From 32b0b49e9150f9d769a0f2c30c64cbc280d594c0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 9 Sep 2024 03:00:10 +0000
Subject: [PATCH 1/2] Bump the github-actions group across 2 directories with 3
 updates

Bumps the github-actions group with 2 updates in the / directory: [taiki-e/install-action](https://github.com/taiki-e/install-action) and [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish).
Bumps the github-actions group with 1 update in the /.github/actions/setup-python-poetry directory: [actions/setup-python](https://github.com/actions/setup-python).


Updates `taiki-e/install-action` from 2.42.37 to 2.43.1
- [Release notes](https://github.com/taiki-e/install-action/releases)
- [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/taiki-e/install-action/compare/f2b65a3e67b2ba5ed3b4a631b5e460896e975708...da8fe73ed87107a1cae164305a928b7c8fcff4bc)

Updates `pypa/gh-action-pypi-publish` from 1.10.0 to 1.10.1
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/8a08d616893759ef8e1aa1f2785787c0b97e20d6...0ab0b79471669eb3a4d647e625009c62f9f3b241)

Updates `actions/setup-python` from 5.1.1 to 5.2.0
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/39cd14951b08e74b54015e9e001cdefcf80e669f...f677139bbe7f9c59b41e40162b753c062f5d49a3)

---
updated-dependencies:
- dependency-name: taiki-e/install-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/actions/setup-python-poetry/action.yml | 2 +-
 .github/workflows/ci-rust.yml                  | 4 ++--
 .github/workflows/ci-web.yml                   | 2 +-
 .github/workflows/ci.yml                       | 2 +-
 .github/workflows/package-client.yml           | 6 +++---
 .github/workflows/package-server.yml           | 2 +-
 .github/workflows/publish.yml                  | 2 +-
 7 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/.github/actions/setup-python-poetry/action.yml b/.github/actions/setup-python-poetry/action.yml
index 9ec2cb9831a..5ec699fe36c 100644
--- a/.github/actions/setup-python-poetry/action.yml
+++ b/.github/actions/setup-python-poetry/action.yml
@@ -41,7 +41,7 @@ runs:
         echo "${APPDATA}\.poetry\bin" >> "$GITHUB_PATH"
 
     - name: Install python
-      uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f  # pin v5.1.1
+      uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3  # pin v5.2.0
       id: setup-python
       with:
         python-version-file: ${{ inputs.project-path }}/pyproject.toml
diff --git a/.github/workflows/ci-rust.yml b/.github/workflows/ci-rust.yml
index 1581f93ded9..52a4a2c68df 100644
--- a/.github/workflows/ci-rust.yml
+++ b/.github/workflows/ci-rust.yml
@@ -102,7 +102,7 @@ jobs:
         timeout-minutes: 5
 
       # Install cargo nextest command
-      - uses: taiki-e/install-action@f2b65a3e67b2ba5ed3b4a631b5e460896e975708 # pin v2.42.37
+      - uses: taiki-e/install-action@da8fe73ed87107a1cae164305a928b7c8fcff4bc # pin v2.43.1
         with:
           tool: nextest@0.9.54, wasm-pack@0.12.1, cargo-deny@0.15.0
 
@@ -262,7 +262,7 @@ jobs:
         timeout-minutes: 5
 
       # Install cargo nextest command
-      - uses: taiki-e/install-action@f2b65a3e67b2ba5ed3b4a631b5e460896e975708 # pin v2.42.37
+      - uses: taiki-e/install-action@da8fe73ed87107a1cae164305a928b7c8fcff4bc # pin v2.43.1
         with:
           tool: nextest@0.9.54
 
diff --git a/.github/workflows/ci-web.yml b/.github/workflows/ci-web.yml
index eed4ea451eb..3b95102bc65 100644
--- a/.github/workflows/ci-web.yml
+++ b/.github/workflows/ci-web.yml
@@ -123,7 +123,7 @@ jobs:
         timeout-minutes: 5
 
       # Install wasm-pack command
-      - uses: taiki-e/install-action@f2b65a3e67b2ba5ed3b4a631b5e460896e975708 # pin v2.42.37
+      - uses: taiki-e/install-action@da8fe73ed87107a1cae164305a928b7c8fcff4bc # pin v2.43.1
         with:
           tool: wasm-pack@${{ env.wasm-pack-version }}
 
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8cc98197cd2..ae4fa6ce46c 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -179,7 +179,7 @@ jobs:
           diff --unified .pre-commit-config.yaml $TEMP_FILE || true
           echo "path=$TEMP_FILE" >> $GITHUB_OUTPUT
 
-      - uses: taiki-e/install-action@f2b65a3e67b2ba5ed3b4a631b5e460896e975708 # pin v2.42.37
+      - uses: taiki-e/install-action@da8fe73ed87107a1cae164305a928b7c8fcff4bc # pin v2.43.1
         with:
           tool: taplo-cli@0.9.3
 
diff --git a/.github/workflows/package-client.yml b/.github/workflows/package-client.yml
index cf82e6d98f7..550304e72e4 100644
--- a/.github/workflows/package-client.yml
+++ b/.github/workflows/package-client.yml
@@ -94,7 +94,7 @@ jobs:
         working-directory: client
 
       # Install syft
-      - uses: taiki-e/install-action@f2b65a3e67b2ba5ed3b4a631b5e460896e975708 # pin v2.42.37
+      - uses: taiki-e/install-action@da8fe73ed87107a1cae164305a928b7c8fcff4bc # pin v2.43.1
         with:
           tool: syft@0.84.0, wasm-pack@${{ env.wasm-pack-version }}
 
@@ -195,7 +195,7 @@ jobs:
           mv -v parsec_*_*.snap Parsec_${{ steps.version.outputs.full }}_linux_$ARCH.snap
 
       # Install syft
-      - uses: taiki-e/install-action@f2b65a3e67b2ba5ed3b4a631b5e460896e975708 # pin v2.42.37
+      - uses: taiki-e/install-action@da8fe73ed87107a1cae164305a928b7c8fcff4bc # pin v2.43.1
         with:
           tool: syft@0.84.0
 
@@ -350,7 +350,7 @@ jobs:
         timeout-minutes: 1
 
       # Install syft
-      - uses: taiki-e/install-action@f2b65a3e67b2ba5ed3b4a631b5e460896e975708 # pin v2.42.37
+      - uses: taiki-e/install-action@da8fe73ed87107a1cae164305a928b7c8fcff4bc # pin v2.43.1
         with:
           tool: syft@0.84.0
 
diff --git a/.github/workflows/package-server.yml b/.github/workflows/package-server.yml
index 7efaf2edd5d..a4441d39491 100644
--- a/.github/workflows/package-server.yml
+++ b/.github/workflows/package-server.yml
@@ -136,7 +136,7 @@ jobs:
         run: python server/packaging/wheel/wheel_it.py ./server --output dist --skip-wheel
 
       # Install syft
-      - uses: taiki-e/install-action@f2b65a3e67b2ba5ed3b4a631b5e460896e975708 # pin v2.42.37
+      - uses: taiki-e/install-action@da8fe73ed87107a1cae164305a928b7c8fcff4bc # pin v2.43.1
         with:
           tool: syft@0.84.0
 
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 816f47955c4..7e84fbb1997 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -137,7 +137,7 @@ jobs:
 
       - name: Publish wheel on PyPI
         if: steps.version.outputs.local == ''
-        uses: pypa/gh-action-pypi-publish@8a08d616893759ef8e1aa1f2785787c0b97e20d6 # pin v1.10.0
+        uses: pypa/gh-action-pypi-publish@0ab0b79471669eb3a4d647e625009c62f9f3b241 # pin v1.10.1
         with:
           user: __token__
           password: ${{ secrets.PYPI_CREDENTIALS }}

From 97baa96578e1513cc27ddef54f8d9fea11438a56 Mon Sep 17 00:00:00 2001
From: Firelight Flagboy <firelight.flagboy@gmail.com>
Date: Mon, 9 Sep 2024 13:19:14 +0200
Subject: [PATCH 2/2] Use setup-python from main instead of tagged version

The the commit https://github.com/actions/setup-python/commit/29a37be0a3d3e8bf5bc1eb19cd0502922f5b312a
over 5.2.0 because it include a fix the windows system that doesn't handle CRLF well.

The reason for this is `actions/setup-python` is looking for project to test that change:
https://github.com/actions/setup-python/issues/935#issuecomment-2337422480
---
 .github/actions/setup-python-poetry/action.yml | 2 +-
 .github/workflows/ci.yml                       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/actions/setup-python-poetry/action.yml b/.github/actions/setup-python-poetry/action.yml
index 5ec699fe36c..ff291b18a3a 100644
--- a/.github/actions/setup-python-poetry/action.yml
+++ b/.github/actions/setup-python-poetry/action.yml
@@ -41,7 +41,7 @@ runs:
         echo "${APPDATA}\.poetry\bin" >> "$GITHUB_PATH"
 
     - name: Install python
-      uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3  # pin v5.2.0
+      uses: actions/setup-python@29a37be0a3d3e8bf5bc1eb19cd0502922f5b312a  # pin v5.2.0
       id: setup-python
       with:
         python-version-file: ${{ inputs.project-path }}/pyproject.toml
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index ae4fa6ce46c..fa62d6360e8 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -140,7 +140,7 @@ jobs:
               - newsfragments/**
 
       - name: Install python
-        uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3  # pin v5.2.0
+        uses: actions/setup-python@29a37be0a3d3e8bf5bc1eb19cd0502922f5b312a  # pin v5.2.0
         id: setup-python
         with:
           python-version: 3.12