Bump the github-action-dependencies group with 4 updates (#405)

Bumps the github-action-dependencies group with 4 updates: [google-github-actions/auth](https://github.com/google-github-actions/auth), [actions/setup-python](https://github.com/actions/setup-python), [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) and [SonarSource/sonarcloud-github-action](https://github.com/sonarsource/sonarcloud-github-action). Updates `google-github-actions/auth` from 2.1.3 to 2.1.5 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](google-github-actions/auth@v2.1.3...v2.1.5) Updates `actions/setup-python` from 5.1.1 to 5.2.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5.1.1...v5.2.0) Updates `pypa/gh-action-pypi-publish` from 1.9.0 to 1.10.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](pypa/gh-action-pypi-publish@v1.9.0...v1.10.0) Updates `SonarSource/sonarcloud-github-action` from 2.3.0 to 3.0.0 - [Release notes](https://github.com/sonarsource/sonarcloud-github-action/releases) - [Commits](SonarSource/sonarcloud-github-action@v2.3.0...v3.0.0) --- updated-dependencies: - dependency-name: google-github-actions/auth dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-action-dependencies - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies - dependency-name: pypa/gh-action-pypi-publish dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies - dependency-name: SonarSource/sonarcloud-github-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-action-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
statisticsnorway · Oct 1, 2024 · 550a367 · 550a367
1 parent c2bf251
commit 550a367
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 9 deletions.
diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
@@ -29,7 +29,7 @@ jobs:
 
       - name: "Authenticate to Google Cloud"
         id: "auth"
-        uses: "google-github-actions/auth@v2.1.3"
+        uses: "google-github-actions/auth@v2.1.5"
         with:
           workload_identity_provider: "projects/848539402404/locations/global/workloadIdentityPools/gh-actions/providers/gh-actions"
           service_account: "gh-actions-dapla-metadata@artifact-registry-5n.iam.gserviceaccount.com"

diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -34,7 +34,7 @@ jobs:
           poetry --version
 
       - name: Set up Python
-        uses: actions/setup-python@v5.1.1
+        uses: actions/setup-python@v5.2.0
         with:
           python-version: "3.11"
           cache: "poetry"

diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml
@@ -28,7 +28,7 @@ jobs:
 
       - name: "Authenticate to Google Cloud"
         id: "auth"
-        uses: "google-github-actions/auth@v2.1.3"
+        uses: "google-github-actions/auth@v2.1.5"
         with:
           workload_identity_provider: "projects/906675412832/locations/global/workloadIdentityPools/ssb-identity-pool/providers/github-oidc-provider"
           service_account: "gh-ssb@nais-management-b3a7.iam.gserviceaccount.com"

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -28,7 +28,7 @@ jobs:
           fetch-depth: 2
 
       - name: Set up Python
-        uses: actions/setup-python@v5.1.1
+        uses: actions/setup-python@v5.2.0
         with:
           python-version: "3.11"
 
@@ -68,11 +68,11 @@ jobs:
 
       - name: Publish package on PyPI
         if: steps.check-version.outputs.tag
-        uses: pypa/gh-action-pypi-publish@v1.9.0
+        uses: pypa/gh-action-pypi-publish@v1.10.0
 
       - name: Publish package on TestPyPI
         if: (!steps.check-version.outputs.tag)
-        uses: pypa/gh-action-pypi-publish@v1.9.0
+        uses: pypa/gh-action-pypi-publish@v1.10.0
         with:
           repository-url: https://test.pypi.org/legacy/
 

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -41,7 +41,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Python ${{ matrix.python }}
-        uses: actions/setup-python@v5.1.1
+        uses: actions/setup-python@v5.2.0
         with:
           python-version: ${{ matrix.python }}
           cache: "pip" # caching pip dependencies
@@ -125,7 +125,7 @@ jobs:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
 
       - name: Set up Python
-        uses: actions/setup-python@v5.1.1
+        uses: actions/setup-python@v5.2.0
         with:
           python-version: "3.12"
           cache: "pip" # caching pip dependencies
@@ -173,4 +173,4 @@ jobs:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         # No need to run SonarCloud analysis if dependabot update or token not defined
         if: env.SONAR_TOKEN != '' && (github.actor != 'dependabot[bot]')
-        uses: SonarSource/sonarcloud-github-action@v2.3.0
+        uses: SonarSource/sonarcloud-github-action@v3.0.0