From 61d3a69b1d5948d49e1976c77a31ac6c3db5b802 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Feb 2026 09:52:14 +0000 Subject: [PATCH 1/9] chore(ci): bump mikefarah/yq from 4.52.2 to 4.52.4 --- updated-dependencies: - dependency-name: mikefarah/yq dependency-version: 4.52.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/bootstrap.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/bootstrap.yml b/.github/workflows/bootstrap.yml index 7bd5c80..d96442c 100644 --- a/.github/workflows/bootstrap.yml +++ b/.github/workflows/bootstrap.yml @@ -41,7 +41,7 @@ jobs: echo "distribution=$DISTRIBUTION" >> $GITHUB_OUTPUT - name: Install yq - uses: mikefarah/yq@v4.52.2 + uses: mikefarah/yq@v4.52.4 - name: Load bootstrap config id: load_config From fd4676754943978de9f37e20b78b133e91657edc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Mar 2026 09:47:50 +0000 Subject: [PATCH 2/9] chore(ci): bump actions/download-artifact from 7 to 8 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 7 to 8. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v7...v8) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/cd.yml | 6 +++--- .github/workflows/ci.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 184e152..283e2c5 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -28,7 +28,7 @@ jobs: uses: actions/checkout@v6 - name: Download build artifacts - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 with: name: python-package-distributions-${{ github.event.workflow_run.head_sha }} path: dist/ @@ -98,7 +98,7 @@ jobs: # # steps: # - name: Download build artifacts -# uses: actions/download-artifact@v7 +# uses: actions/download-artifact@v8 # with: # name: python-package-distributions-${{ github.event.workflow_run.head_sha }} # path: dist/ @@ -123,7 +123,7 @@ jobs: # uses: actions/checkout@v6 # # - name: Download build artifacts -# uses: actions/download-artifact@v7 +# uses: actions/download-artifact@v8 # with: # name: python-package-distributions-${{ github.event.workflow_run.head_sha }} # path: dist/ diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f30b206..2fff045 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -150,7 +150,7 @@ jobs: uses: actions/checkout@v6 - name: Download build artifacts - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 with: name: python-package-distributions-${{ github.sha }} path: dist/ From 48bb595ce3f8bfe43092038178c06bed9f455e7d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Mar 2026 09:47:57 +0000 Subject: [PATCH 3/9] chore(ci): bump actions/upload-artifact from 6 to 7 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6 to 7. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 4 ++-- .github/workflows/pr-checks.yml | 2 +- .github/workflows/security.yml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f30b206..1cc1e8a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -79,7 +79,7 @@ jobs: - name: Upload coverage report as artifact if: ${{ matrix.os == 'ubuntu-latest' && matrix.python-version == env.PYTHON_VERSION }} - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: coverage-report-${{ matrix.python-version }}-${{ matrix.os }}-${{ github.run_id }} path: | @@ -119,7 +119,7 @@ jobs: uv build - name: Upload distribution as artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: python-package-distributions-${{ github.sha }} path: dist/ diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index fd98e0e..b8d15c9 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -152,7 +152,7 @@ jobs: - name: Upload coverage report as artifact if: always() - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: coverage-report-${{ env.PYTHON_VERSION }}-${{ github.run_id }} path: | diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index b6a285e..1a8b8fb 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -58,7 +58,7 @@ jobs: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - name: Upload SARIF as build artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: snyk-results path: | @@ -102,7 +102,7 @@ jobs: - name: Upload Bandit results if: always() - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: bandit-report path: bandit-report.json From 55a39a2b5c48f16e2017371e8153695337dcd4f1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Mar 2026 09:39:15 +0000 Subject: [PATCH 4/9] chore(ci): bump codecov/codecov-action from 5 to 6 Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5 to 6. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v5...v6) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 2 +- .github/workflows/pr-checks.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 252ec4a..c2ce177 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -88,7 +88,7 @@ jobs: - name: Upload coverage reports to Codecov if: ${{ matrix.os == 'ubuntu-latest' && matrix.python-version == env.PYTHON_VERSION }} - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@v6 with: token: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index b8d15c9..c2a003a 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -160,7 +160,7 @@ jobs: .log/coverage/coverage.xml - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@v6 with: token: ${{ secrets.CODECOV_TOKEN }} override_pr: ${{ github.event.pull_request.number }} From 814f71d37251d4bab84d6e6f2ad7ffc93420b5fc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Mar 2026 09:39:36 +0000 Subject: [PATCH 5/9] chore(ci): bump mikefarah/yq from 4.52.4 to 4.52.5 Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.52.4 to 4.52.5. - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](https://github.com/mikefarah/yq/compare/v4.52.4...v4.52.5) --- updated-dependencies: - dependency-name: mikefarah/yq dependency-version: 4.52.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/bootstrap.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/bootstrap.yml b/.github/workflows/bootstrap.yml index d96442c..b0b7b1a 100644 --- a/.github/workflows/bootstrap.yml +++ b/.github/workflows/bootstrap.yml @@ -41,7 +41,7 @@ jobs: echo "distribution=$DISTRIBUTION" >> $GITHUB_OUTPUT - name: Install yq - uses: mikefarah/yq@v4.52.4 + uses: mikefarah/yq@v4.52.5 - name: Load bootstrap config id: load_config From 2d2becac5420f8c1ea22633623866a15483965d0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Apr 2026 09:45:09 +0000 Subject: [PATCH 6/9] chore(ci): bump actions/github-script from 8 to 9 Bumps [actions/github-script](https://github.com/actions/github-script) from 8 to 9. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v8...v9) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: '9' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/pr-checks.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index c2a003a..61366ed 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -53,7 +53,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check PR has description - uses: actions/github-script@v8 + uses: actions/github-script@v9 with: script: | const pr = context.payload.pull_request; @@ -225,7 +225,7 @@ jobs: uses: actions/checkout@v6 - name: Apply labels based on PR title - uses: actions/github-script@v8 + uses: actions/github-script@v9 with: script: | const prTitle = context.payload.pull_request.title.toLowerCase(); From 5d36dac3126f58daf3406cdbc09d79bbe1b33e1f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Apr 2026 09:45:10 +0000 Subject: [PATCH 7/9] chore(deps): update python-dotenv requirement from >=1.2.1 to >=1.2.2 Updates the requirements on [python-dotenv](https://github.com/theskumar/python-dotenv) to permit the latest version. - [Release notes](https://github.com/theskumar/python-dotenv/releases) - [Changelog](https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md) - [Commits](https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2) --- updated-dependencies: - dependency-name: python-dotenv dependency-version: 1.2.2 dependency-type: direct:development ... Signed-off-by: dependabot[bot] --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 66b7668..8359cf8 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -24,7 +24,7 @@ quality = ["prek>=0.3.1", "bandit[toml]>=1.7.6", "ruff>=0.14.7", "mypy>=1.19.0"] dev = [ {include-group = "test"}, {include-group = "quality"}, - "python-dotenv>=1.2.1", + "python-dotenv>=1.2.2", ] [project.urls] From 6361bc4da6f3503e097d33bf522c1bbea0f45c18 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Apr 2026 09:45:13 +0000 Subject: [PATCH 8/9] chore(deps): update pytest-cov requirement from >=7.0.0 to >=7.1.0 Updates the requirements on [pytest-cov](https://github.com/pytest-dev/pytest-cov) to permit the latest version. - [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest-cov/compare/v7.0.0...v7.1.0) --- updated-dependencies: - dependency-name: pytest-cov dependency-version: 7.1.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 66b7668..aba82cb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -19,7 +19,7 @@ dependencies = [ ] [dependency-groups] -test = ["pytest>=9.0.0", "pytest-cov>=7.0.0"] +test = ["pytest>=9.0.0", "pytest-cov>=7.1.0"] quality = ["prek>=0.3.1", "bandit[toml]>=1.7.6", "ruff>=0.14.7", "mypy>=1.19.0"] dev = [ {include-group = "test"}, From d176b6072657caeacfa2867719385624bb112c29 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Apr 2026 09:45:27 +0000 Subject: [PATCH 9/9] chore(deps): update pydantic-settings requirement Updates the requirements on [pydantic-settings](https://github.com/pydantic/pydantic-settings) to permit the latest version. - [Release notes](https://github.com/pydantic/pydantic-settings/releases) - [Commits](https://github.com/pydantic/pydantic-settings/compare/v2.12.0...v2.13.1) --- updated-dependencies: - dependency-name: pydantic-settings dependency-version: 2.13.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 66b7668..bbe2f67 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -14,7 +14,7 @@ classifiers = [ ] dependencies = [ - "pydantic-settings>=2.12.0", + "pydantic-settings>=2.13.1", "structlog>=25.5.0", ]