diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index afe7886..affb27d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,7 +14,7 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: astral-sh/setup-uv@v7 - run: uv sync --all-extras - run: uv run ruff check src/ tests/ @@ -23,7 +23,7 @@ jobs: type-check: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: astral-sh/setup-uv@v7 - run: uv sync --all-extras - run: uv run mypy src/medcheck @@ -31,7 +31,7 @@ jobs: security: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: astral-sh/setup-uv@v7 - run: uv sync --all-extras - run: uv run bandit -r src/medcheck -ll -q @@ -44,13 +44,13 @@ jobs: os: [ubuntu-latest, windows-latest, macos-latest] python-version: ["3.10", "3.12", "3.13"] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: astral-sh/setup-uv@v7 with: python-version: ${{ matrix.python-version }} - run: uv sync --all-extras - run: uv run pytest tests/ --cov=medcheck --cov-report=xml --cov-fail-under=80 - - uses: codecov/codecov-action@v6 + - uses: codecov/codecov-action@v7 if: matrix.os == 'ubuntu-latest' && matrix.python-version == '3.13' with: token: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6efce90..1a10280 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -12,8 +12,8 @@ jobs: permissions: security-events: write steps: - - uses: actions/checkout@v6 - - uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4 + - uses: actions/checkout@v7 + - uses: github/codeql-action/init@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4 with: languages: python - - uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4 + - uses: github/codeql-action/analyze@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ffdf7b2..d7cac4d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -27,7 +27,7 @@ jobs: name: Build & verify package runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v7 - uses: astral-sh/setup-uv@v7 - name: Verify tag matches package version @@ -79,7 +79,7 @@ jobs: contents: read packages: write # push to GHCR steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v7 - uses: docker/setup-buildx-action@v4