chore(deps): bump astral-sh/setup-uv from 7.6.0 to 8.2.0#497
chore(deps): bump astral-sh/setup-uv from 7.6.0 to 8.2.0#497dependabot[bot] wants to merge 1 commit into
Conversation
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) from 7.6.0 to 8.2.0. - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](astral-sh/setup-uv@37802ad...fac544c) --- updated-dependencies: - dependency-name: astral-sh/setup-uv dependency-version: 8.2.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/github_actions/astral-sh/setup-uv-8.2.0
branch
from
f2d17c0 to
d2b8bbe
Compare
) Supersedes 9 individual dependabot PRs (#495–502, #516), consolidated to avoid a CI roundtrip per PR. All bumps applied on one branch and verified together (UI typecheck + 1297 vitest + production build + lint; uv relock). Python (uv.lock): - pyjwt 2.12.1 -> 2.13.0 (#516) npm (ui/package.json + pnpm-lock.yaml) — constraints set to dependabot's targets; pnpm resolved latest-compatible patches (newer than the targets): - next ^16.2.6 -> ^16.2.7 (resolved 16.2.9) (#501) - @tanstack/react-query ~5.100.14 -> ~5.101.0 (+ -devtools in lockstep) (#498) - @radix-ui/react-select ~2.2.6 -> ~2.3.0 (resolved 2.3.1) (#500) - @radix-ui/react-tooltip ~1.2.8 -> ~1.2.9 (resolved 1.2.10) (#502) - @radix-ui/react-popover ~1.1.15 -> ~1.1.16 (resolved 1.1.17) (#499) GitHub Actions (SHA-pinned): - astral-sh/setup-uv v7 -> v8.2.0 (#497) - ossf/scorecard-action v2.4.0 -> v2.4.3 (#496) - github/codeql-action v4 SHA bump (#495) Signed-off-by: SoundMindsAI <eric.starr@soundminds.ai> Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Superseded by #579, which consolidated all nine open |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
Bot
deleted the
dependabot/github_actions/astral-sh/setup-uv-8.2.0
branch
1 participant
Bumps astral-sh/setup-uv from 7.6.0 to 8.2.0.
Release notes
Sourced from astral-sh/setup-uv's releases.
... (truncated)
Commits
fac544cchore(deps): roll up dependabot updates (#903)7390f77docs: update dependabot rollup biome guidance (#902)363c64achore(deps): roll up dependabot updates (#901)c4fcbafchore(deps): bump release-drafter/release-drafter from 7.3.0 to 7.3.1 (#900)8e642c5chore: update known checksums for 0.11.18 (#899)a92cb43Add quiet input to suppress info-level log output (#898)e07f2acchore(deps): bump eifinger/actionlint-action from 1.10.1 to 1.10.2 (#842)bc4034echore(deps): bump github/codeql-action from 4.35.4 to 4.36.0 (#893)df42d4fchore(deps): bump zizmorcore/zizmor-action from 0.5.5 to 0.5.6 (#891)b9c8c4cfeat: adddownload-from-astral-mirrorinput (#897)