From 03fa83510f71779e8e457d33e48f162b32783c27 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Jun 2026 09:30:29 +0000 Subject: [PATCH] ci: bump the github-actions group with 9 updates Bumps the github-actions group with 9 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4` | `6` | | [actions/setup-python](https://github.com/actions/setup-python) | `5` | `6` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `4` | `7` | | [gitleaks/gitleaks-action](https://github.com/gitleaks/gitleaks-action) | `2` | `3` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `7` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4` | `8` | | [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2` | `3` | | [actions/github-script](https://github.com/actions/github-script) | `7` | `9` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2` | `3` | Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v6) Updates `actions/setup-python` from 5 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5...v6) Updates `codecov/codecov-action` from 4 to 7 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v4...v7) Updates `gitleaks/gitleaks-action` from 2 to 3 - [Release notes](https://github.com/gitleaks/gitleaks-action/releases) - [Commits](https://github.com/gitleaks/gitleaks-action/compare/v2...v3) Updates `actions/upload-artifact` from 4 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v7) Updates `actions/download-artifact` from 4 to 8 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v8) Updates `dependabot/fetch-metadata` from 2 to 3 - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/v2...v3) Updates `actions/github-script` from 7 to 9 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v7...v9) Updates `softprops/action-gh-release` from 2 to 3 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: gitleaks/gitleaks-action dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: dependabot/fetch-metadata dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/github-script dependency-version: '9' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: softprops/action-gh-release dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 30 ++++++++++++------------- .github/workflows/cibw.yml | 6 ++--- .github/workflows/dependabot.yml | 4 ++-- .github/workflows/release.yml | 28 +++++++++++------------ .github/workflows/submission-review.yml | 4 ++-- 5 files changed, 36 insertions(+), 36 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0d361085..3a47a380 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,9 +19,9 @@ jobs: name: Lint & Type Check runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: "3.11" cache: "pip" @@ -46,9 +46,9 @@ jobs: os: [ubuntu-latest, windows-latest] python-version: ["3.10", "3.11", "3.12"] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: ${{ matrix.python-version }} cache: "pip" @@ -60,7 +60,7 @@ jobs: run: | pytest --cov=src/ngd --cov-report=xml --cov-fail-under=80 - name: Upload coverage - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v7 with: files: ./coverage.xml flags: unittests @@ -70,9 +70,9 @@ jobs: name: Security Scan runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: "3.11" cache: "pip" @@ -86,16 +86,16 @@ jobs: - name: Bandit run: bandit -r src/ -f json -o bandit-report.json || true - name: Gitleaks - uses: gitleaks/gitleaks-action@v2 + uses: gitleaks/gitleaks-action@v3 build-wheel: name: Build Wheel needs: [lint-and-type, test, security] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: "3.11" cache: "pip" @@ -108,7 +108,7 @@ jobs: - name: Check wheel run: twine check dist/* - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: dist path: dist/ @@ -124,7 +124,7 @@ jobs: needs: build-wheel runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install cyclonedx-bom run: pip install cyclonedx-bom - name: Prepare dist directory @@ -133,7 +133,7 @@ jobs: run: | cyclonedx-bom -o dist/sbom.json . - name: Upload SBOM - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: sbom path: dist/sbom.json @@ -163,9 +163,9 @@ jobs: contents: read id-token: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Download artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: path: dist/ - name: Verify signatures diff --git a/.github/workflows/cibw.yml b/.github/workflows/cibw.yml index d6120f73..a6c22e5c 100644 --- a/.github/workflows/cibw.yml +++ b/.github/workflows/cibw.yml @@ -27,9 +27,9 @@ jobs: - python: "cp312" arch: ARM64 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: "3.11" - name: Install cibuildwheel @@ -42,7 +42,7 @@ jobs: CIBW_TEST_SKIP: "*" CIBW_ENVIRONMENT_WINDOWS: "CIBW_BUILD_VERBOSITY=1" - name: Upload wheels - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: windows-wheels path: wheelhouse/ diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml index 3c2c6319..e6354612 100644 --- a/.github/workflows/dependabot.yml +++ b/.github/workflows/dependabot.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v2 + uses: dependabot/fetch-metadata@v3 with: github-token: "${{ secrets.GITHUB_TOKEN }}" - name: Enable auto-merge for patch/minor updates @@ -35,7 +35,7 @@ jobs: PR_URL: ${{ github.event.pull_request.html_url }} GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Run CI on Dependabot PR - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | const pr = context.payload.pull_request; diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bd51d858..ffec3a12 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,11 +29,11 @@ jobs: outputs: version: ${{ steps.extract_version.outputs.version }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.10' - name: Install build dependencies @@ -69,13 +69,13 @@ jobs: pip install cyclonedx-bom cyclonedx-py environment --pyproject pyproject.toml -o sbom.json - name: Upload SBOM - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: sbom path: sbom.json retention-days: 90 - name: Upload dist artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: dist path: dist/ @@ -88,7 +88,7 @@ jobs: if: github.event_name != 'workflow_dispatch' || github.event.inputs.dry_run != 'true' steps: - name: Download dist artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: dist path: dist/ @@ -107,13 +107,13 @@ jobs: cosign attest-blob --yes --bundle dist/*.whl.attestation.sig dist/*.whl cosign attest-blob --yes --bundle dist/*.tar.gz.attestation.sig dist/*.tar.gz - name: Upload signatures and attestations - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: signatures path: dist/*.sig retention-days: 90 - name: Upload attestations - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: attestations path: dist/*.attestation.sig @@ -129,12 +129,12 @@ jobs: id-token: write steps: - name: Download dist artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: dist path: dist/ - name: Download signatures - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: signatures path: dist/ @@ -150,27 +150,27 @@ jobs: if: github.event_name != 'workflow_dispatch' || github.event.inputs.dry_run != 'true' steps: - name: Download dist artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: dist path: dist/ - name: Download signatures - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: signatures path: dist/ - name: Download attestations - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: attestations path: dist/ - name: Download SBOM - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: sbom path: . - name: Create Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@v3 with: tag_name: v${{ needs.build.outputs.version }} name: nvidia-gratitude-driver v${{ needs.build.outputs.version }} diff --git a/.github/workflows/submission-review.yml b/.github/workflows/submission-review.yml index 92a058f9..fa287cee 100644 --- a/.github/workflows/submission-review.yml +++ b/.github/workflows/submission-review.yml @@ -14,10 +14,10 @@ jobs: name: Code, Tests, and Security runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: python-version: "3.11" cache: pip