Bump the actions group with 5 updates

[dependabot]

Bumps the actions group with 5 updates:

Package	From	To
scientific-python/repo-review	0.12.3	1.0.3
crate-ci/typos	1.44.0	1.45.0
astral-sh/setup-uv	7.6.0	8.0.0
actions/configure-pages	5.0.0	6.0.0
actions/deploy-pages	4.0.5	5.0.0

Updates scientific-python/repo-review from 0.12.3 to 1.0.3

Release notes

Sourced from scientific-python/repo-review's releases.

Version 1.0.3

Features for the WebApp:

• Support directory path by @​henryiii in scientific-python/repo-review#359

Fixes for the WebApp:

• Better button placement and sizing by @​henryiii in scientific-python/repo-review#366
• Safe set state by @​henryiii in scientific-python/repo-review#360
• Warning on splat with key by @​henryiii in scientific-python/repo-review#361
• Reloading autocomplete by @​henryiii in scientific-python/repo-review#365
• Rework standalone webapp page by @​henryiii in scientific-python/repo-review#363

Internal:

• Better serve by @​henryiii in scientific-python/repo-review#362

CI:

• Lint webapp in CI by @​henryiii in scientific-python/repo-review#364

Full Changelog: scientific-python/repo-review@v1.0.2...v1.0.3

Version 1.0.2

Fixes for the WebApp:

• Fix webapp copy HTML crash due to destroyed borrowed PyProxy by @​Copilot in scientific-python/repo-review#358

Full Changelog: scientific-python/repo-review@v1.0.1...v1.0.2

Version 1.0.1

Fixes for the WebApp:

• Make webapp input row responsive on mobile by @​Copilot in scientific-python/repo-review#355
• Keep Show dropdown and Run button always on the same line by @​Copilot in scientific-python/repo-review#356

Full Changelog: scientific-python/repo-review@v1.0.0...v1.0.1

Version 1.0.0

Features:

• Use static versioning by @​henryiii in scientific-python/repo-review#320

... (truncated)

Commits

• 282a2fe chore: bump to 1.0.3
• 946d87d fix(webapp): better button placement and sizing (#366)
• 73f3f01 fix: reloading autocomplete (#365)
• 2ca890b fix(webapp): safe set state (#360)
• 039775d chore: better AGENTS.md
• 727636c feat(webapp): support directory path (#359)
• cc08efa ci: lint webapp in CI (#364)
• a88edd7 fix(webapp): warning on splat with key (#361)
• 0660371 fix: rework standalone webapp page (#363)
• d4b4a2e chore: better serve (#362)
• Additional commits viewable in compare view

Updates crate-ci/typos from 1.44.0 to 1.45.0

Release notes

Sourced from crate-ci/typos's releases.

v1.45.0

[1.45.0] - 2026-04-01

Features

• Updated the dictionary with the March 2026 changes

Changelog

Sourced from crate-ci/typos's changelog.

[1.45.0] - 2026-04-01

Features

• Updated the dictionary with the March 2026 changes

Commits

• 02ea592 chore: Release
• b859c0d chore: Release
• 6fd32ce docs: Update changelog
• 7626d89 Merge pull request #1530 from crate-ci/renovate/j178-prek-action-2.x
• 2c9510c Merge pull request #1532 from epage/march
• 265b88f feat(dict): March updates
• 5baf2ce chore(deps): Update compatible (#1529)
• 0442cb7 chore(deps): Update j178/prek-action action to v2
• 8f11c0d Merge pull request #1524 from epage/update
• ecdbfab chore: Update dependencies
• Additional commits viewable in compare view

Updates astral-sh/setup-uv from 7.6.0 to 8.0.0

Release notes

Sourced from astral-sh/setup-uv's releases.

v8.0.0 🌈 Immutable releases and secure tags

This is the first immutable release of setup-uv 🥳

All future releases are also immutable, if you want to know more about what this means checkout the docs.

This release also has two breaking changes

New format for manifest-file

The previously deprecated way of defining a custom version manifest to control which uv versions are available and where to download them from got removed. The functionality is still there but you have to use the new format.

No more major and minor tags

To increase security even more we will stop publishing minor tags. You won't be able to use @v8 or @v8.0 any longer. We do this because pinning to major releases opens up users to supply chain attacks like what happened to tj-actions.

[!TIP] Use the immutable tag as a version astral-sh/setup-uv@v8.0.0 Or even better the githash astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57

🚨 Breaking changes

• Remove update-major-minor-tags workflow @​eifinger (#826)
• Remove deprecrated custom manifest @​eifinger (#813)

🧰 Maintenance

• Shortcircuit latest version from manifest @​eifinger (#828)
• Simplify inputs.ts @​eifinger (#827)
• Bump release-drafter to v7.1.1 @​eifinger (#825)
• Refactor inputs @​eifinger (#823)
• Replace inline compile args with tsconfig @​eifinger (#824)
• chore: update known checksums for 0.11.2 @github-actions[bot] (#821)
• chore: update known checksums for 0.11.1 @github-actions[bot] (#817)
• chore: update known checksums for 0.11.0 @github-actions[bot] (#815)
• Fix latest-version workflow check @​eifinger (#812)
• chore: update known checksums for 0.10.11/0.10.12 @github-actions[bot] (#811)

Commits

• cec2083 Shortcircuit latest version from manifest (#828)
• 4dd8ab4 Simplify inputs.ts (#827)
• 7fdbe7c Remove update-major-minor-tags workflow (#826)
• 485abd0 Bump release-drafter to v7.1.1 (#825)
• f82eb19 Refactor inputs (#823)
• 868d1f7 Replace inline compile args with tsconfig (#824)
• 447e6d0 chore: update known checksums for 0.11.2 (#821)
• 5c62c59 chore: update known checksums for 0.11.1 (#817)
• e1a7373 chore: update known checksums for 0.11.0 (#815)
• 8970931 Remove deprecrated custom manifest (#813)
• Additional commits viewable in compare view

Updates actions/configure-pages from 5.0.0 to 6.0.0

Release notes

Sourced from actions/configure-pages's releases.

v6.0.0

Changelog

• upgrade to node 24 @​salmanmkc (#186)
• Upgrade IA Publish @​Jcambass (#165)
• Add workflow file for publishing releases to immutable action package @​Jcambass (#163)
• pin draft release version @​YiMysty (#162)
• Bump espree from 9.6.1 to 10.1.0 @​dependabot (#160)
• Bump eslint-config-prettier from 8.8.0 to 9.1.0 @​dependabot (#143)
• Be more friendly to Dependabot @​yoannchaudet (#158)
• Bump eslint-plugin-github from 4.10.2 to 5.0.1 @​dependabot (#154)
• Bump braces from 3.0.2 to 3.0.3 in the npm_and_yarn group @​dependabot (#156)
• Bump undici from 5.28.3 to 5.28.4 @​dependabot (#145)

See details of all code changes since previous release.

Commits

• 45bfe01 Merge pull request #186 from salmanmkc/node24
• d8770c2 Update Node version from 20 to 24 in action.yml
• cb8a1a3 upgrade to node 24
• d560657 Merge pull request #165 from actions/Jcambass-patch-1
• 35e0ac4 Upgrade IA Publish
• 1dfbcbf Merge pull request #163 from actions/Jcambass-patch-1
• 2f4f988 Add workflow file for publishing releases to immutable action package
• 0d7570c Merge pull request #162 from actions/pin-draft-release-verssion
• 3ea1966 pin draft release version
• aabcbc4 Merge pull request #160 from actions/dependabot/npm_and_yarn/espree-10.1.0
• Additional commits viewable in compare view

Updates actions/deploy-pages from 4.0.5 to 5.0.0

Release notes

Sourced from actions/deploy-pages's releases.

v5.0.0

Changelog

• Update Node.js version to 24.x @​salmanmkc (#404)
• Add workflow file for publishing releases to immutable action package @​Jcambass (#374)
• Bump braces from 3.0.2 to 3.0.3 in the npm_and_yarn group across 1 directory @​dependabot (#360)
• Make the rebuild dist workflow work nicer with Dependabot @​yoannchaudet (#361)
• Bump the non-breaking-changes group across 1 directory with 3 updates @​dependabot (#358)
• Delete repeated sentence @​garethsb (#359)
• Update README.md @​tsusdere (#348)
• Bump the non-breaking-changes group with 4 updates @​dependabot (#341)
• Remove error message for file permissions @​TooManyBees (#340)

---

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

Commits

• cd2ce8f Merge pull request #404 from salmanmkc/node24
• bbe2a95 Update Node.js version to 24.x
• 854d7aa Merge pull request #374 from actions/Jcambass-patch-1
• 306bb81 Add workflow file for publishing releases to immutable action package
• b742728 Merge pull request #360 from actions/dependabot/npm_and_yarn/npm_and_yarn-513...
• 7273294 Bump braces in the npm_and_yarn group across 1 directory
• 963791f Merge pull request #361 from actions/dependabot-friendly
• 51bb29d Make the rebuild dist workflow safer for Dependabot
• 89f3d10 Merge pull request #358 from actions/dependabot/npm_and_yarn/non-breaking-cha...
• bce7355 Merge branch 'main' into dependabot/npm_and_yarn/non-breaking-changes-99c12deb21
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions