Bump the gh-actions group with 5 updates (#286)

dependabot[bot] · web-flow · commit a3c70563a7b2 · 2025-10-01T22:30:45.000+02:00
Bumps the gh-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4` | `5` | | [prefix-dev/setup-pixi](https://github.com/prefix-dev/setup-pixi) | `0.8.14` | `0.9.1` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4` | `5` | | [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) | `1.12.4` | `1.13.0` | | [isbang/compose-action](https://github.com/isbang/compose-action) | `2.3.0` | `2.4.0` | Updates `actions/checkout` from 4 to 5 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v4...v5) Updates `prefix-dev/setup-pixi` from 0.8.14 to 0.9.1 - [Release notes](https://github.com/prefix-dev/setup-pixi/releases) - [Commits](prefix-dev/setup-pixi@v0.8.14...v0.9.1) Updates `actions/download-artifact` from 4 to 5 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v4...v5) Updates `pypa/gh-action-pypi-publish` from 1.12.4 to 1.13.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](pypa/gh-action-pypi-publish@76f52bc...ed0c539) Updates `isbang/compose-action` from 2.3.0 to 2.4.0 - [Release notes](https://github.com/isbang/compose-action/releases) - [Commits](hoverkraft-tech/compose-action@40041ff...b716db5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions - dependency-name: prefix-dev/setup-pixi dependency-version: 0.9.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions - dependency-name: actions/download-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions - dependency-name: pypa/gh-action-pypi-publish dependency-version: 1.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions - dependency-name: isbang/compose-action dependency-version: 2.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/nightly_tests.yml b/.github/workflows/nightly_tests.yml
@@ -12,7 +12,7 @@ jobs:
     outputs:
       should-run: ${{ steps.should-run.outputs.should-run }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: check if latest commit is within 24 hrs
         id: should-run
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -14,10 +14,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout branch
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up pixi
-        uses: prefix-dev/setup-pixi@v0.8.14
+        uses: prefix-dev/setup-pixi@v0.9.1
         with:
           environments: release
 
@@ -63,12 +63,12 @@ jobs:
       contents: write
     environment: pypi
     steps:
-      - uses: actions/download-artifact@v4
+      - uses: actions/download-artifact@v5
         with:
           name: artifact
           path: dist
       - name: Publish package on PyPi
-        uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4
+        uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
         with:
           # the twine version in the container is outdated
           # and results in a false positive
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -33,16 +33,16 @@ jobs:
     runs-on: ${{ inputs.os }}
     timeout-minutes: ${{ inputs.timeout-minutes }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: Setup Pixi
-        uses: prefix-dev/setup-pixi@v0.8.14
+        uses: prefix-dev/setup-pixi@v0.9.1
         with:
           environments: ${{ inputs.environment }}
 
       - name: Start Docker Compose
         if: ${{ inputs.docker-services != '' }}
-        uses: isbang/compose-action@40041ff1b97dbf152cd2361138c2b03fa29139df
+        uses: isbang/compose-action@b716db5b717cb9b81e391fe638e5aceaa2299e43
         with:
           compose-file: docker-compose.yaml
           services: ${{ inputs.docker-services }}
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -24,9 +24,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout branch
-        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+        uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.2.1
       - name: Set up pixi
-        uses: prefix-dev/setup-pixi@8ca4608ef7f4daeb54f5205b20d0b7cb42f11143 # v0.8.1
+        uses: prefix-dev/setup-pixi@194d461b21b6c5717c722ffc597fa91ed2ff29fa # v0.8.1
       - name: Install repository
         # needed for generate-col-ops hook
         run: pixi run postinstall
diff --git a/.github/workflows/update-lockfiles.yml b/.github/workflows/update-lockfiles.yml
@@ -13,9 +13,9 @@ jobs:
   pixi-update:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Set up pixi
-        uses: prefix-dev/setup-pixi@v0.8.14
+        uses: prefix-dev/setup-pixi@v0.9.1
         with:
           run-install: false
       - name: Update lockfiles
