Build(deps): Bump the actions group with 3 updates

[dependabot]

Bumps the actions group with 3 updates: actions/setup-python, pypa/cibuildwheel and pypa/gh-action-pypi-publish.

Updates actions/setup-python from 3 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: actions/setup-python@v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

• Trim python version when reading from file by @​FerranPares in actions/setup-python#628
• Use non-deprecated versions in examples by @​jeffwidman in actions/setup-python#724
• Change deprecation comment to past tense by @​jeffwidman in actions/setup-python#723
• Bump @​babel/traverse from 7.9.0 to 7.23.2 by @​dependabot in actions/setup-python#743
• advanced-usage.md: Encourage the use actions/checkout@v4 by @​cclauss in actions/setup-python#729
• Examples now use checkout@v4 by @​simonw in actions/setup-python#738
• Update actions/checkout to v4 by @​dmitry-shibanov in actions/setup-python#761

New Contributors

• @​FerranPares made their first contribution in actions/setup-python#628
• @​timfel made their first contribution in actions/setup-python#694
• @​jeffwidman made their first contribution in actions/setup-python#724

Full Changelog: actions/setup-python@v4...v4.8.0

v4.7.1

What's Changed

• Bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in actions/setup-python#702
• Add range validation for toml files by @​dmitry-shibanov in actions/setup-python#726

Full Changelog: actions/setup-python@v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table> 

... (truncated)

Commits

• 0a5c615 Update action to node20 (#772)
• 0ae5836 Add example of GraalPy to docs (#773)
• b64ffca update actions/checkout to v4 (#761)
• 8d28961 Examples now use checkout@v4 (#738)
• 7bc6abb advanced-usage.md: Encourage the use actions/checkout@v4 (#729)
• e8111ce Bump @​babel/traverse from 7.9.0 to 7.23.2 (#743)
• a00ea43 add fix for graalpy ci (#741)
• 8635b1c Change deprecation comment to past tense (#723)
• f6cc428 Use non-deprecated versions in examples (#724)
• 5f2af21 Add GraalPy support (#694)
• Additional commits viewable in compare view

Updates pypa/cibuildwheel from 2.9.0 to 2.16.5

Release notes

Sourced from pypa/cibuildwheel's releases.

v2.16.5

• 🐛 Fix an incompatibility with the GitHub Action and new GitHub Runner images for Windows that bundle Powershell 7.3+ (#1741)
• 🛠 Preliminary support for new macos-14 arm64 runners (#1743)

v2.16.4

🛠 Update manylinux pins to upgrade from a problematic PyPy version. (#1737)

v2.16.3

• 🐛 Fix a bug when building from sdist, where relative paths to files in the package didn't work because the working directory was wrong (#1687)
• 🛠 Adds the ability to disable mounting the host filesystem in containers to /host, through the disable_host_mount suboption on CIBW_CONTAINER_ENGINE.
• 📚 A lot of docs improvements! (#1708, #1705, #1686, #1679, #1667, #1665)

v2.16.2

• 🛠 Updates CPython 3.12 version to 3.12.0, final release (#1635)
• ✨ Adds a debug option CIBW_DEBUG_KEEP_CONTAINER to stop cibuildwheel deleting build containers after the build finishes. (#1620)
• 📚 Adds support for [tool.cibuildwheel] checking by adding a schema compatible with the validate-pyproject tool (#1622, #1628, #1629)
• 🐛 Fix parsing of CIBW_CONTAINER_ENGINE and CIBW_BUILD_FRONTEND options to not break arguments on : characters (#1621)
• 🐛 Fix the evaluation order of CIBW_ENVIRONMENT and CIBW_ENVIRONMENT_PASS so that CIBW_ENVIRONMENT assignments can reference environment variables passed through from the host machine. (#1617)
• 🛠 Supports manylinux images' deferred installation of interpreters through the manylinux-interpreters tool (#1630)

v2.16.1

• 🛠 Updates the prerelease CPython 3.12 version to 3.12.0rc3 (#1625)
• 🛠 Only calls linux32 in containers when necessary (#1599)

v2.16.0

• ✨ Add the ability to pass additional flags to a build frontend through the CIBW_BUILD_FRONTEND option (#1588).
• ✨ The environment variable SOURCE_DATE_EPOCH is now automatically passed through to container Linux builds (useful for reproducible builds!) (#1589)
• 🛠 Updates the prerelease CPython 3.12 version to 3.12.0rc2 (#1604)
• 🐛 Fix requires_python auto-detection from setup.py when the call to setup() is within an if __name__ == "__main__" block (#1613)
• 🐛 Fix a bug that prevented building Linux wheels in Docker on a Windows host (#1573)
• 🐛 --only can now select prerelease-pythons (#1564)
• 📚 Docs & examples updates (#1582, #1593, #1598, #1615)

v2.15.0

• 🌟 CPython 3.12 wheels are now built by default - without the CIBW_PRERELEASE_PYTHONS flag. It's time to build and upload these wheels to PyPI! This release includes CPython 3.12.0rc1, which is guaranteed to be ABI compatible with the final release. (#1565)
• ✨ Adds musllinux_1_2 support - this allows packagers to build for musl-based Linux distributions on a more recent Alpine image, and a newer musl libc. (#1561)

v2.14.1

• 🛠 Updates the prerelease CPython 3.12 version to 3.12.0b4 (#1550)

v2.14.0

• ✨ Adds support for building PyPy 3.10 wheels. (#1525)
• 🛠 Updates the prerelease CPython 3.12 version to 3.12.0b3.
• ✨ Allow the use of the {wheel} placeholder in CIBW_TEST_COMMAND (#1533)
• 📚 Docs & examples updates (#1532, #1416)
• ⚠️ Removed support for running cibuildwheel in Python 3.7. Python 3.7 is EOL. However, cibuildwheel continues to build Python 3.7 wheels for the moment. (#1175)

v2.13.1

• 🛠 Updates the prerelease CPython 3.12 version to 3.12.0b2. (#1516)
• 🛠 Adds a moving v<major>.<minor> tag for use in GitHub Actions workflow files. If you use this, you'll get the latest patch release within a minor version. Additionally, Dependabot won't send you PRs for patch releases. (#1517)

... (truncated)

Changelog

Sourced from pypa/cibuildwheel's changelog.

v2.16.5

30 January 2024

• 🐛 Fix an incompatibility with the GitHub Action and new GitHub Runner images for Windows that bundle Powershell 7.3+ (#1741)
• 🛠 Preliminary support for new macos-14 arm64 runners (#1743)

v2.16.4

28 January 2024

• 🛠 Update manylinux pins to upgrade from a problematic PyPy version. (#1737)

v2.16.3

26 January 2024

• 🐛 Fix a bug when building from sdist, where relative paths to files in the package didn't work because the working directory was wrong (#1687)
• 🛠 Adds the ability to disable mounting the host filesystem in containers to /host, through the disable_host_mount suboption on CIBW_CONTAINER_ENGINE.
• 📚 A lot of docs improvements! (#1708, #1705, #1686, #1679, #1667, #1665)

v2.16.2

3 October 2023

• 🛠 Updates CPython 3.12 version to 3.12.0, final release (#1635)
• ✨ Adds a debug option CIBW_DEBUG_KEEP_CONTAINER to stop cibuildwheel deleting build containers after the build finishes. (#1620)
• 📚 Adds support for [tool.cibuildwheel] checking by adding a schema compatible with the validate-pyproject tool (#1622, #1628, #1629)
• 🐛 Fix parsing of CIBW_CONTAINER_ENGINE and CIBW_BUILD_FRONTEND options to not break arguments on : characters (#1621)
• 🐛 Fix the evaluation order of CIBW_ENVIRONMENT and CIBW_ENVIRONMENT_PASS so that CIBW_ENVIRONMENT assignments can reference environment variables passed through from the host machine. (#1617)
• 🛠 Supports manylinux images' deferred installation of interpreters through the manylinux-interpreters tool (#1630)

v2.16.1

26 September 2023

• 🛠 Updates the prerelease CPython 3.12 version to 3.12.0rc3 (#1625)
• 🛠 Only calls linux32 in containers when necessary (#1599)

v2.16.0

18 September 2023

• ✨ Add the ability to pass additional flags to a build frontend through the CIBW_BUILD_FRONTEND option (#1588).
• ✨ The environment variable SOURCE_DATE_EPOCH is now automatically passed through to container Linux builds (useful for reproducible builds!) (#1589)
• 🛠 Updates the prerelease CPython 3.12 version to 3.12.0rc2 (#1604)
• 🐛 Fix requires_python auto-detection from setup.py when the call to setup() is within an if __name__ == "__main__" block (#1613)
• 🐛 Fix a bug that prevented building Linux wheels in Docker on a Windows host (#1573)
• 🐛 --only can now select prerelease-pythons (#1564)
• 📚 Docs & examples updates (#1582, #1593, #1598, #1615)

... (truncated)

Commits

• ce3fb78 Bump version: v2.16.5
• 5b0b458 fix: download pipx for action, allow support for M1 (#1743)
• a7ea5fb Merge pull request #1739 from henryiii/henryiii/chore/checkschemas
• bc55e8b Merge pull request #1741 from jborean93/pwsh-7.4
• c753cd2 Add support for PowerShell 7.4 in GHA
• 07bd78c chore: check schemas
• d7db575 docs: add keyvi as an example that combines cibuildwheel with the ccache acti...
• 7154e18 [Bot] Update dependencies (#1738)
• 0b04ab1 Bump version: v2.16.4
• 34b049f [Bot] Update dependencies (#1737)
• Additional commits viewable in compare view

Updates pypa/gh-action-pypi-publish from 1.8.12 to 1.8.14

Release notes

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.14

🛠️ Internal Dependencies

Nothing changed feature-wise. The only notable update is that the underlying container runtime now uses Python 3.12 and pip has been updated to v24.0 there. This is should go unnoticed in terms of behavior. It's just a bit of maintenance burden to be done occasionally by @​webknjaz💰. Enjoy!

🪞 Full Diff: pypa/gh-action-pypi-publish@v1.8.13...v1.8.14

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

v1.8.13

🐛 What's Fixed

This action is now able to consume and publish distribution packages with Metadata-Version: 2.3 embedded.

🛠️ Internal Dependencies

@​SigureMo💰 sent us a bump of pkginfo version to version 1.10.0 in #219. It's a transitive dependency for us and is not an API-level change but upgrading it has a side effect of letting Twine recognize distribution packages declaring Metadata-Version: 2.3. In particular, it is known to affect distributions built with Maturin >= 1.5.0.

Following that, @​webknjaz💰 upgraded other transitive and direct dependency pins, including, among others, the following notable bumps:

• cryptography == 42.0.5
• id == 1.3.0
• readme-renderer == 43.0
• Twine == 5.0.0

💪 New Contributors

@​SigureMo made their first contribution in pypa/gh-action-pypi-publish#219

🪞 Full Diff: pypa/gh-action-pypi-publish@v1.8.12...v1.8.13

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

Commits

• 81e9d93 Bump pip to v24.0 in runtime prerequisites lock
• 91527c4 Regenerate lockfiles with pip-tools v7.4.1
• 3a817c6 Bump action runtime to CPython 3.12
• 741947b Add a config file for pip-tools
• d7af439 Mass-bump transitive dependencies of runtime
• e90ddca Bump readme-renderer to v43.0
• dae7fa3 Bump Twine to v5.0.0
• 0fe04ae Bump id to v1.3.0
• 444e179 Bump cryptography to v42.0.5
• 820be4e Normalize pip-tools' header comment @ runtime.txt
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[zssherman]

Issue was pkg_resources in open-radar-data. This has been fix and just waiting on the new release. Then this CI can be reran

[mgrover1]

This is good to go now!