From e71bae1d262144e36db234dbc4a7fd1d308f3501 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 3 Feb 2024 17:59:41 +0000
Subject: [PATCH] Bump the actions group with 5 updates

Bumps the actions group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [guilhem/rss-issues-action](https://github.com/guilhem/rss-issues-action) | `0.4.0` | `0.5.2` |
| [actions/checkout](https://github.com/actions/checkout) | `3` | `4` |
| [actions/setup-python](https://github.com/actions/setup-python) | `4` | `5` |
| [sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python) | `0.0.9` | `2.1.1` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `3` | `4` |


Updates `guilhem/rss-issues-action` from 0.4.0 to 0.5.2
- [Release notes](https://github.com/guilhem/rss-issues-action/releases)
- [Commits](https://github.com/guilhem/rss-issues-action/compare/0.4.0...0.5.2)

Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

Updates `actions/setup-python` from 4 to 5
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4...v5)

Updates `sigstore/gh-action-sigstore-python` from 0.0.9 to 2.1.1
- [Release notes](https://github.com/sigstore/gh-action-sigstore-python/releases)
- [Commits](https://github.com/sigstore/gh-action-sigstore-python/compare/v0.0.9...v2.1.1)

Updates `actions/upload-artifact` from 3 to 4
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: guilhem/rss-issues-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: sigstore/gh-action-sigstore-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/pip-feed.yml |  2 +-
 .github/workflows/release.yml  |  6 +++---
 .github/workflows/test.yml     | 14 +++++++-------
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/pip-feed.yml b/.github/workflows/pip-feed.yml
index db578ea..64997dc 100644
--- a/.github/workflows/pip-feed.yml
+++ b/.github/workflows/pip-feed.yml
@@ -8,7 +8,7 @@ jobs:
   pip-check:
     runs-on: ubuntu-latest
     steps:
-      - uses: guilhem/rss-issues-action@0.4.0
+      - uses: guilhem/rss-issues-action@0.5.2
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
           feed: "https://pypi.org/rss/project/pip/releases.xml"
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index cf5b3f7..c411cce 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -17,9 +17,9 @@ jobs:
     name: upload release to PyPI
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
 
-    - uses: actions/setup-python@v4
+    - uses: actions/setup-python@v5
       with:
         python-version: ">= 3.7"
 
@@ -36,7 +36,7 @@ jobs:
         password: ${{ secrets.PYPI_TOKEN }}
 
     - name: sign
-      uses: sigstore/gh-action-sigstore-python@v0.0.9
+      uses: sigstore/gh-action-sigstore-python@v2.1.1
       with:
         inputs: ./dist/*.tar.gz ./dist/*.whl
 
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index dc9e4db..25398ea 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -19,9 +19,9 @@ jobs:
     name: Lint
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
       - name: Install tox
         run: python -m pip install tox
       - name: Run linting
@@ -32,7 +32,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Grab the src from GH
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
     - name: Install `pypa/build` PEP 517 front-end
       run: python -m pip install 'build ~= 0.10.0'
@@ -46,7 +46,7 @@ jobs:
         dist/${{ env.sdist-artifact-name-wildcard }}
 
     - name: Store the distribution package
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
       with:
         name: ${{ env.dists-artifact-name }}
         # NOTE: Exact expected file names are specified here
@@ -64,9 +64,9 @@ jobs:
     outputs:
       matrix: ${{ steps.set-matrix.outputs.matrix }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
       - name: Install tox
         run: python -m pip install tox
       - id: set-matrix
@@ -88,7 +88,7 @@ jobs:
           source-tarball-name: ${{ env.sdist-artifact-name-wildcard }}
           workflow-artifact-name: ${{ env.dists-artifact-name }}
       - name: Setup python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: ${{ matrix.python-version }}
       - name: Install tox