From f4f01ff7cfc319daf44b5dda9a74835f2cd8727f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 24 Nov 2025 09:35:01 +0000 Subject: [PATCH 1/2] Pin dependencies --- .../workflows/mdanalysis-compatibility.yaml | 6 ++--- .github/workflows/project-ci.yaml | 18 +++++++-------- .github/workflows/release.yaml | 22 +++++++++---------- .github/workflows/renovate.yaml | 4 ++-- pyproject.toml | 2 +- 5 files changed, 26 insertions(+), 26 deletions(-) diff --git a/.github/workflows/mdanalysis-compatibility.yaml b/.github/workflows/mdanalysis-compatibility.yaml index 1e8e874..f63d6fe 100644 --- a/.github/workflows/mdanalysis-compatibility.yaml +++ b/.github/workflows/mdanalysis-compatibility.yaml @@ -18,10 +18,10 @@ jobs: steps: - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v6.0.0 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: ${{ matrix.python-version }} @@ -36,7 +36,7 @@ jobs: - name: Create Issue on Failure if: failure() - uses: JasonEtco/create-an-issue@v2 + uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} PYTHON_VERSION: ${{ matrix.python-version }} diff --git a/.github/workflows/project-ci.yaml b/.github/workflows/project-ci.yaml index a0d11dd..017f739 100644 --- a/.github/workflows/project-ci.yaml +++ b/.github/workflows/project-ci.yaml @@ -18,10 +18,10 @@ jobs: python-version: ["3.11", "3.12", "3.13", "3.14"] steps: - name: Checkout repo - uses: actions/checkout@v6 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v6.0.0 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: ${{ matrix.python-version }} @@ -32,7 +32,7 @@ jobs: run: pytest --cov CodeEntropy --cov-report term-missing --cov-append . - name: Coveralls GitHub Action - uses: coverallsapp/github-action@v2.3.7 + uses: coverallsapp/github-action@5cbfd81b66ca5d10c19b062c04de0199c215fb6e # v2.3.7 with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -40,11 +40,11 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 15 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Set up Python 3.14 - uses: actions/setup-python@v6.0.0 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: - python-version: 3.14 + python-version: 3.14.0 - name: Install python dependencies run: | pip install --upgrade pip @@ -56,11 +56,11 @@ jobs: runs-on: ubuntu-24.04 timeout-minutes: 15 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Set up Python 3.14 - uses: actions/setup-python@v6.0.0 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: - python-version: 3.14 + python-version: 3.14.0 - name: Install python dependencies run: | pip install --upgrade pip diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index e7a0d7c..acc6b6d 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -18,12 +18,12 @@ jobs: steps: - name: Checkout repository id: repo - uses: actions/checkout@v6 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Set up Python - uses: actions/setup-python@v6.0.0 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: - python-version: 3.14 + python-version: 3.14.0 - name: Get latest release from pip id: latestreleased @@ -46,7 +46,7 @@ jobs: steps: - name: checkout - uses: actions/checkout@v6 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - name: Change version in repo and CITATION.cff run: | @@ -61,7 +61,7 @@ jobs: - name: send PR id: pr_id - uses: peter-evans/create-pull-request@v7.0.8 + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 with: commit-message: Update version to ${{ github.event.inputs.version }} branch: version-update @@ -78,7 +78,7 @@ jobs: draft: false - name: auto approve review - uses: hmarr/auto-approve-action@v4.0.0 + uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 # v4.0.0 with: pull-request-number: ${{ steps.pr_id.outputs.pull-request-number }} review-message: "Auto approved version bump PR" @@ -95,7 +95,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 with: ref: main @@ -113,7 +113,7 @@ jobs: steps: - name: create release - uses: softprops/action-gh-release@v2.4.2 + uses: softprops/action-gh-release@5be0e66d93ac7ed76da52eca8bb058f665c3a5fe # v2.4.2 with: name: v${{ github.event.inputs.version }} generate_release_notes: true @@ -126,14 +126,14 @@ jobs: steps: - name: checkout - uses: actions/checkout@v6 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 with: ref: main - name: Set up Python - uses: actions/setup-python@v6.0.0 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: - python-version: 3.14 + python-version: 3.14.0 - name: Install flit run: | diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index 18f1a86..3e7ab28 100644 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -18,9 +18,9 @@ jobs: issues: write steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - - uses: renovatebot/github-action@v44.0.3 + - uses: renovatebot/github-action@c91a61c730fa166439cd3e2c300c041590002b1d # v44.0.3 with: token: ${{ secrets.RENOVATE_TOKEN }} env: diff --git a/pyproject.toml b/pyproject.toml index b55a504..e5fa86f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -74,7 +74,7 @@ docs = [ "sphinxcontrib-details-directive", "sphinx_copybutton", "furo", - "markupsafe<2.1" + "markupsafe==2.0.1" ] [project.scripts] From 2ca5a109830718a46edec3fe5e30cfd1018fd034 Mon Sep 17 00:00:00 2001 From: harryswift01 Date: Thu, 27 Nov 2025 11:05:08 +0000 Subject: [PATCH 2/2] remove `.github/workflows/renovate.yaml` from #206 PR --- .github/workflows/renovate.yaml | 29 ----------------------------- 1 file changed, 29 deletions(-) delete mode 100644 .github/workflows/renovate.yaml diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml deleted file mode 100644 index 3e7ab28..0000000 --- a/.github/workflows/renovate.yaml +++ /dev/null @@ -1,29 +0,0 @@ -name: Renovate - -on: - schedule: - - cron: "0 8 * * *" - workflow_dispatch: - -jobs: - renovate: - runs-on: ubuntu-24.04 - concurrency: - group: renovate - cancel-in-progress: true - - permissions: - contents: write - pull-requests: write - issues: write - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6 - - - uses: renovatebot/github-action@c91a61c730fa166439cd3e2c300c041590002b1d # v44.0.3 - with: - token: ${{ secrets.RENOVATE_TOKEN }} - env: - RENOVATE_CONFIG_FILE: ".github/renovate.json" - LOG_LEVEL: debug - RENOVATE_REPOSITORIES: "CCPBioSim/CodeEntropy" \ No newline at end of file