Skip to content

build(deps): bump the actions group across 1 directory with 4 updates#263

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/actions-f9179c0bba
Open

build(deps): bump the actions group across 1 directory with 4 updates#263
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/actions-f9179c0bba

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 15, 2026

Bumps the actions group with 4 updates in the / directory: astral-sh/setup-uv, mlugg/setup-zig, cross-platform-actions/action and PyO3/maturin-action.

Updates astral-sh/setup-uv from 7.1.6 to 7.3.0

Release notes

Sourced from astral-sh/setup-uv's releases.

v7.3.0 🌈 New features and bug fixes for activate-environment

Changes

This release contains a few bug fixes and a new feature for the activate-environment functionality.

🐛 Bug fixes

🚀 Enhancements

🧰 Maintenance

📚 Documentation

⬆️ Dependency updates

v7.2.0 🌈 add outputs python-version and python-cache-hit

Changes

Among some minor typo fixes and quality of life features for developers of actions the main feature of this release are new outputs:

  • python-version: The Python version that was set (same content as existing UV_PYTHON)
  • python-cache-hit: A boolean value to indicate the Python cache entry was found

While implementing this it became clear, that it is easier to handle the Python binaries in a separate cache entry. The added benefit for users is that the "normal" cache containing the dependencies can be used in all runs no matter if these cache the Python binaries or not.

[!NOTE]
This release will invalidate caches that contain the Python binaries. This happens a single time.

🐛 Bug fixes

  • chore: remove stray space from UV_PYTHON_INSTALL_DIR message @​akx (#720)

... (truncated)

Commits
  • eac588a Bump typesafegithub/github-actions-typing from 2.2.1 to 2.2.2 (#753)
  • a97c6cb Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (#751)
  • 02182fa fix: warn instead of error when no python to cache (#762)
  • a3b3eae chore: update known checksums for 0.10.0 (#759)
  • 78cebec fix: use --clear to create venv (#761)
  • b6b8e2c refactor: tilde-expansion tests as unittests and no self-hosted tests (#760)
  • e31bec8 chore: update known checksums for 0.9.30 (#756)
  • db2b65e Bump actions/checkout from 6.0.1 to 6.0.2 (#740)
  • 3511ff7 feat: add venv-path input for activate-environment (#746)
  • 99b0f04 Fix punctuation (#747)
  • Additional commits viewable in compare view

Updates mlugg/setup-zig from 2.1.0 to 2.2.1

Release notes

Sourced from mlugg/setup-zig's releases.

v2.2.1

  • Print which version of Zig was installed
  • Add a little more log output (helps debug cache issues)

[!NOTE] The setup-zig project is now hosted on Codeberg, and this GitHub repository exists as a mirror solely to work around the vendor lock-in mechanisms employed by GitHub Actions. While there are no plans to discontinue GitHub Actions support, I would nonetheless encourage users to consider upgrading to Forgejo Actions on a non-profit forge like Codeberg to avoid being affected by GitHub's profit-driven behavior (such as attempting to charge users by the minute for using their own hardware).

v2.2.0

  • Update dependencies
  • Replace libsodium dependency with node:crypto, improving target support
  • Use hardcoded mirror list when ziglang.org is inaccessible
  • Fix incorrect tarball names when fetching certain versions

[!NOTE] The setup-zig project is now hosted on Codeberg, and this GitHub repository exists as a mirror solely to work around the vendor lock-in mechanisms employed by GitHub Actions. While there are no plans to discontinue GitHub Actions support, I would nonetheless encourage users to consider upgrading to Forgejo Actions on a non-profit forge like Codeberg to avoid being affected by GitHub's profit-driven behavior (such as attempting to charge users by the minute for using their own hardware).

Commits
  • d1434d0 Add a bit more logging
  • 449e896 print resolved Zig version
  • e7d1537 Use named capture groups for version string matching
  • 43a69a5 Use cur_dev and min_dev in comparison versionLessThan
  • 7465018 use hardcoded community mirror list when ziglang.org is inaccessible
  • d91b47d tests: fix typo in workflow
  • 7296b2b npm update
  • 1796bca minisign: replace libsodium dependency with node:crypto
  • c09d84c npm: remove direct dependency on unused package
  • See full diff in compare view

Updates cross-platform-actions/action from 0.31.0 to 0.32.0

Release notes

Sourced from cross-platform-actions/action's releases.

Cross Platform Action 0.32.0

Added

  • Add support for OmniOS
Changelog

Sourced from cross-platform-actions/action's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

[0.32.0] - 2025-12-21

Added

  • Add support for OmniOS

[0.31.0] - 2025-12-15

Added

  • Add support for FreeBSD 15.0 (#114)

Fixed

  • Fix empty hostname (#113)

[0.30.0] - 2025-11-04

Added

  • Document how to report a security vulnerability
  • Add support for OpenBSD 7.8 (#112)

Security

[0.29.0] - 2025-07-22

Added

Fixed

  • Fix file sync on Haiku (#104)

[0.28.0] - 2025-05-19

Added

[0.27.0] - 2025-01-22

Added

  • Add support for NetBSD 10.1 (#95)

[0.26.0] - 2024-04-12

Added

  • Add support for FreeBSD 13.4
  • Add support for OpenBSD 7.6 (openbsd-builder#20)
  • Add support for FreeBSD 14.2

... (truncated)

Commits

Updates PyO3/maturin-action from 1.49.4 to 1.50.0

Release notes

Sourced from PyO3/maturin-action's releases.

v1.50.0

What's Changed

New Contributors

Full Changelog: PyO3/maturin-action@v1.49.4...v1.50.0

Commits
  • b1bd829 Update dependencies to latest versions with ESM and Node 24 (#409)
  • e8dfe2d Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (#407)
  • a7a0737 Bump actions/setup-python from 6.1.0 to 6.2.0 (#406)
  • 0177072 Bump actions/setup-node from 6.1.0 to 6.2.0 (#405)
  • 0584c36 Bump zizmorcore/zizmor-action from 0.3.0 to 0.4.1 (#404)
  • 06e22d5 Bump actions/checkout from 6.0.1 to 6.0.2 (#403)
  • f8fa3c6 Allow build loongarch64 and riscv64 for musllinux (#408)
  • 1511a23 Document how to harden release pipelines (#400)
  • 47fbb7a Add alias for riscv on manylinux (#399)
  • 9fc14be Update versions-manifest.json (#398)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the actions group across 1 directory with 4 updates
0f15ab7 
Bumps the actions group with 4 updates in the / directory: [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv), [mlugg/setup-zig](https://github.com/mlugg/setup-zig), [cross-platform-actions/action](https://github.com/cross-platform-actions/action) and [PyO3/maturin-action](https://github.com/pyo3/maturin-action).


Updates `astral-sh/setup-uv` from 7.1.6 to 7.3.0
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](astral-sh/setup-uv@681c641...eac588a)

Updates `mlugg/setup-zig` from 2.1.0 to 2.2.1
- [Release notes](https://github.com/mlugg/setup-zig/releases)
- [Commits](mlugg/setup-zig@fa65c40...d1434d0)

Updates `cross-platform-actions/action` from 0.31.0 to 0.32.0
- [Release notes](https://github.com/cross-platform-actions/action/releases)
- [Changelog](https://github.com/cross-platform-actions/action/blob/master/changelog.md)
- [Commits](cross-platform-actions/action@3fbf272...492b0c8)

Updates `PyO3/maturin-action` from 1.49.4 to 1.50.0
- [Release notes](https://github.com/pyo3/maturin-action/releases)
- [Commits](PyO3/maturin-action@86b9d13...b1bd829)

---
updated-dependencies:
- dependency-name: astral-sh/setup-uv
  dependency-version: 7.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: mlugg/setup-zig
  dependency-version: 2.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: cross-platform-actions/action
  dependency-version: 0.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: PyO3/maturin-action
  dependency-version: 1.50.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Feb 15, 2026
@codecov
Copy link

codecov bot commented Feb 15, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 96.90%. Comparing base (af0328a) to head (0f15ab7).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #263   +/-   ##
=======================================
  Coverage   96.90%   96.90%           
=======================================
  Files          14       14           
  Lines        3167     3167           
=======================================
  Hits         3069     3069           
  Misses         98       98

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants