been added to the pip constraint-based lock file, as Dependabot seems to have missed those earlier.

🪞 Full Diff: pypa/gh-action-pypi-publish@v1.12.2...v1.12.3

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

🙏 Special Thanks to @​samuelcolvin💰 for nudging me to cut this release sooner and for sponsoring me via @​pydantic💰!

🔌 Shameless Plug: The other day I've made this 🦋 Bluesky 🇺🇦 FOSS Maintainers Starter Pack subscribe to read news from people like me :)

💬 Discuss on Bluesky 🦋, on Mastodon 🐘 and on GitHub.

---

Configuration

📅 Schedule: Branch creation - "after 7am every weekday,before 8pm every weekday" in timezone Europe/Paris, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud