From 0675575f1925e5ae8bbe105f58ad01030b719b7b Mon Sep 17 00:00:00 2001 From: Pedro Kaj Kjellerup Nacht Date: Wed, 27 Dec 2023 20:34:11 +0000 Subject: [PATCH 1/3] Add dependabot to monitor GHAs and Python deps Signed-off-by: Pedro Kaj Kjellerup Nacht --- .github/dependabot.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 000000000..db5f06614 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,25 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "monthly" + groups: + github-actions: + patterns: + - "*" + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "monthly" + ignore: + - dependency-name: "protobuf" # see comment in requirements.txt + groups: + python: + patterns: + - "*" From 7707e0334edc10a59da22971afa1b04bddfa7e65 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 27 Dec 2023 17:51:50 -0300 Subject: [PATCH 2/3] Bump GitHub Actions to latest versions Bumps the github-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `3` | `4` | | [actions/github-script](https://github.com/actions/github-script) | `6` | `7` | | [actions/cache](https://github.com/actions/cache) | `2` | `3` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `4` | `5` | | [actions/stale](https://github.com/actions/stale) | `5` | `9` | Updates `actions/checkout` from 3 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) Updates `actions/github-script` from 6 to 7 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v6...v7) Updates `actions/cache` from 2 to 3 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v2...v3) Updates `peter-evans/create-pull-request` from 4 to 5 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/v4...v5) Updates `actions/stale` from 5 to 9 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v5...v9) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/auto-assignment.yaml | 4 ++-- .github/workflows/format.yml | 6 +++--- .github/workflows/lint.yml | 4 ++-- .github/workflows/pull_workflow.yaml | 4 ++-- .github/workflows/stale-issues-pr.yml | 4 ++-- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/auto-assignment.yaml b/.github/workflows/auto-assignment.yaml index c1efbcc94..5cffd8876 100644 --- a/.github/workflows/auto-assignment.yaml +++ b/.github/workflows/auto-assignment.yaml @@ -16,8 +16,8 @@ jobs: welcome: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/github-script@v6 + - uses: actions/checkout@v4 + - uses: actions/github-script@v7 with: script: | const script = require('./\.github/workflows/scripts/auto-assignment.js') diff --git a/.github/workflows/format.yml b/.github/workflows/format.yml index 10732c722..a81a8029d 100644 --- a/.github/workflows/format.yml +++ b/.github/workflows/format.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Get pip cache dir id: pip-cache @@ -20,7 +20,7 @@ jobs: python -m pip install --upgrade pip setuptools echo "::set-output name=dir::$(pip cache dir)" - name: pip cache - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: ${{ steps.pip-cache.outputs.dir }} key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }} @@ -34,7 +34,7 @@ jobs: - name: Create Pull Request id: cpr - uses: peter-evans/create-pull-request@v4 + uses: peter-evans/create-pull-request@v5 with: commit-message: format the code committer: A. Unique TensorFlower diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 66388041b..e421b3238 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -13,7 +13,7 @@ jobs: name: Check the code format runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Get pip cache dir id: pip-cache @@ -21,7 +21,7 @@ jobs: python -m pip install --upgrade pip setuptools echo "::set-output name=dir::$(pip cache dir)" - name: pip cache - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: ${{ steps.pip-cache.outputs.dir }} key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }} diff --git a/.github/workflows/pull_workflow.yaml b/.github/workflows/pull_workflow.yaml index f65c10bdb..2d0247b43 100644 --- a/.github/workflows/pull_workflow.yaml +++ b/.github/workflows/pull_workflow.yaml @@ -12,8 +12,8 @@ jobs: welcome: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/github-script@v6 + - uses: actions/checkout@v4 + - uses: actions/github-script@v7 with: script: | const script = require('./\.github/workflows/scripts/pull_workflow.js') diff --git a/.github/workflows/stale-issues-pr.yml b/.github/workflows/stale-issues-pr.yml index 3eab7a479..940c49bd1 100644 --- a/.github/workflows/stale-issues-pr.yml +++ b/.github/workflows/stale-issues-pr.yml @@ -11,7 +11,7 @@ jobs: pull-requests: write steps: - name: Awaiting response issues - uses: actions/stale@v5 + uses: actions/stale@v9 with: days-before-issue-stale: 14 days-before-issue-close: 14 @@ -31,7 +31,7 @@ jobs: close-pr-message: "This PR was closed because it has been inactive for 28 days. Please reopen if you'd like to work on this further." repo-token: ${{ secrets.GITHUB_TOKEN }} - name: Contribution issues - uses: actions/stale@v5 + uses: actions/stale@v9 with: days-before-issue-stale: 180 days-before-issue-close: 365 From 23997dc1debe2a58e3a743ae6fd608b8714f7856 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 27 Dec 2023 17:54:05 -0300 Subject: [PATCH 3/3] Bump Python dependencies to latest versions Updates the requirements on [scipy](https://github.com/scipy/scipy), [numpy](https://github.com/numpy/numpy), [black](https://github.com/psf/black), [isort](https://github.com/pycqa/isort) and [flake8](https://github.com/pycqa/flake8) to permit the latest version. Updates `scipy` to 1.11.4 - [Release notes](https://github.com/scipy/scipy/releases) - [Commits](https://github.com/scipy/scipy/compare/v1.9.2...v1.11.4) Updates `numpy` to 1.26.2 - [Release notes](https://github.com/numpy/numpy/releases) - [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst) - [Commits](https://github.com/numpy/numpy/compare/v1.24.3...v1.26.2) Updates `black` from 22.3.0 to 23.12.1 - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/compare/22.3.0...23.12.1) Updates `isort` from 5.10.1 to 5.13.2 - [Release notes](https://github.com/pycqa/isort/releases) - [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md) - [Commits](https://github.com/pycqa/isort/compare/5.10.1...5.13.2) Updates `flake8` from 4.0.1 to 6.1.0 - [Commits](https://github.com/pycqa/flake8/compare/4.0.1...6.1.0) --- updated-dependencies: - dependency-name: scipy dependency-type: direct:production dependency-group: python - dependency-name: numpy dependency-type: direct:production dependency-group: python - dependency-name: black dependency-type: direct:production update-type: version-update:semver-major dependency-group: python - dependency-name: isort dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python - dependency-name: flake8 dependency-type: direct:production update-type: version-update:semver-major dependency-group: python ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- requirements.txt | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/requirements.txt b/requirements.txt index 28e51da8e..5f985cf52 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,7 +2,7 @@ # The rest of the packages are mostly used for testing purpose. pandas pydot -scipy ~= 1.9.2 +scipy ~= 1.11.4 # Remove once both TensorFlow and TF-Keras nightly builds pass. # Temporarily enforce 3.20.3 version, as the only version which is compatible # with both new and old protobuf stubs. This is needed to resolve @@ -13,7 +13,7 @@ tf-nightly portpicker pyyaml Pillow -numpy ~= 1.24.3 # Sync with the numpy version used in TF -black==22.3.0 -isort==5.10.1 -flake8==4.0.1 \ No newline at end of file +numpy ~= 1.26.2 # Sync with the numpy version used in TF +black==23.12.1 +isort==5.13.2 +flake8==6.1.0 \ No newline at end of file