Skip to content

Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.14.0#18

Open
dependabot[bot] wants to merge 7 commits into
developfrom
dependabot/github_actions/pypa/gh-action-pypi-publish-1.14.0
Open

Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.14.0#18
dependabot[bot] wants to merge 7 commits into
developfrom
dependabot/github_actions/pypa/gh-action-pypi-publish-1.14.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 8, 2026
edited
Loading

Bumps pypa/gh-action-pypi-publish from 1.12.4 to 1.14.0.

Release notes

Sourced from pypa/gh-action-pypi-publish's releases.

v1.14.0

✨ What's Changed

The main change in this release is that verbose and print-hash inputs are now on by default. This was contributed by @​whitequark💰 in #397.

📝 Docs

@​woodruffw💰 updated the mentions of PEP 740 to stop implying that it might be experimental (it hasn't been for quite a while!) in #388 and @​him2him2💰 brushed up some grammar in the README and SECURITY docs via #395.

🛠️ Internal Updates

@​woodruffw💰 bumped sigstore and pypi-attestations in the lock file (#391) and @​webknjaz💰 added infra for using type annotations in the project (#381).

💪 New Contributors

🪞 Full Diff: pypa/gh-action-pypi-publish@v1.13.0...v1.14.0

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

🙏 Special Thanks to @​facutuesca💰 and @​woodruffw💰 for helping maintain this project when I can't!

💬 Discuss on Bluesky 🦋, on Mastodon 🐘 and on GitHub.

GH Sponsors badge

v1.13.0

[!important] 🚨 This release includes fixes for GHSA-vxmw-7h4f-hqxh discovered by @​woodruffw💰. We've also integrated Zizmor to catch similar issues in the future and you should too.

✨ New Stuff

@​woodruffw💰 updated the README to no longer mention the attestations feature being experimental in #347: it's been rather stable for a year already 🎉 He also added more diagnostic output which includes printing out the GitHub Environment claim via #371 and warning about the unsupported reusable workflows configurations #306, when using Trusted Publishing.

[!tip]

... (truncated)

Commits
  • cef2210 Merge pull request #397 from whitequark/patch-1
  • b4595e2 Enable verbose and print-hash by default.
  • e2bab26 Merge pull request #395 from him2him2/docs/fix-typos-and-grammar
  • 7495c38 docs: fix typos and grammar in README and SECURITY
  • 03f86fe Merge pull request #388 from woodruffw-forks/ww/rm-experimental
  • 4c78f1c Merge branch 'unstable/v1' into ww/rm-experimental
  • b5a6e8b deps: bump sigstore and pypi-attestations
  • a48a03e remove another experimental mention
  • 8087a88 action: remove a lingering mention of PEP 740 being experimental
  • 3317ede 🧪 Integrate actionlint via pre-commit framework
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

alpae and others added 7 commits December 3, 2024 11:26
@alpae
[ADD] ExtantSyntenyRels table defintion
6b70480
@alpae
[RF] add is_orthologous_to/is_paralogous_to method to ProteinEntry model
448d496 
- based on OmaHOG id.
- various unittests
@alpae
[FIX] search of xrefs with .\d\d format
1de76cf 
PomBase identifiers have often look like SPBC11B10.09. Prior to this
fix, we would trim the .09 from the id and report an ambigous match.
Now, we first search without truncating the numbers at the end, and only
if no hits are found, we do with truncation.
@dependabot @alpae
Bump pypa/gh-action-pypi-publish from 1.12.2 to 1.12.4
ba53bba 
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.12.2 to 1.12.4.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](pypa/gh-action-pypi-publish@15c56db...76f52bc)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@alpae
Ensure Taxonomy root can be build reliably
a1e76ca 
ensure backward and forward compatible way to generate or identify
the root node in the taxonomy. now, this is resilient to changes in
the Taxonomy schema.
@alpae
Bump version: 0.13.4 → 0.13.5
0e886f0
@dependabot
Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.14.0
8aaf395 
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.12.4 to 1.14.0.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](pypa/gh-action-pypi-publish@76f52bc...cef2210)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-version: 1.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 8, 2026
@dependabot dependabot Bot mentioned this pull request Apr 8, 2026
Closed
@alpae alpae changed the base branch from main to develop May 20, 2026 09:44
alpae added a commit that referenced this pull request May 20, 2026
@alpae
update action version #15, #17, #18
3d67968
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@alpae