Merge pull request #787 from byllyfish/deps

Update dependencies and github actions.

.github/workflows/ci.yml

@@ -33,7 +33,7 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+ uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
  with:
  egress-policy: audit
  - name: Checkout
@@ -148,7 +148,7 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+ uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
  with:
  egress-policy: audit
 
@@ -189,7 +189,7 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+ uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
  with:
  egress-policy: audit
 
@@ -219,7 +219,7 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+ uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
  with:
  egress-policy: audit
  - name: Checkout

.github/workflows/codeql.yml

@@ -41,7 +41,7 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+ uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
  with:
  egress-policy: audit
 
@@ -50,7 +50,7 @@ jobs:
 
  # Initializes the CodeQL tools for scanning.
  - name: Initialize CodeQL
- uses: github/codeql-action/init@2d790406f505036ef40ecba973cc774a50395aac # v3.25.13
+ uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
  with:
  languages: ${{ matrix.language }}
  # If you wish to specify custom queries, you can do so here or in a config file.
@@ -60,7 +60,7 @@ jobs:
  # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
  # If this step fails, then you should remove it and run the build manually (see below)
  - name: Autobuild
- uses: github/codeql-action/autobuild@2d790406f505036ef40ecba973cc774a50395aac # v3.25.13
+ uses: github/codeql-action/autobuild@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
 
  # ℹ️ Command-line programs to run using the OS shell.
  # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -73,6 +73,6 @@ jobs:
  # ./location_of_script_within_repo/buildscript.sh
 
  - name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@2d790406f505036ef40ecba973cc774a50395aac # v3.25.13
+ uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
  with:
  category: "/language:${{matrix.language}}"

.github/workflows/dependency-review.yml

@@ -17,7 +17,7 @@ jobs:
  runs-on: ubuntu-latest
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+ uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
  with:
  egress-policy: audit
 

.github/workflows/docs.yml

@@ -13,7 +13,7 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+ uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
  with:
  egress-policy: audit
 
@@ -45,7 +45,7 @@ jobs:
  url: ${{ steps.deployment.outputs.page_url }}
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+ uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
  with:
  egress-policy: audit
 

.github/workflows/publish.yml

@@ -15,7 +15,7 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+ uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
  with:
  egress-policy: audit
  - name: Checkout
@@ -28,7 +28,7 @@ jobs:
  poetry --version
  poetry build
  - name: Upload packages
- uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
  with:
  name: package_dists
  path: dist/
@@ -43,7 +43,7 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+ uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
  with:
  egress-policy: audit
  - name: Download packages
@@ -52,7 +52,7 @@ jobs:
  name: package_dists
  path: dist/
  - name: Publish package to PyPI
- uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # release/v1
+ uses: pypa/gh-action-pypi-publish@8a08d616893759ef8e1aa1f2785787c0b97e20d6 # release/v1
  with:
  verbose: true
  print-hash: true

.github/workflows/scorecards.yml

@@ -31,7 +31,7 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+ uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
  with:
  egress-policy: audit
 
@@ -41,7 +41,7 @@ jobs:
  persist-credentials: false
 
  - name: "Run analysis"
- uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
+ uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
  with:
  results_file: results.sarif
  results_format: sarif
@@ -63,14 +63,14 @@ jobs:
  # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
  # format to the repository Actions tab.
  - name: "Upload artifact"
- uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
  with:
  name: SARIF file
  path: results.sarif
  retention-days: 5
 
  # Upload the results to GitHub's code scanning dashboard.
  - name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@2d790406f505036ef40ecba973cc774a50395aac # v3.25.13
+ uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
  with:
  sarif_file: results.sarif