chore(deps): bump the actions group with 5 updates

[dependabot]

Bumps the actions group with 5 updates:

Package	From	To
hynek/build-and-inspect-python-package	1	2
actions/download-artifact	3	4
actions/setup-python	4	5
pre-commit/action	3.0.0	3.0.1
actions/cache	3	4

Updates hynek/build-and-inspect-python-package from 1 to 2

Release notes

Sourced from hynek/build-and-inspect-python-package's releases.

v2.0.0

This release switches to actions/upload-artifact v4, which is incompatible with older versions of actions/download-artifact (and vice versa).

• If you're using download-artifact@v3, do not upgrade.
• If you want to use download-artifact@v4, you must upgrade.

v1.5.4

Fixed

• Stop trying to cache. Fixes Error: No file in /home/runner/work/pytest-cpp/pytest-cpp matched to [**/requirements.txt or **/pyproject.toml], make sure you have checked out the target repository #76

v1.5.3

Changed

• Hopefully nothing, but this release comes from the main branch again.

v1.5.2

Fixed

• Turns out it made a huge difference. This release is branched directly from v1.5 and only updates the dependencies.

v1.5.1

Changed

• Updates of the tools we use. Notably this fixes check-wheel-contents on Python 3.12.

• This shouldn't make any difference, but all management and command running is now done by PDM. #57

v1.5.0

Added

• Set SOURCE_DATE_EPOCH based on the timestamp of the last commit for build reproducibility. #30
• The tree output now has ISO timestamps.

Changed

• Use 3.x version specifier in setup-python for the venv used by our tools. As of writing, that's 3.11.

v1.4.1

Contains only a fix for a deprecation warning.

v1.4

Added

• The contents listing of the SDist, the contents listing of the wheel, and the package metadata are now conveniently added to the CI run summary. So, you don't have to click through the build logs or download anything to give it a quick glimpse.

... (truncated)

Changelog

Sourced from hynek/build-and-inspect-python-package's changelog.

2.0.1 - 2024-01-25

Changed

• Switched to setup-python@v5 to avoid the "Node.js 16 actions are deprecated." deprecation warning.

Commits

• 3a76fe0 v2.0.1
• 9004604 Document setup-python change
• c9f989a Automated dependency upgrades (#81)
• d1fc4c3 Bump actions/setup-python from 4 to 5 (#82)
• c9fea02 v2.0.0
• 2385bed Switch to upload-artifact v4 (#78)
• 337438e Automated dependency upgrades (#77)
• 36fb41d New cycle
• See full diff in compare view

Updates actions/download-artifact from 3 to 4

Release notes

Sourced from actions/download-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

ℹ️ However, this is a major update that includes breaking changes. Artifacts created with versions v3 and below are not compatible with the v4 actions. Uploads and downloads must use the same major actions versions. There are also key differences from previous versions that may require updates to your workflows.

For more information, please see:

1. The changelog post.
2. The README.
3. The migration documentation.
4. As well as the underlying npm package, @​actions/artifact documentation.

New Contributors

• @​bflad made their first contribution in actions/download-artifact#194

Full Changelog: actions/download-artifact@v3...v4.0.0

v3.0.2

• Bump @actions/artifact to v1.1.1 - actions/download-artifact#195
• Fixed a bug in Node16 where if an HTTP download finished too quickly (<1ms, e.g. when it's mocked) we attempt to delete a temp file that has not been created yet Migrate dev environment and workflows to node16  actions/toolkit#1278

v3.0.1

• Bump @​actions/core to 1.10.0

Commits

• eaceaf8 Merge pull request #291 from actions/eggyhead/update-artifact-v2.1.1
• 81eafdc update artifact license
• 9ac5cad updating artifact dependency to version 2.1.1
• 3ad8411 Merge pull request #287 from actions/robherley/sync-migration-docs
• 1de4643 Sync migration docs with upload-artifact
• bb3fa7f Merge pull request #275 from actions/robherley/better-log-msgs
• a244de5 ncc
• 355659b clarify log messages when using pattern/merge-multiple params
• 6b208ae Merge pull request #274 from actions/vmjoseph/timeout-patch
• 6c5b580 only adding updated license
• Additional commits viewable in compare view

Updates actions/setup-python from 4 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: actions/setup-python@v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

• Trim python version when reading from file by @​FerranPares in actions/setup-python#628
• Use non-deprecated versions in examples by @​jeffwidman in actions/setup-python#724
• Change deprecation comment to past tense by @​jeffwidman in actions/setup-python#723
• Bump @​babel/traverse from 7.9.0 to 7.23.2 by @​dependabot in actions/setup-python#743
• advanced-usage.md: Encourage the use actions/checkout@v4 by @​cclauss in actions/setup-python#729
• Examples now use checkout@v4 by @​simonw in actions/setup-python#738
• Update actions/checkout to v4 by @​dmitry-shibanov in actions/setup-python#761

New Contributors

• @​FerranPares made their first contribution in actions/setup-python#628
• @​timfel made their first contribution in actions/setup-python#694
• @​jeffwidman made their first contribution in actions/setup-python#724

Full Changelog: actions/setup-python@v4...v4.8.0

v4.7.1

What's Changed

• Bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in actions/setup-python#702
• Add range validation for toml files by @​dmitry-shibanov in actions/setup-python#726

Full Changelog: actions/setup-python@v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table> 

... (truncated)

Commits

• 0a5c615 Update action to node20 (#772)
• 0ae5836 Add example of GraalPy to docs (#773)
• b64ffca update actions/checkout to v4 (#761)
• 8d28961 Examples now use checkout@v4 (#738)
• 7bc6abb advanced-usage.md: Encourage the use actions/checkout@v4 (#729)
• e8111ce Bump @​babel/traverse from 7.9.0 to 7.23.2 (#743)
• a00ea43 add fix for graalpy ci (#741)
• 8635b1c Change deprecation comment to past tense (#723)
• f6cc428 Use non-deprecated versions in examples (#724)
• 5f2af21 Add GraalPy support (#694)
• Additional commits viewable in compare view

Updates pre-commit/action from 3.0.0 to 3.0.1

Release notes

Sourced from pre-commit/action's releases.

pre-commit/[email protected]

Misc

• Update actions/cache to v4
  • #190 PR by @​SukiCZ.
  • #189 issue by @​bakerkj.

Commits

• 2c7b380 v3.0.1
• 8e2deeb Merge pull request #190 from SukiCZ/upgrade-action/cache-v4
• 0dbc303 Upgrade action/cache to v4. Fixes: #189
• c7d159c Merge pull request #185 from pre-commit/asottile-patch-1
• 9dd4237 fix main badge
• 37faf8a Merge pull request #184 from pre-commit/pre-commit-ci-update-config
• 049686e [pre-commit.ci] pre-commit autoupdate
• 5f528da move back to maintenance-only
• efd3bcf Merge pull request #170 from pre-commit/pre-commit-ci-update-config
• df308c7 [pre-commit.ci] pre-commit autoupdate
• Additional commits viewable in compare view

Updates actions/cache from 3 to 4

Release notes

Sourced from actions/cache's releases.

v4.0.0

What's Changed

• Update action to node20 by @​takost in actions/cache#1284
• feat: save-always flag by @​to-s in actions/cache#1242

New Contributors

• @​takost made their first contribution in actions/cache#1284
• @​to-s made their first contribution in actions/cache#1242

Full Changelog: actions/cache@v3...v4.0.0

v3.3.3

What's Changed

• Cache v3.3.3 by @​robherley in actions/cache#1302

New Contributors

• @​robherley made their first contribution in actions/cache#1302

Full Changelog: actions/cache@v3...v3.3.3

v3.3.2

What's Changed

• Fixed readme with new segment timeout values by @​kotewar in actions/cache#1133
• Readme fixes by @​kotewar in actions/cache#1134
• Updated description of the lookup-only input for main action by @​kotewar in actions/cache#1130
• Change two new actions mention as quoted text by @​bishal-pdMSFT in actions/cache#1131
• Update Cross-OS Caching tips by @​pdotl in actions/cache#1122
• Bazel example (Take #2️⃣) by @​vorburger in actions/cache#1132
• Remove actions to add new PRs and issues to a project board by @​jorendorff in actions/cache#1187
• Consume latest toolkit and fix dangling promise bug by @​chkimes in actions/cache#1217
• Bump action version to 3.3.2 by @​bethanyj28 in actions/cache#1236

New Contributors

• @​vorburger made their first contribution in actions/cache#1132
• @​jorendorff made their first contribution in actions/cache#1187
• @​chkimes made their first contribution in actions/cache#1217
• @​bethanyj28 made their first contribution in actions/cache#1236

Full Changelog: actions/cache@v3...v3.3.2

v3.3.1

What's Changed

• Reduced download segment size to 128 MB and timeout to 10 minutes by @​kotewar in actions/cache#1129

Full Changelog: actions/cache@v3...v3.3.1

v3.3.0

What's Changed

• Bug: Permission is missing in cache delete example by @​kotokaze in actions/cache#1123

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

3.0.0

• Updated minimum runner version support from node 12 -> node 16

3.0.1

• Added support for caching from GHES 3.5.
• Fixed download issue for files > 2GB during restore.

3.0.2

• Added support for dynamic cache size cap on GHES.

3.0.3

• Fixed avoiding empty cache save when no files are available for caching. (issue)

3.0.4

• Fixed tar creation error while trying to create tar with path as ~/ home folder on ubuntu-latest. (issue)

3.0.5

• Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (PR)

3.0.6

• Fixed #809 - zstd -d: no such file or directory error
• Fixed #833 - cache doesn't work with github workspace directory

3.0.7

• Fixed #810 - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.

3.0.8

• Fix zstd not working for windows on gnu tar in issues #888 and #891.
• Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable SEGMENT_DOWNLOAD_TIMEOUT_MINS. Default is 60 minutes.

3.0.9

• Enhanced the warning message for cache unavailablity in case of GHES.

3.0.10

• Fix a bug with sorting inputs.
• Update definition for restore-keys in README.md

... (truncated)

Commits

• 13aacd8 Merge pull request #1242 from to-s/main
• 53b35c5 Merge branch 'main' into main
• 65b8989 Merge pull request #1284 from takost/update-to-node-20
• d0be34d Fix dist
• 66cf064 Merge branch 'main' into update-to-node-20
• 1326563 Merge branch 'main' into main
• e718767 Fix format
• 0122982 Apply workaround for earlyExit
• 3185ecf Update "only-" actions to node20
• 25618a0 Bump version
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[coveralls]

coverage: 84.534%. remained the same
when pulling 16f72c8 on dependabot/github_actions/actions-3aa76d2e00
into d37beda on master.

[henryiii]

@dependabot rebase