Merge pull request #178 from statisticsnorway/dependabot/github_actions/dot-github/workflows/github_actions-38de3f66d6

aecorn · web-flow · commit b0012f80c831 · 2025-11-05T14:00:44.000+01:00
Bump the github_actions group across 1 directory with 2 updates
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -62,11 +62,11 @@ jobs:
 
       - name: Publish package on PyPI
         if: steps.check-version.outputs.tag
-        uses: pypa/gh-action-pypi-publish@v1.12.4
+        uses: pypa/gh-action-pypi-publish@v1.13.0
 
       - name: Publish package on TestPyPI
         if: (!steps.check-version.outputs.tag)
-        uses: pypa/gh-action-pypi-publish@v1.12.4
+        uses: pypa/gh-action-pypi-publish@v1.13.0
         with:
           repository-url: https://test.pypi.org/legacy/
 
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -176,4 +176,4 @@ jobs:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         # No need to run SonarCloud analysis if dependabot update or token not defined
         if: env.SONAR_TOKEN != '' && (github.actor != 'dependabot[bot]')
-        uses: SonarSource/sonarqube-scan-action@v5.2.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
