From 86a0fbcf2341584e0f35a5a282d2d777f0595526 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 13 Jun 2026 10:14:01 +0000 Subject: [PATCH 1/2] =?UTF-8?q?=E2=AC=86=20Bump=20the=20github-actions=20g?= =?UTF-8?q?roup=20with=202=20updates?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv). Updates `actions/checkout` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10) Updates `astral-sh/setup-uv` from 8.1.0 to 8.2.0 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/08807647e7069bb48b6ef5acd8ec9567f424441b...fac544c07dec837d0ccb6301d7b5580bf5edae39) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: astral-sh/setup-uv dependency-version: 8.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/deploy-production.yml | 2 +- .github/workflows/deploy-staging.yml | 2 +- .github/workflows/latest-changes.yml | 2 +- .github/workflows/playwright.yml | 8 ++++---- .github/workflows/pre-commit.yml | 6 +++--- .github/workflows/smokeshow.yml | 4 ++-- .github/workflows/test-backend.yml | 4 ++-- .github/workflows/test-docker-compose.yml | 2 +- .github/workflows/zizmor.yml | 2 +- 9 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/deploy-production.yml b/.github/workflows/deploy-production.yml index 84257bbcdf..fbc1d61093 100644 --- a/.github/workflows/deploy-production.yml +++ b/.github/workflows/deploy-production.yml @@ -30,7 +30,7 @@ jobs: SENTRY_DSN: ${{ secrets.SENTRY_DSN }} steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false - run: docker compose -f compose.yml --project-name ${{ secrets.STACK_NAME_PRODUCTION }} build diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml index bb0c1dc286..f4cb222f2b 100644 --- a/.github/workflows/deploy-staging.yml +++ b/.github/workflows/deploy-staging.yml @@ -30,7 +30,7 @@ jobs: SENTRY_DSN: ${{ secrets.SENTRY_DSN }} steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false - run: docker compose -f compose.yml --project-name ${{ secrets.STACK_NAME_STAGING }} build diff --git a/.github/workflows/latest-changes.yml b/.github/workflows/latest-changes.yml index 577d976c7b..76c94e0d8b 100644 --- a/.github/workflows/latest-changes.yml +++ b/.github/workflows/latest-changes.yml @@ -30,7 +30,7 @@ jobs: env: GITHUB_CONTEXT: ${{ toJson(github) }} run: echo "$GITHUB_CONTEXT" - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: # To allow latest-changes to commit to the main branch token: ${{ secrets.LATEST_CHANGES }} # zizmor: ignore[secrets-outside-env] diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright.yml index f604b84154..74a115f7a4 100644 --- a/.github/workflows/playwright.yml +++ b/.github/workflows/playwright.yml @@ -25,7 +25,7 @@ jobs: outputs: changed: ${{ steps.filter.outputs.changed }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false # For pull requests it's not necessary to checkout the code but for the main branch it is @@ -52,7 +52,7 @@ jobs: shardTotal: [4] fail-fast: false steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false - uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0 @@ -67,7 +67,7 @@ jobs: with: limit-access-to-actor: true - name: Install uv - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 + uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 with: # Before upgrading uv version, make sure astral-sh/setup-uv knows its checksum. # See: https://github.com/astral-sh/setup-uv/issues/851#issuecomment-4282017837 @@ -100,7 +100,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 5 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false - uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0 diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index cdbacd4a91..2db5db3ba1 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -21,7 +21,7 @@ jobs: env: GITHUB_CONTEXT: ${{ toJson(github) }} run: echo "$GITHUB_CONTEXT" - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 name: Checkout PR for own repo if: env.HAS_SECRETS == 'true' with: @@ -34,7 +34,7 @@ jobs: token: ${{ secrets.PRE_COMMIT }} # zizmor: ignore[secrets-outside-env] persist-credentials: true # Required for `git push` command # pre-commit lite ci needs the default checkout configs to work - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 name: Checkout PR for fork if: env.HAS_SECRETS == 'false' with: @@ -50,7 +50,7 @@ jobs: with: python-version: "3.11" - name: Setup uv - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 + uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 with: # Before upgrading uv version, make sure astral-sh/setup-uv knows its checksum. # See: https://github.com/astral-sh/setup-uv/issues/851#issuecomment-4282017837 diff --git a/.github/workflows/smokeshow.yml b/.github/workflows/smokeshow.yml index ea3941fe8a..ba2ca5eca1 100644 --- a/.github/workflows/smokeshow.yml +++ b/.github/workflows/smokeshow.yml @@ -16,14 +16,14 @@ jobs: statuses: write steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.13" - name: Setup uv - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 + uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 with: # Before upgrading uv version, make sure astral-sh/setup-uv knows its checksum. # See: https://github.com/astral-sh/setup-uv/issues/851#issuecomment-4282017837 diff --git a/.github/workflows/test-backend.yml b/.github/workflows/test-backend.yml index 13d46fb328..2394d734eb 100644 --- a/.github/workflows/test-backend.yml +++ b/.github/workflows/test-backend.yml @@ -17,7 +17,7 @@ jobs: timeout-minutes: 5 steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false - name: Set up Python @@ -25,7 +25,7 @@ jobs: with: python-version: "3.10" - name: Install uv - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 + uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 with: # Before upgrading uv version, make sure astral-sh/setup-uv knows its checksum. # See: https://github.com/astral-sh/setup-uv/issues/851#issuecomment-4282017837 diff --git a/.github/workflows/test-docker-compose.yml b/.github/workflows/test-docker-compose.yml index a3d4acd216..760bfd231e 100644 --- a/.github/workflows/test-docker-compose.yml +++ b/.github/workflows/test-docker-compose.yml @@ -18,7 +18,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false - run: docker compose build diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index a04a1c1380..7e9bd2a02a 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -17,7 +17,7 @@ jobs: security-events: write # Required for upload-sarif (used by zizmor-action) to upload SARIF files. steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false - name: Run zizmor From eb920591f3fcfd7040d68c4731b5aa9c0111d0f0 Mon Sep 17 00:00:00 2001 From: Yurii Motov Date: Tue, 16 Jun 2026 10:35:33 +0200 Subject: [PATCH 2/2] Bump `uv` version for `astral-sh/setup-uv` --- .github/workflows/playwright.yml | 2 +- .github/workflows/pre-commit.yml | 2 +- .github/workflows/smokeshow.yml | 2 +- .github/workflows/test-backend.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright.yml index 74a115f7a4..a1e815753c 100644 --- a/.github/workflows/playwright.yml +++ b/.github/workflows/playwright.yml @@ -71,7 +71,7 @@ jobs: with: # Before upgrading uv version, make sure astral-sh/setup-uv knows its checksum. # See: https://github.com/astral-sh/setup-uv/issues/851#issuecomment-4282017837 - version: "0.11.4" + version: "0.11.18" - run: uv sync working-directory: backend - run: bun ci diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 2db5db3ba1..a493968bd7 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -54,7 +54,7 @@ jobs: with: # Before upgrading uv version, make sure astral-sh/setup-uv knows its checksum. # See: https://github.com/astral-sh/setup-uv/issues/851#issuecomment-4282017837 - version: "0.11.4" + version: "0.11.18" cache-dependency-glob: | requirements**.txt pyproject.toml diff --git a/.github/workflows/smokeshow.yml b/.github/workflows/smokeshow.yml index ba2ca5eca1..092a11fc5d 100644 --- a/.github/workflows/smokeshow.yml +++ b/.github/workflows/smokeshow.yml @@ -27,7 +27,7 @@ jobs: with: # Before upgrading uv version, make sure astral-sh/setup-uv knows its checksum. # See: https://github.com/astral-sh/setup-uv/issues/851#issuecomment-4282017837 - version: "0.11.4" + version: "0.11.18" cache-dependency-glob: | pyproject.toml uv.lock diff --git a/.github/workflows/test-backend.yml b/.github/workflows/test-backend.yml index 2394d734eb..cda39627ff 100644 --- a/.github/workflows/test-backend.yml +++ b/.github/workflows/test-backend.yml @@ -29,7 +29,7 @@ jobs: with: # Before upgrading uv version, make sure astral-sh/setup-uv knows its checksum. # See: https://github.com/astral-sh/setup-uv/issues/851#issuecomment-4282017837 - version: "0.11.4" + version: "0.11.18" - run: docker compose down -v --remove-orphans - run: docker compose up -d db mailcatcher - name: Migrate DB