Skip to content

Bump the actions group with 2 updates#27750

Merged
tacaswell merged 2 commits intomainfrom
dependabot/github_actions/actions-c1e38ad0e3
Feb 12, 2024
Merged

Bump the actions group with 2 updates#27750
tacaswell merged 2 commits intomainfrom
dependabot/github_actions/actions-c1e38ad0e3

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 5, 2024
edited
Loading

Bumps the actions group with 2 updates: pypa/cibuildwheel and codecov/codecov-action.

Updates pypa/cibuildwheel from 2.16.4 to 2.16.5

Release notes

Sourced from pypa/cibuildwheel's releases.

v2.16.5

  • 🐛 Fix an incompatibility with the GitHub Action and new GitHub Runner images for Windows that bundle Powershell 7.3+ (#1741)
  • 🛠 Preliminary support for new macos-14 arm64 runners (#1743)
Changelog

Sourced from pypa/cibuildwheel's changelog.

title: Changelog

Changelog

v2.16.5

30 January 2024

  • 🐛 Fix an incompatibility with the GitHub Action and new GitHub Runner images for Windows that bundle Powershell 7.3+ (#1741)
  • 🛠 Preliminary support for new macos-14 arm64 runners (#1743)

v2.16.4

28 January 2024

  • 🛠 Update manylinux pins to upgrade from a problematic PyPy version. (#1737)

v2.16.3

26 January 2024

  • 🐛 Fix a bug when building from sdist, where relative paths to files in the package didn't work because the working directory was wrong (#1687)
  • 🛠 Adds the ability to disable mounting the host filesystem in containers to /host, through the disable_host_mount suboption on CIBW_CONTAINER_ENGINE.
  • 📚 A lot of docs improvements! (#1708, #1705, #1686, #1679, #1667, #1665)

v2.16.2

3 October 2023

  • 🛠 Updates CPython 3.12 version to 3.12.0, final release (#1635)
  • ✨ Adds a debug option CIBW_DEBUG_KEEP_CONTAINER to stop cibuildwheel deleting build containers after the build finishes. (#1620)
  • 📚 Adds support for [tool.cibuildwheel] checking by adding a schema compatible with the validate-pyproject tool (#1622, #1628, #1629)
  • 🐛 Fix parsing of CIBW_CONTAINER_ENGINE and CIBW_BUILD_FRONTEND options to not break arguments on : characters (#1621)
  • 🐛 Fix the evaluation order of CIBW_ENVIRONMENT and CIBW_ENVIRONMENT_PASS so that CIBW_ENVIRONMENT assignments can reference environment variables passed through from the host machine. (#1617)
  • 🛠 Supports manylinux images' deferred installation of interpreters through the manylinux-interpreters tool (#1630)

v2.16.1

26 September 2023

  • 🛠 Updates the prerelease CPython 3.12 version to 3.12.0rc3 (#1625)
  • 🛠 Only calls linux32 in containers when necessary (#1599)

v2.16.0

18 September 2023

... (truncated)

Commits
  • ce3fb78 Bump version: v2.16.5
  • 5b0b458 fix: download pipx for action, allow support for M1 (#1743)
  • a7ea5fb Merge pull request #1739 from henryiii/henryiii/chore/checkschemas
  • bc55e8b Merge pull request #1741 from jborean93/pwsh-7.4
  • c753cd2 Add support for PowerShell 7.4 in GHA
  • 07bd78c chore: check schemas
  • d7db575 docs: add keyvi as an example that combines cibuildwheel with the ccache acti...
  • 7154e18 [Bot] Update dependencies (#1738)
  • See full diff in compare view

Updates codecov/codecov-action from 3 to 4

Release notes

Sourced from codecov/codecov-action's releases.

v4.0.0

v4 of the Codecov Action uses the CLI as the underlying upload. The CLI has helped to power new features including local upload, the global upload token, and new upcoming features.

Breaking Changes

  • The Codecov Action runs as a node20 action due to node16 deprecation. See this post from GitHub on how to migrate.
  • Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OS projects do not need the upstream repo's Codecov token). This doc shows instructions on how to add the Codecov token.
  • OS platforms have been added, though some may not be automatically detected. To see a list of platforms, see our CLI download page
  • Various arguments to the Action have been changed. Please be aware that the arguments match with the CLI's needs

v3 versions and below will not have access to CLI features (e.g. global upload token, ATS).

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

  • #1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

  • No current support for aarch64 and alpine architectures.
  • Tokenless uploading is unsuported
  • Various arguments to the Action have been removed

3.1.4

Fixes

  • #967 Fix typo in README.md
  • #971 fix: add back in working dir
  • #969 fix: CLI option names for uploader

Dependencies

  • #970 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3
  • #979 build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2
  • #981 build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4

3.1.3

Fixes

  • #960 fix: allow for aarch64 build

Dependencies

  • #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
  • #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
  • #959 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12

3.1.2

Fixes

  • #718 Update README.md
  • #851 Remove unsupported path_to_write_report argument
  • #898 codeql-analysis.yml
  • #901 Update README to contain correct information - inputs and negate feature
  • #955 fix: add in all the extra arguments for uploader

Dependencies

  • #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
  • #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
  • #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
  • #841 build(deps): bump @​actions/core from 1.9.1 to 1.10.0
  • #843 build(deps): bump @​actions/github from 5.0.3 to 5.1.1
  • #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
  • #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
  • #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the actions group with 2 updates
c144ab8 
Bumps the actions group with 2 updates: [pypa/cibuildwheel](https://github.com/pypa/cibuildwheel) and [codecov/codecov-action](https://github.com/codecov/codecov-action).


Updates `pypa/cibuildwheel` from 2.16.4 to 2.16.5
- [Release notes](https://github.com/pypa/cibuildwheel/releases)
- [Changelog](https://github.com/pypa/cibuildwheel/blob/main/docs/changelog.md)
- [Commits](pypa/cibuildwheel@0b04ab1...ce3fb78)

Updates `codecov/codecov-action` from 3 to 4
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v3...v4)

---
updated-dependencies:
- dependency-name: pypa/cibuildwheel
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the PR: dependencies Pull requests that update a dependency file label Feb 5, 2024
@github-actions github-actions bot added CI: Run cibuildwheel Run wheel building tests on a PR CI: Run cygwin Run cygwin tests on a PR labels Feb 5, 2024
@QuLogic
Copy link
Member

QuLogic commented Feb 5, 2024
edited
Loading

Even though the extra workflows are labelled, it doesn't appear that they have run. I think that's because they're on the main repo, and this branch isn't allowed, but it's odd that the pull_request trigger didn't allow it. But what's odd is that the Tests workflow has dependabot/** in push:branches-ignore, but that still ran as it should have.

Codecov appears to have failed due to dependabot having limited token access? codecov/codecov-action#1248

@QuLogic
Copy link
Member

QuLogic commented Feb 8, 2024

I added the token, and now also the optional builds ran (maybe because I pushed it and not a bot?)

@QuLogic
Copy link
Member

QuLogic commented Feb 9, 2024

This looks to be why the labeler didn't cause a build: https://github.com/orgs/community/discussions/25565 and then there's https://github.com/orgs/community/discussions/60882 for getting a skip reason added.

@tacaswell tacaswell merged commit f048468 into main Feb 12, 2024
@tacaswell tacaswell deleted the dependabot/github_actions/actions-c1e38ad0e3 branch February 12, 2024 19:58
@tacaswell tacaswell added this to the v3.9.0 milestone Feb 12, 2024
@ksunden ksunden mentioned this pull request Feb 12, 2024
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tacaswell tacaswell tacaswell approved these changes

Assignees

No one assigned

Labels

CI: Run cibuildwheel Run wheel building tests on a PR CI: Run cygwin Run cygwin tests on a PR PR: dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

v3.9.0

Development

Successfully merging this pull request may close these issues.

2 participants

@QuLogic @tacaswell