ci(dependabot): bump the actions group across 1 directory with 4 updates#466
Merged
Merged
Conversation
Bumps the actions group with 4 updates in the / directory: [actions/configure-pages](https://github.com/actions/configure-pages), [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact), [actions/deploy-pages](https://github.com/actions/deploy-pages) and [codecov/codecov-action](https://github.com/codecov/codecov-action). Updates `actions/configure-pages` from 5 to 6 - [Release notes](https://github.com/actions/configure-pages/releases) - [Commits](actions/configure-pages@v5...v6) Updates `actions/upload-pages-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-pages-artifact/releases) - [Commits](actions/upload-pages-artifact@v4...v5) Updates `actions/deploy-pages` from 4 to 5 - [Release notes](https://github.com/actions/deploy-pages/releases) - [Commits](actions/deploy-pages@v4...v5) Updates `codecov/codecov-action` from 5 to 6 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@v5...v6) --- updated-dependencies: - dependency-name: actions/configure-pages dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/upload-pages-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/deploy-pages dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: codecov/codecov-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
Collaborator
mogres
added a commit
that referenced
this pull request
Jun 16, 2026
* user workflow improvements and config updates (#411) * default upload_results to false * update config file options * update schema docs * propose to remove config files from the packing commands but add a section to explain how configs work * set open_results_in_browser to false since it's dependent on upload_results * improve loggings * add a config file for upload results * correct option default and log level * update schema * add aws db to path * add a layer to detect non-interactive envs for db selection * fix readme * add cellpack website url * remove unnecessary restriction * update readme * add screenshots to readme (#413) * add screenshots to readme * Quick fix: update bbox value in recipes (#420) * add randomness_seed to upload and download (#416) * update bbox value in recipes * add config option for plot display * replace result screenshots and update readme * update docs/index to display images correctly * Add description field to recipe schema and backend utilities (#430) * add `description` and `randomness_seed` to top level recipe settings * add description in example recipes * add description to download and upload script * add description field to unit tests * pr commenting: use native github CLI (#432) * test github cli * remove test branch * Minimal fix: set camera position (#431) * set camera * use max dimension * add checks for pull requests (#434) * Feature/client upload script (#417) * add upload script * add example data and more documentation * point to correct collection * return firebase IDs from upload_recipe adn upload_config * add documentation * add installation step * lint fixes * lint fix * fix typos * keep all upload functionality in upload.py, and rename client to studio * remove accidential line * update example editable fields to match updates we've done * add output param * lint fixes * small wording fixes * make config_path optional * ci(dependabot): bump astral-sh/setup-uv from 4 to 7 (#436) Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) from 4 to 7. - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](astral-sh/setup-uv@v4...v7) --- updated-dependencies: - dependency-name: astral-sh/setup-uv dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix Comment Update job: use gh api instead of gh pr review (#438) * use gh api instead of gh pr review * remove backslashes * trigger workflow to test comment update * use patch instead of delete * take2-trigger workflow to test comment update * use an actual new line to avoid \n being treated as literal chars * Studio: add recipe and config json to outputs for downloading (#435) * add recipe and config to output * refactor * path guard * Potential fix for code scanning alert no. 21: Uncontrolled data used in path expression Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * format * fix 404 comment * handle firebase recipe, serialize it before passing to s3 * save recipe data directly to outputs * remove unused import * one more unused import --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * ci(dependabot): bump actions/upload-artifact from 4 to 6 (#439) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 6. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v6) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Miscellaneous gradient updates (#428) * Add gradient weights to Environment.py and Gradient.py * Remove unused import * Refactor Environment.py and utils.py This commit refactors the `Environment.py` file by separating the loading of grid, compartment grids, and mesh store into separate loops. It also clears the triangles_tree cache and resets the grid. Additionally, the `load_object_from_pickle` function has been removed from `utils.py` as it is no longer used. * Ignore venv folders * Update logging level * Update `aicsimageio` to `bioio` - Also update the logging of recipe validation to `debug` * Suppress logging outputs for lower level functions * Update logs in `ImageWriter.py` * Update path preference loading to catch empty json * Update logging for recipe validation * sort imports * Update uv lock * Allow gradient weights to be specified as a dict while combining * Add uniform weight map option * Fix gradient weight scaling for equal weights * Update scaling to just divide by max value * Add recipe to test gradients * Rename scaling method to normalize_by_max_value and update references * Use uniform weight if `decay_length` is 0 * Linting updates * Update validation for decay length * Update validation for multiple gradients * Add zero decay gradient in test recipe * ci(dependabot): bump aws-actions/configure-aws-credentials from 4 to 5 (#447) * ci(dependabot): bump aws-actions/configure-aws-credentials from 4 to 5 Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 4 to 5. - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](aws-actions/configure-aws-credentials@v4...v5) --- updated-dependencies: - dependency-name: aws-actions/configure-aws-credentials dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * matching the regular pr format * trigger codeQL --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ruge Li <rugeli0605@gmail.com> * ci(dependabot): bump peter-evans/create-pull-request from 7 to 8 (#450) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7 to 8. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@v7...v8) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Use native gh CLI for requirements actions (#453) * update UV setup to version 7 * update Dependabot configuration * remove unnecessary permissions for open-PR job in make-requirements.yml * Make timestamp unique using the run ID * Avoid expanding the WORKFLOW_PAT * ci(dependabot): bump the actions group with 4 updates (#456) Bumps the actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/upload-artifact](https://github.com/actions/upload-artifact), [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) and [actions/download-artifact](https://github.com/actions/download-artifact). Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v6) Updates `actions/upload-artifact` from 6 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v6...v7) Updates `aws-actions/configure-aws-credentials` from 5 to 6 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](aws-actions/configure-aws-credentials@v5...v6) Updates `actions/download-artifact` from 6 to 8 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v6...v8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: aws-actions/configure-aws-credentials dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/download-artifact dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Upgrading dependencies (#457) * Upgrading dependencies * Update black target version * Formatting via `uv run black cellpack` * Updating requirements.txt after change to `uv.lock` was pushed to `main` (#458) Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * Server should Accept Recipe JSON (#419) * add upload script * add example data and more documentation * point to correct collection * have server accept recipe as json object in body of request * update documentation * remove accidential dockerfile changes * rename param json_recipe * remove file that shouldn't be in this PR * remove accidential file * lint fixes * refactor to try to improve clarity of json recipe vs file path * lint fixes * lint fix * minimize changeset * minimize changeset * simplify changeset * code cleanup * minimize changeset * remove trailing comma * Feature/firebase lookup (#445) * remove os fetch for job_id * use dedup_hash instead of job id * proposal: get hash from recipe loader * renaming and add TODOs * format * rename param to hash * remove unused validate param and doc strings in pack * simplify get_ dedup_hash * refactor job_status update * cleanup * fix upload_job_status to handle awshandler * pass dedup_pash to env for fetching across files * add tests * format1 * format test * Only upload simularium file once (#446) * proposal: get hash from recipe loader * simplify get_ dedup_hash * only post simularium results file once for server job runs * update code for rebase * code cleanup --------- Co-authored-by: Ruge Li <rugeli0605@gmail.com> * Maint/firebase collection cleanup (#448) * remove local metadata writes for auto-pop feature * remove cleanup firebase workflow * remove cleanup firebase code * 1. make doc url a constant 2.remove unused param * handle both recipe_path and json body requests (#449) * change error message body * lint fixes * add more checks when attempting to read json body * add upload script * add example data and more documentation * point to correct collection * have server accept recipe as json object in body of request * update documentation * remove accidential dockerfile changes * rename param json_recipe * remove file that shouldn't be in this PR * remove accidential file * lint fixes * refactor to try to improve clarity of json recipe vs file path * lint fixes * lint fix * minimize changeset * minimize changeset * simplify changeset * code cleanup * minimize changeset * remove trailing comma * Feature/firebase lookup (#445) * remove os fetch for job_id * use dedup_hash instead of job id * proposal: get hash from recipe loader * renaming and add TODOs * format * rename param to hash * remove unused validate param and doc strings in pack * simplify get_ dedup_hash * refactor job_status update * cleanup * fix upload_job_status to handle awshandler * pass dedup_pash to env for fetching across files * add tests * format1 * format test * Only upload simularium file once (#446) * proposal: get hash from recipe loader * simplify get_ dedup_hash * only post simularium results file once for server job runs * update code for rebase * code cleanup --------- Co-authored-by: Ruge Li <rugeli0605@gmail.com> * Maint/firebase collection cleanup (#448) * remove local metadata writes for auto-pop feature * remove cleanup firebase workflow * remove cleanup firebase code * 1. make doc url a constant 2.remove unused param * handle both recipe_path and json body requests (#449) * change error message body * lint fixes * add more checks when attempting to read json body * let recipe loader check the input and key stripping * Update cellpack/autopack/writers/__init__.py Co-authored-by: Saurabh Mogre <saurabh.mogre@alleninstitute.org> * use `isinstance` for AWSHandler, and misc * update aws tests * initialize dedup_hash * add in-line comment * temp solution: use requirement.txt --------- Co-authored-by: Ruge Li <91452427+rugeli@users.noreply.github.com> Co-authored-by: Ruge Li <rugeli0605@gmail.com> Co-authored-by: Saurabh Mogre <saurabh.mogre@alleninstitute.org> * ci(dependabot): bump the actions group across 1 directory with 4 updates (#466) Bumps the actions group with 4 updates in the / directory: [actions/configure-pages](https://github.com/actions/configure-pages), [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact), [actions/deploy-pages](https://github.com/actions/deploy-pages) and [codecov/codecov-action](https://github.com/codecov/codecov-action). Updates `actions/configure-pages` from 5 to 6 - [Release notes](https://github.com/actions/configure-pages/releases) - [Commits](actions/configure-pages@v5...v6) Updates `actions/upload-pages-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-pages-artifact/releases) - [Commits](actions/upload-pages-artifact@v4...v5) Updates `actions/deploy-pages` from 4 to 5 - [Release notes](https://github.com/actions/deploy-pages/releases) - [Commits](actions/deploy-pages@v4...v5) Updates `codecov/codecov-action` from 5 to 6 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@v5...v6) --- updated-dependencies: - dependency-name: actions/configure-pages dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/upload-pages-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/deploy-pages dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: codecov/codecov-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Test updates: stabler debup hash and cli integration coverage (#462) * normalize data order before hashing and tests * test pack cli * refactor test file: use tmp_path instead of writing to a working dir * cleanup * formatting * add recipe fixture * Remove Support for Recipe URL Param (#464) * we only support recipe as JSON body now, remove support for reading recipe file path from URL * update documentation to use new communication protocol and strip out references to AWS batch * remove unused import * Maint/deprecate requirements txt (#467) * remove requirements.txt related code * update pyproject.toml * generate new uv file * update pip install for dockerfile * use uv sync * move server dep list under dependency-groups * update docker * fix path and use uv sync * add pydantic to pyproject toml * update lock file * Feature/v2 bloodplasma (#471) * update migration script and validation * add v2 blood plasma recipe * ci(dependabot): bump actions/add-to-project in the actions group (#469) Bumps the actions group with 1 update: [actions/add-to-project](https://github.com/actions/add-to-project). Updates `actions/add-to-project` from 1.0.2 to 2.0.0 - [Release notes](https://github.com/actions/add-to-project/releases) - [Commits](actions/add-to-project@v1.0.2...v2.0.0) --- updated-dependencies: - dependency-name: actions/add-to-project dependency-version: 2.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix KeyError: 'weight_mode' when packing v2.1 recipes with under-specified gradients (#470) * Add recipe and config to test gradient mixing in peroxisome data * normalize grad in early process * add tests --------- Co-authored-by: mogres <saurabh.mogre@alleninstitute.org> * pack: log resolved cellpack package path at DEBUG level Adds a DEBUG-level log of which cellpack package pack.py imported (autopack path), so it is easy to confirm whether a run used an installed/pinned cellpack vs a checked-out branch when debugging. Kept at DEBUG so normal packing output is unchanged. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Ruge Li <91452427+rugeli@users.noreply.github.com> Co-authored-by: Alli <111383930+ascibisz@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: Ruge Li <rugeli0605@gmail.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.


Bumps the actions group with 4 updates in the / directory: actions/configure-pages, actions/upload-pages-artifact, actions/deploy-pages and codecov/codecov-action.
Updates
actions/configure-pagesfrom 5 to 6Release notes
Sourced from actions/configure-pages's releases.
Commits
45bfe01Merge pull request #186 from salmanmkc/node24d8770c2Update Node version from 20 to 24 in action.ymlcb8a1a3upgrade to node 24d560657Merge pull request #165 from actions/Jcambass-patch-135e0ac4Upgrade IA Publish1dfbcbfMerge pull request #163 from actions/Jcambass-patch-12f4f988Add workflow file for publishing releases to immutable action package0d7570cMerge pull request #162 from actions/pin-draft-release-verssion3ea1966pin draft release versionaabcbc4Merge pull request #160 from actions/dependabot/npm_and_yarn/espree-10.1.0Updates
actions/upload-pages-artifactfrom 4 to 5Release notes
Sourced from actions/upload-pages-artifact's releases.
Commits
fc324d3Merge pull request #139 from Tom-van-Woudenberg/patch-1fe9d4b7Merge branch 'main' into patch-10ca1617Merge pull request #137 from jonchurch/include-hidden-files57f0e84Update action.yml4a90348v7 --> hash56f665aUpdate upload-artifact action to version 7f7615f5Addinclude-hidden-filesinputUpdates
actions/deploy-pagesfrom 4 to 5Release notes
Sourced from actions/deploy-pages's releases.
... (truncated)
Commits
cd2ce8fMerge pull request #404 from salmanmkc/node24bbe2a95Update Node.js version to 24.x854d7aaMerge pull request #374 from actions/Jcambass-patch-1306bb81Add workflow file for publishing releases to immutable action packageb742728Merge pull request #360 from actions/dependabot/npm_and_yarn/npm_and_yarn-513...7273294Bump braces in the npm_and_yarn group across 1 directory963791fMerge pull request #361 from actions/dependabot-friendly51bb29dMake the rebuild dist workflow safer for Dependabot89f3d10Merge pull request #358 from actions/dependabot/npm_and_yarn/non-breaking-cha...bce7355Merge branch 'main' into dependabot/npm_and_yarn/non-breaking-changes-99c12deb21Updates
codecov/codecov-actionfrom 5 to 6Release notes
Sourced from codecov/codecov-action's releases.
... (truncated)
Changelog
Sourced from codecov/codecov-action's changelog.
... (truncated)
Commits
57e3a13Th/6.0.0 (#1928)f67d33dRevert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0""...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions