From cf258445fc954142dbcbc1ff816027c90fbc58e6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 1 May 2026 03:55:37 +0000 Subject: [PATCH] Bump the github-actions group with 5 updates Bumps the github-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.16.1` | `2.19.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.35.1` | `4.35.2` | | [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) | `1.13.0` | `1.14.0` | | [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `3.0.0` | `3.1.0` | Updates `step-security/harden-runner` from 2.16.1 to 2.19.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/fe104658747b27e96e4f7e80cd0a94068e53901d...8d3c67de8e2fe68ef647c8db1e6a09f647780f40) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v7...v7.0.1) Updates `github/codeql-action` from 4.35.1 to 4.35.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/c10b8064de6f491fea524254123dbe5e09572f13...95e58e9a2cdfd71adc6e0353d5c52f41a045d225) Updates `pypa/gh-action-pypi-publish` from 1.13.0 to 1.14.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e...cef221092ed1bacb1cc03d23a2d87d1d172e277b) Updates `dependabot/fetch-metadata` from 3.0.0 to 3.1.0 - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/ffa630c65fa7e0ecfa0625b5ceda64399aea1b36...25dd0e34f4fe68f24cc83900b1fe3fe149efef98) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.35.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: pypa/gh-action-pypi-publish dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: dependabot/fetch-metadata dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/_build.yaml | 4 ++-- .github/workflows/_build_doc.yaml | 2 +- .github/workflows/_codecov.yaml | 4 ++-- .github/workflows/_codeql.yaml | 8 ++++---- .github/workflows/_pre_commit.yaml | 2 +- .github/workflows/_pypi_publish.yaml | 4 ++-- .github/workflows/_pypi_test_publish.yaml | 4 ++-- .github/workflows/_test_futures_private.yaml | 2 +- .github/workflows/_test_futures_public.yaml | 2 +- .github/workflows/_test_spot_private.yaml | 2 +- .github/workflows/_test_spot_public.yaml | 2 +- .github/workflows/dependabot_auto_merge.yaml | 4 ++-- .github/workflows/scorecard.yml | 6 +++--- 13 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/workflows/_build.yaml b/.github/workflows/_build.yaml index 09fcbbe..ef7727a 100644 --- a/.github/workflows/_build.yaml +++ b/.github/workflows/_build.yaml @@ -27,7 +27,7 @@ jobs: runs-on: ${{ inputs.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: disable-sudo: true egress-policy: block @@ -103,7 +103,7 @@ jobs: } - name: Store the distribution packages - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 # upload artifacts with the oldest supported version if: runner.os == 'linux' && inputs.python-version == '3.11' with: diff --git a/.github/workflows/_build_doc.yaml b/.github/workflows/_build_doc.yaml index e67a217..cbe8d49 100644 --- a/.github/workflows/_build_doc.yaml +++ b/.github/workflows/_build_doc.yaml @@ -26,7 +26,7 @@ jobs: runs-on: ${{ inputs.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: egress-policy: audit diff --git a/.github/workflows/_codecov.yaml b/.github/workflows/_codecov.yaml index c1752be..3df142f 100644 --- a/.github/workflows/_codecov.yaml +++ b/.github/workflows/_codecov.yaml @@ -52,7 +52,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: disable-sudo: true egress-policy: audit @@ -94,7 +94,7 @@ jobs: run: pytest -vv -x --cov=kraken --cov-report=xml:coverage.xml --cov-report=term tests - name: Export coverage report - uses: actions/upload-artifact@v7.0.0 + uses: actions/upload-artifact@v7.0.1 with: name: coverage path: coverage.xml diff --git a/.github/workflows/_codeql.yaml b/.github/workflows/_codeql.yaml index 601790c..3b472aa 100644 --- a/.github/workflows/_codeql.yaml +++ b/.github/workflows/_codeql.yaml @@ -32,7 +32,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: egress-policy: audit disable-sudo: true @@ -51,7 +51,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5 + uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v3.29.5 with: languages: python # If you wish to specify custom queries, you can do so here or in a config file. @@ -64,7 +64,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5 + uses: github/codeql-action/autobuild@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v3.29.5 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -77,6 +77,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5 + uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v3.29.5 with: category: "/language:python" diff --git a/.github/workflows/_pre_commit.yaml b/.github/workflows/_pre_commit.yaml index 560c778..fb5fa06 100644 --- a/.github/workflows/_pre_commit.yaml +++ b/.github/workflows/_pre_commit.yaml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/_pypi_publish.yaml b/.github/workflows/_pypi_publish.yaml index 99a4543..b9f0968 100644 --- a/.github/workflows/_pypi_publish.yaml +++ b/.github/workflows/_pypi_publish.yaml @@ -28,7 +28,7 @@ jobs: url: https://pypi.org/p/python-kraken-sdk steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: disable-sudo: true egress-policy: block @@ -51,7 +51,7 @@ jobs: path: dist/ - name: Publish package distributions to PyPI - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1 + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # release/v1 with: password: ${{ secrets.API_TOKEN }} repository-url: https://upload.pypi.org/legacy/ diff --git a/.github/workflows/_pypi_test_publish.yaml b/.github/workflows/_pypi_test_publish.yaml index a0d7143..545ef2d 100644 --- a/.github/workflows/_pypi_test_publish.yaml +++ b/.github/workflows/_pypi_test_publish.yaml @@ -28,7 +28,7 @@ jobs: url: https://test.pypi.org/p/python-kraken-sdk steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: disable-sudo: true egress-policy: block @@ -50,7 +50,7 @@ jobs: path: dist/ - name: Publish package distributions to Test PyPI - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1 + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # release/v1 with: password: ${{ secrets.API_TOKEN }} repository-url: https://test.pypi.org/legacy/ diff --git a/.github/workflows/_test_futures_private.yaml b/.github/workflows/_test_futures_private.yaml index ec45b57..1f57b4b 100644 --- a/.github/workflows/_test_futures_private.yaml +++ b/.github/workflows/_test_futures_private.yaml @@ -44,7 +44,7 @@ jobs: cancel-in-progress: true steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/_test_futures_public.yaml b/.github/workflows/_test_futures_public.yaml index 4e08638..2fa32ac 100644 --- a/.github/workflows/_test_futures_public.yaml +++ b/.github/workflows/_test_futures_public.yaml @@ -31,7 +31,7 @@ jobs: timeout-minutes: 5 steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/_test_spot_private.yaml b/.github/workflows/_test_spot_private.yaml index 8099e89..21a2802 100644 --- a/.github/workflows/_test_spot_private.yaml +++ b/.github/workflows/_test_spot_private.yaml @@ -45,7 +45,7 @@ jobs: cancel-in-progress: true steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/_test_spot_public.yaml b/.github/workflows/_test_spot_public.yaml index 23455cc..1a20deb 100644 --- a/.github/workflows/_test_spot_public.yaml +++ b/.github/workflows/_test_spot_public.yaml @@ -31,7 +31,7 @@ jobs: timeout-minutes: 5 steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/dependabot_auto_merge.yaml b/.github/workflows/dependabot_auto_merge.yaml index b38419f..f868b6e 100644 --- a/.github/workflows/dependabot_auto_merge.yaml +++ b/.github/workflows/dependabot_auto_merge.yaml @@ -22,7 +22,7 @@ jobs: if: ${{ github.actor == 'dependabot[bot]' }} steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: disable-sudo: true egress-policy: block @@ -32,7 +32,7 @@ jobs: - name: Dependabot metadata id: dependabot-metadata - uses: dependabot/fetch-metadata@ffa630c65fa7e0ecfa0625b5ceda64399aea1b36 # v3.0.0 + uses: dependabot/fetch-metadata@25dd0e34f4fe68f24cc83900b1fe3fe149efef98 # v3.1.0 with: github-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 0eeae80..2af449c 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -34,7 +34,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 with: egress-policy: audit @@ -66,7 +66,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: SARIF file path: results.sarif @@ -74,6 +74,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5 + uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v3.29.5 with: sarif_file: results.sarif