Sourced from actions/setup-python's releases.

v5.4.0

What's Changed

Enhancements:

• Update cache error message by @​aparnajyothi-y in actions/setup-python#968
• Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 by @​priya-kinthali in actions/setup-python#985
• Configure Dependabot settings by @​HarithaVattikuti in actions/setup-python#1008

Documentation changes:

• Readme update - recommended permissions by @​benwells in actions/setup-python#1009
• Improve Advanced Usage examples by @​lrq3000 in actions/setup-python#645

Dependency updates:

• Upgrade undici from 5.28.4 to 5.28.5 by @​dependabot in actions/setup-python#1012
• Upgrade urllib3 from 1.25.9 to 1.26.19 in /tests/data by @​dependabot in actions/setup-python#895
• Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot in actions/setup-python#1014
• Upgrade @actions/http-client from 2.2.1 to 2.2.3 by @​dependabot in actions/setup-python#1020
• Upgrade requests from 2.24.0 to 2.32.2 in /tests/data by @​dependabot in actions/setup-python#1019
• Upgrade @actions/cache to ^4.0.0 by @​priyagupta108 in actions/setup-python#1007

New Contributors

• @​benwells made their first contribution in actions/setup-python#1009
• @​HarithaVattikuti made their first contribution in actions/setup-python#1008
• @​lrq3000 made their first contribution in actions/setup-python#645

Full Changelog: actions/setup-python@v5...v5.4.0

• 4237552 Improve Advanced Usage examples (#645)
• 709bfa5 Bump requests from 2.24.0 to 2.32.2 in /tests/data (#1019)
• ceb20b2 Bump @​actions/http-client from 2.2.1 to 2.2.3 (#1020)
• 0dc2d2c Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#1014)
• feb9c6e Bump urllib3 from 1.25.9 to 1.26.19 in /tests/data (#895)
• d0b4fc4 Bump undici from 5.28.4 to 5.28.5 (#1012)
• e3dfaac Configure Dependabot settings (#1008)
• b8cf3eb Use the new cache service: upgrade @actions/cache to ^4.0.0 (#1007)
• 1928ae6 Update README.md (#1009)
• 3fddbee Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 (#985)
• Additional commits viewable in compare view

Sourced from actions/attest-build-provenance's releases.

v2.2.0

What's Changed

• Bump actions/attest from v2.1.0 to v2.2.0 by @​bdehamer in actions/attest-build-provenance#449
  • Includes support for now subject-checksums input parameter

Full Changelog: actions/attest-build-provenance@v2.1.0...v2.2.0

• 520d128 bump actions/attest from v2.1.0 to v2.2.0 (#449)
• 5d2ced9 Add example of upload-artifaction integration (#450)
• 3c016c1 bump actions/attest from v2.1.0 to v2.2.0 (#449)
• e06bbaf Bump the npm-development group with 3 updates (#447)
• 47c6e87 Bump the npm-development group with 4 updates (#444)
• c083b46 Bump the npm-development group with 2 updates (#438)
• 1b4b366 Bump typescript-eslint in the npm-development group (#434)
• 963f8a0 Bump the npm-development group with 2 updates (#429)
• 4ecada3 Bump the npm-development group across 1 directory with 3 updates (#422)
• f4b7552 bump eslint from 8.57.1 to 9.16.0 (#418)
• See full diff in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.12.4

✨ What's Changed

The main theme of this patch release that the support for uploading PEP 639 licensing metadata to PyPI has been fixed in #327.

🛠️ Internal Updates

A few smaller updates include the attestation existence being checked earlier in the process now, listing all the violating files together, not just one (PR #315). And the lock file with the software available in runtime has been re-pinned in #329. Additionally, the CI now runs the smoke-tests against both Ubuntu 22.04 and 24.04 explicitly via da900af96347cc027433720ad4f122117645459d.

🪞 Full Diff: pypa/gh-action-pypi-publish@v1.12.3...v1.12.4

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

🙏 Special Thanks to @​dnicolodi💰 and @​woodruffw💰 for releasing the license metadata support fix in Twine!

💬 Discuss on Bluesky 🦋, on Mastodon 🐘 and on GitHub.

• 76f52bc Merge pull request #329 from webknjaz/maintenance/runtime-lockfile-24-02-2025
• 72de13b 📌 Mass-upgrade transitive dependency pins
• 1995f2e Merge pull request #327 from webknjaz/maintenance/twine-6.1-pep639
• 29f40bd 📦 Enable metadata 2.4 support in Twine
• 10df67d 📦 Enable support for PEP 639 metadata
• e0449d2 🧪 Integrate a unified alls-green GHA status
• cebc64f 🧪 Bump setuptools in smoke test to v75.8.0
• da900af 🧪 Run smoke tests against Ubuntu 24 and 22
• 8cafb5c 💰 Sync the funding config
• 916e576 Merge pull request #315 from webknjaz/refactoring/attestations-exist-bundle
• Additional commits viewable in compare view

Sourced from github/codeql-action's releases.

v3.28.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.8 - 29 Jan 2025

• Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

See the full CHANGELOG.md for more information.

v3.28.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.7 - 29 Jan 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.6

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.6 - 27 Jan 2025

• Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

See the full CHANGELOG.md for more information.

v3.28.5

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.5 - 24 Jan 2025

• Update default CodeQL bundle version to 2.20.3. #2717

See the full CHANGELOG.md for more information.

v3.28.4

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.4 - 23 Jan 2025

... (truncated)

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.8 - 29 Jan 2025

• Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

3.28.7 - 29 Jan 2025

No user facing changes.

3.28.6 - 27 Jan 2025

• Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

3.28.5 - 24 Jan 2025

• Update default CodeQL bundle version to 2.20.3. #2717

3.28.4 - 23 Jan 2025

No user facing changes.

3.28.3 - 22 Jan 2025

• Update default CodeQL bundle version to 2.20.2. #2707
• Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the CodeQL Action sync tool and the Actions runner did not have Zstandard installed. #2710
• Uploading debug artifacts for CodeQL analysis is temporarily disabled. #2712

3.28.2 - 21 Jan 2025

No user facing changes.

3.28.1 - 10 Jan 2025

• CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see this changelog post. #2677
• Update default CodeQL bundle version to 2.20.1. #2678

3.28.0 - 20 Dec 2024

• Bump the minimum CodeQL bundle version to 2.15.5. #2655
• Don't fail in the unusual case that a file is on the search path. #2660.

3.27.9 - 12 Dec 2024

... (truncated)

• dd74661 Merge pull request #2746 from github/update-v3.28.8-a91a3f767
• 3210a3c Fix Kotlin version in changelog
• 72f9d02 Update changelog for v3.28.8
• a91a3f7 Merge pull request #2744 from github/igfoo/kot2.1.10
• c520fb5 Merge pull request #2745 from github/mergeback/v3.28.7-to-main-6e545590
• 3879c57 Add changelog entry
• 0c21937 Run "npm run build"
• 5a61bf0 Kotlin: The 2.20.3 release supports Kotlin 2.1.10.
• 163d119 Update checked-in dependencies
• bcf5cec Update changelog and version after v3.28.7
• Additional commits viewable in compare view

Sourced from actions/stale's releases.

v9.1.0

What's Changed

• Documentation update by @​Marukome0743 in actions/stale#1116
• Add workflow file for publishing releases to immutable action package by @​Jcambass in actions/stale#1179
• Update undici from 5.28.2 to 5.28.4 by @​dependabot in actions/stale#1150
• Update actions/checkout from 3 to 4 by @​dependabot in actions/stale#1091
• Update actions/publish-action from 0.2.2 to 0.3.0 by @​dependabot in actions/stale#1147
• Update ts-jest from 29.1.1 to 29.2.5 by @​dependabot in actions/stale#1175
• Update @​actions/core from 1.10.1 to 1.11.1 by @​dependabot in actions/stale#1191
• Update @​types/jest from 29.5.11 to 29.5.14 by @​dependabot in actions/stale#1193
• Update @​actions/cache from 3.2.2 to 4.0.0 by @​dependabot in actions/stale#1194

New Contributors

• @​Marukome0743 made their first contribution in actions/stale#1116
• @​Jcambass made their first contribution in actions/stale#1179

Full Changelog: actions/stale@v9...v9.1.0

• 5bef64f build(deps): bump @​actions/cache from 3.2.2 to 4.0.0 (#1194)
• fa77dfd build(deps-dev): bump @​types/jest from 29.5.11 to 29.5.14 (#1193)
• f04443d build(deps): bump @​actions/core from 1.10.1 to 1.11.1 (#1191)
• 5c715b0 build(deps-dev): bump ts-jest from 29.1.1 to 29.2.5 (#1175)
• f691222 build(deps): bump actions/publish-action from 0.2.2 to 0.3.0 (#1147)
• df990c2 build(deps): bump actions/checkout from 3 to 4 (#1091)
• 6e472ce Merge pull request #1179 from actions/Jcambass-patch-1
• d10ba64 Merge pull request #1150 from actions/dependabot/npm_and_yarn/undici-5.28.4
• bbf3da5 resolve check failures
• 6a2e61d Add workflow file for publishing releases to immutable action package
• Additional commits viewable in compare view

Sourced from Quansight-Labs/setup-python's releases.

v5.4.0

This release supports installing Python 3.14t.a0

Full Changelog: Quansight-Labs/setup-python@v5.3.0...v5.4.0

• 869aeaf Fix lint
• 40cc54b Add freethreaded input and fix handling of prerelease versions
• 6aeccc6 Fix desugaring of 3.13.1t and add test case.
• 4ff908a Add free threading to advanced usage documentation
• 536ce35 Revert README changes
• 870b55e Update README to add examples to install 3.13t
• 6313221 Use 'Quansight-Labs' repo
• ffbe519 Support free threaded Python versions like '3.13t'
• 4237552 Improve Advanced Usage examples (#645)
• 709bfa5 Bump requests from 2.24.0 to 2.32.2 in /tests/data (#1019)
• Additional commits viewable in compare view

Sourced from codecov/codecov-action's releases.

v5.3.1

What's Changed

• fix: add docs and copy over dist by @​thomasrockhu-codecov in codecov/codecov-action#1752

Full Changelog: codecov/codecov-action@v5.3.0...v5.3.1

v5.3.0

What's Changed

• Update README with reqs by @​thomasrockhu-codecov in codecov/codecov-action#1749
• chore(release): wrapper -0.1.0 by @​codecov-releaser-app in codecov/codecov-action#1750
• chore(release): 5.3.0 by @​thomasrockhu-codecov in codecov/codecov-action#1751

Full Changelog: codecov/codecov-action@v5.2.0...v5.3.0

v5.2.0

What's Changed

• fix: remove erroneous linebreak in readme by @​Vampire in codecov/codecov-action#1734
• feat: add disable-telem feature by @​thomasrockhu-codecov in codecov/codecov-action#1739
• chore(deps): bump wrapper to 0.0.32 by @​thomasrockhu-codecov in codecov/codecov-action#1740
• build(deps): bump actions/upload-artifact from 4.4.3 to 4.6.0 by @​dependabot in codecov/codecov-action#1743
• build(deps): bump github/codeql-action from 3.27.9 to 3.28.1 by @​dependabot in codecov/codecov-action#1742
• use correct audience when requesting oidc token by @​juho9000 in codecov/codecov-action#1744
• Th/add commands by @​thomasrockhu-codecov in codecov/codecov-action#1745
• Fix typo in README by @​tserg in codecov/codecov-action#1747
• chore(release): bump to 5.2.0 by @​thomasrockhu-codecov in codecov/codecov-action#1748

New Contributors

• @​Vampire made their first contribution in codecov/codecov-action#1734
• @​juho9000 made their first contribution in codecov/codecov-action#1744
• @​tserg made their first contribution in codecov/codecov-action#1747

Full Changelog: codecov/codecov-action@v5.1.2...v5.2.0

Sourced from codecov/codecov-action's changelog.

v5.3.1

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.3.0..v5.3.1

v5.3.0

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.2.0..v5.3.0

v5.2.0

What's Changed

• Fix typo in README by @​tserg in codecov/codecov-action#1747
• Th/add commands by @​thomasrockhu-codecov in codecov/codecov-action#1745
• use correct audience when requesting oidc token by @​juho9000 in codecov/codecov-action#1744
• build(deps): bump github/codeql-action from 3.27.9 to 3.28.1 by @​app/dependabot in codecov/codecov-action#1742
• build(deps): bump actions/upload-artifact from 4.4.3 to 4.6.0 by @​app/dependabot in codecov/codecov-action#1743
• chore(deps): bump wrapper to 0.0.32 by @​thomasrockhu-codecov in codecov/codecov-action#1740
• feat: add disable-telem feature by @​thomasrockhu-codecov in codecov/codecov-action#1739
• fix: remove erroneous linebreak in readme by @​Vampire in codecov/codecov-action#1734

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.1.2..v5.2.0

v5.1.2

What's Changed

• fix: update statment by @​thomasrockhu-codecov in codecov/codecov-action#1726
• fix: update action script by @​thomasrockhu-codecov in codecov/codecov-action#1725
• fix: prevent oidc on tokenless due to permissioning by @​thomasrockhu-codecov in codecov/codecov-action#1724
• chore(release): wrapper-0.0.31 by @​app/codecov-releaser-app in codecov/codecov-action#1723
• Put quotes around ${{ inputs.token }} in action.yml by @​jwodder in codecov/codecov-action#1721
• build(deps): bump github/codeql-action from 3.27.6 to 3.27.9 by @​app/dependabot in codecov/codecov-action#1722
• Remove mistake from options table by @​Acconut in codecov/codecov-action#1718
• build(deps): bump github/codeql-action from 3.27.5 to 3.27.6 by @​app/dependabot in codecov/codecov-action#1717

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.1.1..v5.1.2

v5.1.1

What's Changed

... (truncated)

• 13ce06b chore(release): bump to 5.3.1
• 3e26040 fix: add docs and copy over dist (#1752)
• 0da7aa6 chore(release): 5.3.0 (#1751)
• 1ca7ce6 chore(release): wrapper -0.1.0 (#1750)
• 65baa5f Update README with reqs (#1749)
• 5a605bd chore(release): bump to 5.2.0 (#1748)
• 5825942 Fix typo in README (#1747)
• b1a6383 Th/add commands (#1745)
• 6c5b693 use correct audience when requesting oidc token (#1744)
• ad45165 build(deps): bump github/codeql-action from 3.27.9 to 3.28.1 (#1742)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions