diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d172a06..1f64bfa 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,7 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false # tests only read the repo; no authenticated git ops - - uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 + - uses: astral-sh/setup-uv@11f9893b081a58869d3b5fccaea48c9e9e46f990 # v8.3.2 with: { python-version: "${{ matrix.python }}" } - run: uv sync --all-extras - run: uv run ruff check src tests bench diff --git a/.github/workflows/public-microbench.yml b/.github/workflows/public-microbench.yml index 3225635..71d2d1f 100644 --- a/.github/workflows/public-microbench.yml +++ b/.github/workflows/public-microbench.yml @@ -30,7 +30,7 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false # read-only benchmark harness; no authenticated git ops - - uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 + - uses: astral-sh/setup-uv@11f9893b081a58869d3b5fccaea48c9e9e46f990 # v8.3.2 with: { python-version: "3.12" } - run: uv sync --all-extras diff --git a/.github/workflows/release-gate.yml b/.github/workflows/release-gate.yml index a6375d1..f8d1cad 100644 --- a/.github/workflows/release-gate.yml +++ b/.github/workflows/release-gate.yml @@ -36,7 +36,7 @@ jobs: ref: ${{ inputs.ref || github.ref }} fetch-depth: 0 persist-credentials: false # build/test only read the repo; no authenticated git ops - - uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 + - uses: astral-sh/setup-uv@11f9893b081a58869d3b5fccaea48c9e9e46f990 # v8.3.2 with: python-version: "${{ matrix.python }}" enable-cache: false # release validation: no cache, build/test from a clean resolve diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 4cc4e97..3b86658 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -14,7 +14,7 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false # read-only SCA/SAST; no authenticated git ops - - uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 + - uses: astral-sh/setup-uv@11f9893b081a58869d3b5fccaea48c9e9e46f990 # v8.3.2 with: { python-version: "3.12" } - run: uv sync --all-extras # SCA: audit DORIAN'S resolved dependency set (runtime + extras + dev), NOT the