Closed dependabot[bot] closed 1 month ago
The provided code change is a GitHub Actions workflow file that automates the process of publishing a Python package to the Python Package Index (PyPI) when a new release is created, including setting up a Python environment, installing dependencies, building the package, and using a third-party GitHub Action to publish the package to PyPI.
We ran 9 analyzers
against 1 file
and 0 analyzers
had findings. 9 analyzers
had no findings.
:green_circle: Risk threshold not exceeded.
Bumps pypa/gh-action-pypi-publish from 1.10.0 to 1.10.1.
Release notes
Sourced from pypa/gh-action-pypi-publish's releases.
Commits
0ab0b79
🚑 Invert the dists-to-attest validity checkDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show