diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7261cba..0e8d512 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,10 +26,10 @@ jobs: matrix: python-version: ["3.11", "3.12"] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Install uv - uses: astral-sh/setup-uv@v4 + uses: astral-sh/setup-uv@v7 with: version: "latest" @@ -56,10 +56,10 @@ jobs: name: Code Quality & Type Checking runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Install uv - uses: astral-sh/setup-uv@v4 + uses: astral-sh/setup-uv@v7 with: version: "latest" @@ -119,8 +119,8 @@ jobs: - runner: ubuntu-latest target: ppc64le steps: - - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 + - uses: actions/checkout@v5 + - uses: actions/setup-python@v6 with: python-version: '3.11' - name: Build wheels @@ -131,7 +131,7 @@ jobs: sccache: 'true' manylinux: auto - name: Upload wheels - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: wheels-linux-${{ matrix.platform.target }} path: dist @@ -147,8 +147,8 @@ jobs: - runner: windows-latest target: x86 steps: - - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 + - uses: actions/checkout@v5 + - uses: actions/setup-python@v6 with: python-version: '3.11' architecture: ${{ matrix.platform.target }} @@ -159,7 +159,7 @@ jobs: args: --release --out dist --find-interpreter sccache: 'true' - name: Upload wheels - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: wheels-windows-${{ matrix.platform.target }} path: dist @@ -175,8 +175,8 @@ jobs: - runner: macos-14 target: aarch64 steps: - - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 + - uses: actions/checkout@v5 + - uses: actions/setup-python@v6 with: python-version: '3.11' - name: Build wheels @@ -186,7 +186,7 @@ jobs: args: --release --out dist --find-interpreter sccache: 'true' - name: Upload wheels - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: wheels-macos-${{ matrix.platform.target }} path: dist @@ -195,14 +195,14 @@ jobs: runs-on: ubuntu-latest needs: [test, lint] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Build sdist uses: PyO3/maturin-action@v1 with: command: sdist args: --out dist - name: Upload sdist - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: wheels-sdist path: dist @@ -215,7 +215,7 @@ jobs: permissions: id-token: write steps: - - uses: actions/download-artifact@v4 + - uses: actions/download-artifact@v5 - name: Publish to PyPI uses: PyO3/maturin-action@v1 env: diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index 77946ae..c570b7d 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -25,7 +25,7 @@ jobs: id-token: write steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: fetch-depth: 1 diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 9779fa2..c4cc84a 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -17,21 +17,21 @@ jobs: security: name: Security Scan runs-on: ubuntu-latest + # issues: write — rustsec/audit-check creates issues for new advisories. + # checks: write — rustsec/audit-check posts check annotations. permissions: issues: write - issues-reason: to create issues checks: write - checks-reason: to create check steps: - - uses: actions/checkout@v4 - + - uses: actions/checkout@v5 + - name: Run Rust security audit - uses: rustsec/audit-check@v1.4.1 + uses: rustsec/audit-check@v2.0.0 with: token: ${{ secrets.GITHUB_TOKEN }} - + - name: Install uv - uses: astral-sh/setup-uv@v4 + uses: astral-sh/setup-uv@v7 with: version: "latest" @@ -56,8 +56,8 @@ jobs: security-events: write steps: - name: Checkout repository - uses: actions/checkout@v4 - + uses: actions/checkout@v5 + - name: Initialize CodeQL uses: github/codeql-action/init@v3 with: