github/codeql-action (github/codeql-action)
### [`v2.26.9`](https://redirect.github.com/github/codeql-action/compare/v2.26.8...v2.26.9)
[Compare Source](https://redirect.github.com/github/codeql-action/compare/v2.26.8...v2.26.9)
### [`v2.26.8`](https://redirect.github.com/github/codeql-action/compare/v2.26.7...v2.26.8)
[Compare Source](https://redirect.github.com/github/codeql-action/compare/v2.26.7...v2.26.8)
pypa/gh-action-pypi-publish (pypa/gh-action-pypi-publish)
### [`v1.10.2`](https://redirect.github.com/pypa/gh-action-pypi-publish/releases/tag/v1.10.2)
[Compare Source](https://redirect.github.com/pypa/gh-action-pypi-publish/compare/v1.10.1...v1.10.2)
#### π Cosmetic Output Improvements
In [#250](https://redirect.github.com/pypa/gh-action-pypi-publish/issues/250) and [#258](https://redirect.github.com/pypa/gh-action-pypi-publish/issues/258), [@facutuesca](https://redirect.github.com/facutuesca)[π°](https://redirect.github.com/sponsors/facutuesca) added a nudge message with a magic link to pre-fill the creation of new Trusted Publishers configurations on PyPI. The users are now suggested to configure tokenless publishing by clicking a link printed in the job summary when it's detected that they publish to PyPI or TestPyPI. Just like magic! π¦
#### π οΈ Internal Dependencies
[@woodruffw](https://redirect.github.com/woodruffw)[π°](https://redirect.github.com/sponsors/woodruffw) bumped `pypi-attestations` to v0.0.12 in [#262](https://redirect.github.com/pypa/gh-action-pypi-publish/issues/262), ~hopefully fixing [#263](https://redirect.github.com/pypa/gh-action-pypi-publish/issues/263). π€~ Nah.. that wasn't it.
> \[!TIP]
> Please keep in mind that reusable workflows are not yet supported, even though they sometimes work, mostly by accident.
#### πͺ New Contributors
[@facutuesca](https://redirect.github.com/facutuesca) made their first contribution in [https://github.com/pypa/gh-action-pypi-publish/pull/258](https://redirect.github.com/pypa/gh-action-pypi-publish/pull/258)
**πͺ Full Diff**: https://github.com/pypa/gh-action-pypi-publish/compare/v1.10.1...v1.10.2
**π§ββοΈ Release Manager:** [@webknjaz πΊπ¦](https://redirect.github.com/sponsors/webknjaz)
**π Special Thanks** to [@henryiii](https://redirect.github.com/henryiii)[π°](https://redirect.github.com/sponsors/henryiii) for promptly pointing up possible fixes for [#263](https://redirect.github.com/pypa/gh-action-pypi-publish/issues/263).
Configuration
π Schedule: Branch creation - "before 6am on wednesday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π» Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
v2.26.7
->v2.26.9
v3.26.7
->v3.26.9
v1.10.1
->v1.10.2
Release Notes
github/codeql-action (github/codeql-action)
### [`v2.26.9`](https://redirect.github.com/github/codeql-action/compare/v2.26.8...v2.26.9) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v2.26.8...v2.26.9) ### [`v2.26.8`](https://redirect.github.com/github/codeql-action/compare/v2.26.7...v2.26.8) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v2.26.7...v2.26.8)pypa/gh-action-pypi-publish (pypa/gh-action-pypi-publish)
### [`v1.10.2`](https://redirect.github.com/pypa/gh-action-pypi-publish/releases/tag/v1.10.2) [Compare Source](https://redirect.github.com/pypa/gh-action-pypi-publish/compare/v1.10.1...v1.10.2) #### π Cosmetic Output Improvements In [#250](https://redirect.github.com/pypa/gh-action-pypi-publish/issues/250) and [#258](https://redirect.github.com/pypa/gh-action-pypi-publish/issues/258), [@facutuesca](https://redirect.github.com/facutuesca)[π°](https://redirect.github.com/sponsors/facutuesca) added a nudge message with a magic link to pre-fill the creation of new Trusted Publishers configurations on PyPI. The users are now suggested to configure tokenless publishing by clicking a link printed in the job summary when it's detected that they publish to PyPI or TestPyPI. Just like magic! π¦ #### π οΈ Internal Dependencies [@woodruffw](https://redirect.github.com/woodruffw)[π°](https://redirect.github.com/sponsors/woodruffw) bumped `pypi-attestations` to v0.0.12 in [#262](https://redirect.github.com/pypa/gh-action-pypi-publish/issues/262), ~hopefully fixing [#263](https://redirect.github.com/pypa/gh-action-pypi-publish/issues/263). π€~ Nah.. that wasn't it. > \[!TIP] > Please keep in mind that reusable workflows are not yet supported, even though they sometimes work, mostly by accident. #### πͺ New Contributors [@facutuesca](https://redirect.github.com/facutuesca) made their first contribution in [https://github.com/pypa/gh-action-pypi-publish/pull/258](https://redirect.github.com/pypa/gh-action-pypi-publish/pull/258) **πͺ Full Diff**: https://github.com/pypa/gh-action-pypi-publish/compare/v1.10.1...v1.10.2 **π§ββοΈ Release Manager:** [@webknjaz πΊπ¦](https://redirect.github.com/sponsors/webknjaz) **π Special Thanks** to [@henryiii](https://redirect.github.com/henryiii)[π°](https://redirect.github.com/sponsors/henryiii) for promptly pointing up possible fixes for [#263](https://redirect.github.com/pypa/gh-action-pypi-publish/issues/263).Configuration
π Schedule: Branch creation - "before 6am on wednesday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π» Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.