search

MDAnalysis / mdanalysis

MDAnalysis is a Python library to analyze molecular dynamics simulations.
https://mdanalysis.org
Other
1.26k stars 641 forks source link

Bump the github-actions group across 1 directory with 8 updates #4623

Closed dependabot[bot] closed 1 week ago

dependabot[bot] commented 1 week ago

Bumps the github-actions group with 8 updates in the / directory:

Package From To
actions/setup-python 4 5
actions/github-script 6 7
actions/upload-artifact 3 4
actions/download-artifact 3 4
pypa/gh-action-pypi-publish 1.8.10 1.9.0
codecov/codecov-action 3 4
actions/labeler 3 5
akaihola/darker 1.6.1 2.1.1

Updates actions/setup-python from 4 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: https://github.com/actions/setup-python/compare/v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

New Contributors

Full Changelog: https://github.com/actions/setup-python/compare/v4...v4.8.0

v4.7.1

What's Changed

Full Changelog: https://github.com/actions/setup-python/compare/v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table>

... (truncated)

Commits
  • 82c7e63 Documentation changes for avoiding rate limit issues on GHES (#835)
  • 10aa35a feat: fallback to raw endpoint for manifest when rate limit is reached (#766)
  • 9a7ac94 Bump undici from 5.27.2 to 5.28.3 (#817)
  • 871daa9 Fix the "Specifying multiple Python/PyPy versions" link (#782)
  • 2f07895 Fix broken README.md link (#793)
  • e9d6f99 Replace setup-python@v4 by setup-python@v5 in README (#776)
  • 0a5c615 Update action to node20 (#772)
  • 0ae5836 Add example of GraalPy to docs (#773)
  • b64ffca update actions/checkout to v4 (#761)
  • 8d28961 Examples now use checkout@v4 (#738)
  • Additional commits viewable in compare view


Updates actions/github-script from 6 to 7

Release notes

Sourced from actions/github-script's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/github-script/compare/v6.4.1...v7.0.0

v6.4.1

What's Changed

New Contributors

Full Changelog: https://github.com/actions/github-script/compare/v6.4.0...v6.4.1

v6.4.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/github-script/compare/v6.3.3...v6.4.0

v6.3.3

What's Changed

New Contributors

Full Changelog: https://github.com/actions/github-script/compare/v6.3.2...v6.3.3

v6.3.2

What's Changed

... (truncated)

Commits
  • 60a0d83 Merge pull request #440 from actions/joshmgross/v7.0.1
  • b7fb200 Update version to 7.0.1
  • 12e22ed Merge pull request #439 from actions/joshmgross/avoid-setting-base-url
  • d319f8f Avoid setting baseUrl to undefined when input is not provided
  • e69ef54 Merge pull request #425 from actions/joshmgross/node-20
  • ee0914b Update licenses
  • d6fc56f Use @types/node for Node 20
  • 384d6cf Fix quotations in tests
  • 8472492 Only validate GraphQL previews
  • 84903f5 Remove node-fetch from type
  • Additional commits viewable in compare view


Updates actions/upload-artifact from 3 to 4

Release notes

Sourced from actions/upload-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

ℹ️ However, this is a major update that includes breaking changes. Artifacts created with versions v3 and below are not compatible with the v4 actions. Uploads and downloads must use the same major actions versions. There are also key differences from previous versions that may require updates to your workflows.

For more information, please see:

  1. The changelog post.
  2. The README.
  3. The migration documentation.
  4. As well as the underlying npm package, @​actions/artifact documentation.

New Contributors

Full Changelog: https://github.com/actions/upload-artifact/compare/v3...v4.0.0

v3.1.3

What's Changed

Full Changelog: https://github.com/actions/upload-artifact/compare/v3...v3.1.3

v3.1.2

  • Update all @actions/* NPM packages to their latest versions- #374
  • Update all dev dependencies to their most recent versions - #375

v3.1.1

  • Update actions/core package to latest version to remove set-output deprecation warning #351

v3.1.0

What's Changed

Commits
  • 6546280 updating package version
  • c004fb4 Merge branch 'main' into eggyhead/use-artifact-v2.1.6
  • 90aba49 updating toolkit artifact dependency to 2.1.6
  • b06cde3 Merge pull request #563 from actions/eggyhead/release-4.3.2
  • 1746f4a Revert "updating to release 4.3.2"
  • 31685d0 updating to release 4.3.2
  • 18bf333 Merge pull request #562 from actions/eggyhead/update-artifact-v215
  • dac413b update package lock version
  • bb3b4a3 updating package version
  • 3e3da83 updating artifact and core dependencies
  • Additional commits viewable in compare view


Updates actions/download-artifact from 3 to 4

Release notes

Sourced from actions/download-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

ℹ️ However, this is a major update that includes breaking changes. Artifacts created with versions v3 and below are not compatible with the v4 actions. Uploads and downloads must use the same major actions versions. There are also key differences from previous versions that may require updates to your workflows.

For more information, please see:

  1. The changelog post.
  2. The README.
  3. The migration documentation.
  4. As well as the underlying npm package, @​actions/artifact documentation.

New Contributors

Full Changelog: https://github.com/actions/download-artifact/compare/v3...v4.0.0

v3.0.2

  • Bump @actions/artifact to v1.1.1 - actions/download-artifact#195
  • Fixed a bug in Node16 where if an HTTP download finished too quickly (<1ms, e.g. when it's mocked) we attempt to delete a temp file that has not been created yet actions/toolkit#1278

v3.0.1

Commits
  • 65a9edc Merge pull request #325 from bethanyj28/main
  • fdd1595 licensed
  • c13dba1 update @​actions/artifact dependency
  • 0daa75e Merge pull request #324 from actions/eggyhead/use-artifact-v2.1.6
  • 9c19ed7 Merge branch 'main' into eggyhead/use-artifact-v2.1.6
  • 3d3ea87 updating license
  • 89af5db updating artifact package v2.1.6
  • b4aefff Merge pull request #323 from actions/eggyhead/update-artifact-v215
  • 8caf195 package lock update
  • d7a2ec4 updating package version
  • Additional commits viewable in compare view


Updates pypa/gh-action-pypi-publish from 1.8.10 to 1.9.0

Release notes

Sourced from pypa/gh-action-pypi-publish's releases.

v1.9.0

💅 Cosmetic Output Improvements

🛠️ Internal Dependencies

  • pre-commit linters got auto-updated @ #225
  • some notable dependency bumps include
    • cryptography == 42.0.7
    • id == 1.4.0
    • idna == 3.7 via #228
    • requests == 2.32.0 via #240
    • Twine == 5.1.0

⚙️ Secret Stuff

In #241, @​br3ndonland💰 added a Docker label linking the container image to this repository for GHCR to display it nicely. This is preparatory work for a big performance-focused refactoring he's working on in #230.

💪 New Contributors

🪞 Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.14...v1.9.0

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

🙏 Special Thanks to @​pradyunsg💰 for promptly unblocking this release to Marketplace as GitHub started asking for yet another developer agreement signature from the organization admins.

v1.8.14

🛠️ Internal Dependencies

Nothing changed feature-wise. The only notable update is that the underlying container runtime now uses Python 3.12 and pip has been updated to v24.0 there. This is should go unnoticed in terms of behavior. It's just a bit of maintenance burden to be done occasionally by @​webknjaz💰. Enjoy!

🪞 Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.13...v1.8.14

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

v1.8.13

🐛 What's Fixed

This action is now able to consume and publish distribution packages with Metadata-Version: 2.3 embedded.

🛠️ Internal Dependencies

@​SigureMo💰 sent us a bump of pkginfo version to version 1.10.0 in #219. It's a transitive dependency for us and is not an API-level change but upgrading it has a side effect of letting Twine recognize distribution packages declaring Metadata-Version: 2.3. In particular, it is known to affect distributions built with Maturin >= 1.5.0.

Following that, @​webknjaz💰 upgraded other transitive and direct dependency pins, including, among others, the following notable bumps:

  • cryptography == 42.0.5

... (truncated)

Commits
  • ec4db0b Merge PR #243 into unstable/v1
  • e790844 oidc-exchange: link to status dashboard
  • 87b624f 💅Update homepage @ Dockerfile to GH Marketplace
  • da2f9bb Merge pull request #241 from br3ndonland/ghcr-label
  • abbea2d Add Docker label for GHCR
  • 2734d07 build(deps): bump requests from 2.31.0 to 2.32.0 in /requirements (#240)
  • a54b9b8 ---
  • 699cd61 ⇪📦 Bump the runtime dep lockfile
  • 8414fc2 [pre-commit.ci] pre-commit autoupdate (#225)
  • 67a07eb Disable the progress bar when running twine upload
  • Additional commits viewable in compare view


Updates codecov/codecov-action from 3 to 4

Release notes

Sourced from codecov/codecov-action's releases.

v4.0.0

v4 of the Codecov Action uses the CLI as the underlying upload. The CLI has helped to power new features including local upload, the global upload token, and new upcoming features.

Breaking Changes

  • The Codecov Action runs as a node20 action due to node16 deprecation. See this post from GitHub on how to migrate.
  • Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OS projects do not need the upstream repo's Codecov token). This doc shows instructions on how to add the Codecov token.
  • OS platforms have been added, though some may not be automatically detected. To see a list of platforms, see our CLI download page
  • Various arguments to the Action have been changed. Please be aware that the arguments match with the CLI's needs

v3 versions and below will not have access to CLI features (e.g. global upload token, ATS).

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

  • #1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

  • No current support for aarch64 and alpine architectures.
  • Tokenless uploading is unsuported
  • Various arguments to the Action have been removed

3.1.4

Fixes

  • #967 Fix typo in README.md
  • #971 fix: add back in working dir
  • #969 fix: CLI option names for uploader

Dependencies

  • #970 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3
  • #979 build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2
  • #981 build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4

3.1.3

Fixes

  • #960 fix: allow for aarch64 build

Dependencies

  • #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
  • #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
  • #959 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12

3.1.2

Fixes

  • #718 Update README.md
  • #851 Remove unsupported path_to_write_report argument
  • #898 codeql-analysis.yml
  • #901 Update README to contain correct information - inputs and negate feature
  • #955 fix: add in all the extra arguments for uploader

Dependencies

  • #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
  • #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
  • #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
  • #841 build(deps): bump @​actions/core from 1.9.1 to 1.10.0
  • #843 build(deps): bump @​actions/github from 5.0.3 to 5.1.1
  • #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
  • #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
  • #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2

... (truncated)

Commits
  • e28ff12 chore(release): bump to 4.5.0 (#1477)
  • 7594baa Use an existing token even if the PR is from a fork (#1471)
  • 81c0a51 feat: add support for tokenless v3 (#1410)
  • f5e203f build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.12.0 to 7.13.0 ...
  • 7c48363 build(deps-dev): bump braces from 3.0.2 to 3.0.3 (#1475)
  • 69e5d09 build(deps-dev): bump @​typescript-eslint/parser from 7.12.0 to 7.13.0 (#1474)
  • feaf700 fix: handle trailing commas (#1470)
  • 7b6a727 build(deps): bump github/codeql-action from 3.25.7 to 3.25.8 (#1472)
  • ccf7a1f build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.11.0 to 7.12.0 ...
  • f03f015 build(deps-dev): bump @​typescript-eslint/parser from 7.11.0 to 7.12.0 (#1467)
  • Additional commits viewable in compare view


Updates actions/labeler from 3 to 5

Release notes

Sourced from actions/labeler's releases.

v5.0.0

What's Changed

This release contains the following breaking changes:

  1. The ability to apply labels based on the names of base and/or head branches was added (#186 and #54). The match object for changed files was expanded with new combinations in order to make it more intuitive and flexible (#423 and #101). As a result, the configuration file structure was significantly redesigned and is not compatible with the structure of the previous version. Please read the action documentation to find out how to adapt your configuration files for use with the new action version.

  2. The bug related to the sync-labels input was fixed (#112). Now the input value is read correctly.

  3. By default, dot input is set to true. Now, paths starting with a dot (e.g. .github) are matched by default.

  4. Version 5 of this action updated the runtime to Node.js 20. All scripts are now run with Node.js 20 instead of Node.js 16 and are affected by any breaking changes between Node.js 16 and 20.

For more information, please read the action documentation.

New Contributors

Full Changelog: https://github.com/actions/labeler/compare/v4...v5.0.0

v5.0.0-beta.1

What's Changed

In scope of this beta release, the structure of the configuration file (.github/labeler.yml) was changed from

LabelName:
- any:
  - changed-files: ['list', 'of', 'globs']
  - base-branch: ['list', 'of', 'regexps']
  - head-branch: ['list', 'of', 'regexps']
- all:
  - changed-files: ['list', 'of', 'globs']
  - base-branch: ['list', 'of', 'regexps']
  - head-branch: ['list', 'of', 'regexps']

to

LabelName:
- any:
  - changed-files: 
    - AnyGlobToAnyFile: ['list', 'of', 'globs']
    - AnyGlobToAllFiles: ['list', 'of', 'globs']
    - AllGlobsToAnyFile: ['list', 'of', 'globs']
    - AllGlobsToAllFiles: ['list', 'of', 'globs']
  - base-branch: ['list', 'of', 'regexps']
  - head-branch: ['list', 'of', 'regexps']
- all:
  - changed-files:
    - AnyGlobToAnyFile: ['list', 'of', 'globs']
    - AnyGlobToAllFiles: ['list', 'of', 'globs']
    - AllGlobsToAnyFile: ['list', 'of', 'globs']
</tr></table>

... (truncated)

Commits
  • 8558fd7 Merge pull request #709 from actions/v5.0.0-beta
  • 000ca75 Merge pull request #700 from MaksimZhukov/apply-suggestions-and-update-docume...
  • cb66c2f Update dist
  • 9181355 Apply suggestions for the beta vesrion and update the documentation
  • efe4c1c Merge pull request #699 from MaksimZhukov/update-node-runtime-and-dependencies
  • c0957ad Run Prettier
  • 8dc8d18 Update Node.js version in reusable workflows
  • d0d0bbe Update documentation
  • 1375c42 5.0.0
  • ab7411e Change version of Node.js runtime to node20
  • Additional commits viewable in compare view


Updates akaihola/darker from 1.6.1 to 2.1.1

Release notes

Sourced from akaihola/darker's releases.

2.1.1

Added

  • In the Darker configuration file under [tool.darker], the Black configuration options skip_string_normalization and skip_magic_trailing_comma have been deprecated and will be removed in Darker 3.0. A deprecation warning is now displayed if they are still used.

Removed

  • The release_tools/update_contributors.py script was moved to the darkgray-dev-tools repository.

Fixed

  • A dash (-) is now allowed as the single source filename when using the --stdout option. This makes the option compatible with the new Black extension for VSCode.
  • Badge links in the README on GitHub.
  • Handling of relative paths and running from elsewhere than repository root.

2.1.0

Added

  • Mark the Darker package as annotated with type hints.
  • Update to ioggstream/bandit-report-artifacts@v1.7.4 in CI.
  • Support for Python 3.12 in the package metadata and the CI build.
  • Update to Black 24.2.x and isort 5.13.x in pre-commit configuration.
  • Test against Flynt master branch in the CI build.
  • Update to Darkgraylib 1.1.1 to get fixes for README formatting.
  • Improved "How does it work?" section in the README.
  • README section on limitations and work-arounds.

Removed

  • bump_version.py is now in the separate darkgray-dev-tools repository.
  • Skip tests on Python 3.13-dev in Windows and macOS. C extension builds are failing, this exclusion is to be removed when Python 3.13 has been removed.

Fixed

  • Bump-version pre-commit hook pattern: rev: vX.Y.Z instead of X.Y.Z.
  • Escape pipe symbols (|) in the README to avoid RestructuredText rendering issues.
  • Compatibility with Flynt 0.78.0 and newer.

2.0.0

Added

  • The command darker --config=check-darker.toml now runs Flake8, Mypy, pydocstyle, Pylint and Ruff on modified lines in Python files. Those tools are included in the [test] extra.
  • The minimum Ruff version is now 0.0.292. Its configuration in pyproject.toml has been updated accordingly.
  • The contribution guide now gives better instructions for reformatting and linting.
  • Separate GitHub workflow for checking code formatting and import sorting.
  • Also check the action, release tools and setup.py in the build workflows.

... (truncated)

Changelog

Sourced from akaihola/darker's changelog.

2.1.1_ - 2024-04-16

Added

  • In the Darker configuration file under [tool.darker], the Black configuration options skip_string_normalization and skip_magic_trailing_comma have been deprecated and will be removed in Darker 3.0. A deprecation warning is now displayed if they are still used.

Removed

  • The release_tools/update_contributors.py script was moved to the darkgray-dev-tools repository.

Fixed

  • A dash (-) is now allowed as the single source filename when using the --stdout option. This makes the option compatible with the new Black extension for VSCode__.
  • Badge links in the README on GitHub.
  • Handling of relative paths and running from elsewhere than repository root.

__ https://github.com/microsoft/vscode-black-formatter

2.1.0_ - 2024-03-27

Added

  • Mark the Darker package as annotated with type hints.
  • Update to ioggstream/bandit-report-artifacts@v1.7.4 in CI.
  • Support for Python 3.12 in the package metadata and the CI build.
  • Update to Black 24.2.x and isort 5.13.x in pre-commit configuration.
  • Test against Flynt master branch in the CI build.
  • Update to Darkgraylib 1.1.1 to get fixes for README formatting.
  • Improved "How does it work?" section in the README.
  • README section on limitations and work-arounds.

Removed

  • bump_version.py is now in the separate darkgray-dev-tools repository.
  • Skip tests on Python 3.13-dev in Windows and macOS. C extension builds are failing, this exclusion is to be removed when Python 3.13 has been removed.

Fixed

  • Bump-version pre-commit hook pattern: rev: vX.Y.Z instead of X.Y.Z.
  • Escape pipe symbols (|) in the README to avoid RestructuredText rendering issues.

... (truncated)

Commits
github-actions[bot] commented 1 week ago

Linter Bot Results:

Hi @dependabot[bot]! Thanks for making this PR. We linted your code and found the following:

There are currently no issues detected! 🎉

codecov[bot] commented 1 week ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 93.17%. Comparing base (ac07f00) to head (0a9d5d5).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## develop #4623 +/- ## =========================================== - Coverage 93.63% 93.17% -0.46% =========================================== Files 171 12 -159 Lines 21225 1069 -20156 Branches 3930 0 -3930 =========================================== - Hits 19873 996 -18877 + Misses 894 73 -821 + Partials 458 0 -458 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.