Bump fastify/github-action-merge-dependabot from 3.11.2 to 3.12.0 #557
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # linting - Github Actions | |
| # | |
| # Security references: | |
| # - https://securitylab.github.com/resources/github-actions-preventing-pwn-requests | |
| # - https://securitylab.github.com/resources/github-actions-untrusted-input | |
| # - https://securitylab.github.com/resources/github-actions-building-blocks | |
| # - https://securitylab.github.com/resources/github-actions-new-patterns-and-mitigations | |
| # | |
| # Used actions: | |
| # - actions/checkout | |
| # repo: https://github.com/actions/checkout | |
| # releases: https://github.com/actions/checkout/tags | |
| # | |
| # - astral-sh/setup-uv: set up uv environment | |
| # repo: https://github.com/astral-sh/setup-uv | |
| # releases: https://github.com/astral-sh/setup-uv/tags | |
| # https://docs.astral.sh/uv/guides/integration/github/ | |
| name: Linting | |
| concurrency: | |
| # see https://docs.github.com/en/actions/using-jobs/using-concurrency | |
| # Run jobs on all commits - we're on free tier and want full diagnostic history | |
| # cancel-in-progress: ${{ github.event_name == 'pull_request' }} | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| env: | |
| # Enable colored output for pytest | |
| # https://github.com/pytest-dev/pytest/issues/7443 | |
| # https://github.com/actions/runner/issues/241 | |
| PY_COLORS: 1 | |
| # Pin just version for reproducible builds | |
| # https://github.com/casey/just/releases | |
| JUST_VERSION: "1.46.0" # released on 2026-01-02 | |
| # Pin uv version for reproducible builds | |
| # https://github.com/astral-sh/uv/releases | |
| UV_VERSION: "0.9.26" # released on 2026-01-15 | |
| on: | |
| pull_request: | |
| types: [opened, reopened, synchronize] | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: read | |
| jobs: | |
| # see https://docs.astral.sh/uv/guides/integration/github/ | |
| run-tests: | |
| name: Python linters | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 5 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - ubuntu-latest | |
| python-version: | |
| - "3.14" | |
| - "3.13" | |
| - "3.12" | |
| - "3.11" | |
| - "3.10" | |
| - "3.9" | |
| steps: | |
| # repo: https://github.com/actions/checkout | |
| # releases: https://github.com/actions/checkout/tags | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 released on 09-01-2026 | |
| with: | |
| persist-credentials: false | |
| fetch-depth: 0 | |
| # - name: Show env variables | |
| # run: | | |
| # echo "$HOME/bin" >> $GITHUB_PATH | |
| # echo "${pwd}/.venv/bin" >> $GITHUB_PATH | |
| # printenv | sort | |
| # repo: https://github.com/extractions/setup-just | |
| # releases: https://github.com/extractions/setup-just/releases | |
| - name: Install pinned version of just | |
| uses: extractions/setup-just@f8a3cce218d9f83db3a2ecd90e41ac3de6cdfd9b # v3 released on 2025-031-15 | |
| with: | |
| just-version: ${{ env.JUST_VERSION }} | |
| # repo: https://github.com/astral-sh/setup-uv | |
| # releases: https://github.com/astral-sh/setup-uv/tags | |
| # docs: https://docs.astral.sh/uv/guides/integration/github | |
| - name: Install pinned version of uv | |
| uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7.2.1 released on 30-01-2026 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| version: ${{ env.UV_VERSION }} | |
| enable-cache: true | |
| cache-dependency-glob: "uv.lock" | |
| prune-cache: true | |
| - name: Remove sitecustomize.py | |
| run: just ubuntu-remove-global-sitecustomize | |
| - name: Set up Python ${{ matrix.python-version }} | |
| run: uv python install ${{ matrix.python-version }} | |
| # - name: Install the project | |
| # run: uv sync --all-groups | |
| - name: Install project + dependencies | |
| run: | | |
| just uv-set-python-version ${{ matrix.python-version }} | |
| just install | |
| - name: Pre-commit | |
| run: uv run pre-commit run --all-files | |
| - name: Ruff format | |
| run: | | |
| just ruff-format | |
| # - name: Ruff check | |
| # run: uv run ruff check src tests | |
| - name: Ruff check | |
| run: | | |
| just ruff-check | |
| # - name: Pylint | |
| # run: uv run pylint src | |
| - name: Pylint | |
| run: | | |
| just pylint | |
| - name: Mypy | |
| run: | | |
| just mypy | |
| - name: Ty | |
| run: | | |
| just ty-check | |
| - name: Pyroma | |
| run: | | |
| just pyroma | |
| - name: uv lock check | |
| run: | | |
| just uv-lock-check | |
| # - name: Bandit | |
| # run: | | |
| # just bandit-html | |
| # https://docs.github.com/en/actions/using-workflows/storing-workflow-data-as-artifacts | |
| # - name: Upload Bandit Report | |
| # uses: actions/upload-artifact@v4 | |
| # with: | |
| # name: Bandit Report | |
| # path: var/html-bandit/index.html | |
| # retention-days: 10 |