Skip to content

Bump the github-actions group with 6 updates #2161

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
dependabot wants to merge 2 commits into
base: main
Choose a base branch
from
+10 −9
Open

Bump the github-actions group with 6 updates #2161

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f660345
Bump the github-actions group with 6 updates
dependabot[bot] May 20, 2026
cd38f13
Cap benchmark cache
ricardoV94 May 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/mypy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- uses: mamba-org/setup-micromamba@add3a49764cedee8ee24e82dfde87f5bc2914462 # v2.0.7
- uses: mamba-org/setup-micromamba@d7c9bd84e824b79d2af72a2d4196c7f4300d3476 # v3.0.0
with:
micromamba-version: "1.5.10-0" # until https://github.com/mamba-org/setup-micromamba/issues/225 is resolved
environment-file: environment.yml
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/pypi.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@ jobs:
with:
fetch-depth: 0
persist-credentials: false
- uses: hynek/build-and-inspect-python-package@efb823f52190ad02594531168b7a2d5790e66516 # v2.14.0
- uses: hynek/build-and-inspect-python-package@d44ca7d91762de7a7d5436ddae667c6da6d1c3df # v2.18.0

build_wheels:
name: Build wheels for ${{ matrix.platform }}
Expand Down Expand Up @@ -248,5 +248,5 @@ jobs:
name: universal_wheel
path: dist

- uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0
- uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0
# Implicitly attests that the packages were uploaded in the context of this workflow.
11 changes: 6 additions & 5 deletions .github/workflows/test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ jobs:
fetch-depth: 0
persist-credentials: false
- name: Set up Python ${{ matrix.python-version }}
uses: mamba-org/setup-micromamba@add3a49764cedee8ee24e82dfde87f5bc2914462 # v2.0.7
uses: mamba-org/setup-micromamba@d7c9bd84e824b79d2af72a2d4196c7f4300d3476 # v3.0.0
with:
environment-name: pytensor-test
micromamba-version: "1.5.10-0" # until https://github.com/mamba-org/setup-micromamba/issues/225 is resolved
Expand Down Expand Up @@ -224,7 +224,7 @@ jobs:
fetch-depth: 0
persist-credentials: false
- name: Set up Python 3.11
uses: mamba-org/setup-micromamba@add3a49764cedee8ee24e82dfde87f5bc2914462 # v2.0.7
uses: mamba-org/setup-micromamba@d7c9bd84e824b79d2af72a2d4196c7f4300d3476 # v3.0.0
with:
environment-name: pytensor-test
micromamba-version: "1.5.10-0" # until https://github.com/mamba-org/setup-micromamba/issues/225 is resolved
Expand All @@ -244,14 +244,14 @@ jobs:
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
with:
path: ./cache
key: ${{ runner.os }}-benchmark
key: ${{ runner.os }}-benchmark-v2
- name: Run benchmarks
shell: micromamba-shell {0}
run: |
export PYTENSOR_FLAGS=warn__ignore_bug_before=all,on_opt_error=raise,on_shape_error=raise,gcc__cxxflags=-pipe
python -m pytest --runslow --benchmark-only --benchmark-json output.json
- name: Store benchmark result
uses: benchmark-action/github-action-benchmark@4bdcce38c94cec68da58d012ac24b7b1155efe8b # v1.20.7
uses: benchmark-action/github-action-benchmark@52576c92bccf6ac60c8223ec7eb2565637cae9ba # v1.22.1
with:
name: Python Benchmark with pytest-benchmark
tool: "pytest"
Expand All @@ -262,6 +262,7 @@ jobs:
comment-on-alert: false
fail-on-alert: false
auto-push: false
max-items-in-chart: 50

all-checks:
if: ${{ always() }}
Expand Down Expand Up @@ -300,7 +301,7 @@ jobs:
merge-multiple: true

- name: Upload coverage to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1
with:
directory: ./coverage/
fail_ci_if_error: true
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/zizmor.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
uses: github/codeql-action/upload-sarif@v4

Check failure

Code scanning / zizmor

unpinned action reference: action is not pinned to a hash (required by blanket policy) Error

unpinned action reference: action is not pinned to a hash (required by blanket policy)
Copy link
Copy Markdown
Member

@ricardoV94 ricardoV94 May 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this a zizmor thing previously didn't have an hash either? @maresb

with:
# Path to SARIF file relative to the root of the repository
sarif_file: results.sarif
Expand Down
Loading