Bump actions/setup-python from 4.5.0 to 4.6.0

[dependabot]

Bumps actions/setup-python from 4.5.0 to 4.6.0.

Release notes

Sourced from actions/setup-python's releases.

Add allow-prereleases input

In scope of this release we added a new input (allow-prereleases) to allow falling back to pre-release versions of Python when a matching GA version of Python is not available

steps:
  - uses: actions/checkout@v3
  - uses: actions/setup-python@v4
    with:
      python-version: 3.12
      allow-prereleases: true

Besides, we added such changes as:

• Fix bug to trim new line for PyPy version: actions/setup-python#610
• Added pip dependency file to generate hash from it: actions/setup-python#604
• Improved error handling for saving and restoring cache: actions/setup-python#618
• Add warning if cache paths are empty: actions/setup-python#642

Commits

• 57ded4d update @​azure/storage-blob (#655)
• df6abcc update xml2js (#652)
• 7a4f344 Add warning for empty cache paths (#642)
• d1244c8 Remove ubuntu-18.04 from e2e (#641)
• 3091b37 Fix glob bug in package.json scripts section (#637)
• dfa76f8 Update configuration files (#622)
• 03eb867 Add error handling for saving and restoring cache (#618)
• b41aaf9 Merge pull request #621 from akv-platform/reusable-workflow
• 0ffa49c Add update-config-files.yml
• ec365b4 Add and configure ESLint and update configuration for Prettier (#617)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[echoix]

@dependabot rebase

[bdovaz]

@dependabot rebase

[echoix]

LGTM

[bdovaz]

cc @nvuillam

[echoix]

Its only the fact that the build cannot be tested because we log in to dockerhub to build...

[nvuillam]

@echoix I would like to avoid Docker hub credentials to be accessed except from main branch, so probably the workflow should be updated , and without docker login, no more dependabot PR crashes ^^

[echoix]

It's more what I was thinking, ie, we are still stuck needing to push to a registry in order to test/build...

[nvuillam]

It's more what I was thinking, ie, we are still stuck needing to push to a registry in order to test/build...

I used to build it like that so I could test docker images before merging them... but I think it's simpler and safer if there is no docker upload during dev PRs

What we could eventually do is allow some builds from specific and protected branches, just for us

[nvuillam]

@echoix @bdovaz it's on the way :)

#2639

[dependabot]

Superseded by #2685.