chore(deps): update github actions

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
EnricoMi/publish-unit-test-result-action	action	minor	v2 -> v2.20.0
actions/checkout	action	pinDigest	-> 08c6903
actions/download-artifact	action	pinDigest	-> 634f93c
actions/upload-artifact	action	minor	v4 -> v4.6.2
danhellem/github-actions-issue-to-work-item	action	pinDigest	-> 8d0ead9
ni/python-actions	action	minor	v0.1.0 -> v0.7.0

---

Release Notes

EnricoMi/publish-unit-test-result-action (EnricoMi/publish-unit-test-result-action)

v2.20.0

Compare Source

Adds the following improvements:

• Add action typing #​653
• Isolate PIP cache used by composite actions #​668
• Fix for empty <system-out> and <system-err> #​667
• Deprecate github_token_actor option, auto-detect actor #​661
• Use and recommend !cancelled() instead of always() #​659
• Add deprecationMessage to action.yml for deprecated inputs (#​654)
• Resolve regex library warnings #​660

Full Changelog: EnricoMi/publish-unit-test-result-action@v2.19.0...v2.20.0

v2.19.0

Compare Source

Adds the following improvements:

• Add option to verify SSL/TLS connection (#​638)
• Mention composite replacement in README.md (#​647)
• Quote $PYTHON_BIN in deprecated composite action (#​646)

v2.18.0

Compare Source

Adds the following improvements:

• Support Python 3.13 (#​632)
• Upgrade dependencies (#​566)
• Use unicode emojis (instead of markdown) (#​631)

v2.17.1

Compare Source

Fixes the following issue:

• Fix failing check run creation when no path or error message exists (#​621)

v2.17.0

Compare Source

Adds the following improvements:

• Avoid escaped quotes in Windows PowerShell action, fixes syntax error in some self-hosted Windows runners (#​603)
• Upgrade dependencies to latest versions to fix four vulnerabilities (#​606)

v2.16.1

Compare Source

Fixes quoting issue in Windows bash action (#​587)

v2.16.0

Compare Source

This improves dependencies:

• Pin dependencies based on Python version (#​585)
• Upgrade dependencies to latest version (#​585)

v2.15.1

Compare Source

This fixes a typo in the windows action (#​580).

v2.15.0

Compare Source

This release deprecates composite action uses: EnricoMi/publish-unit-test-result-action/composite@v2 (#​576)

Instead, use either of

• Linux (Bash shell): uses: EnricoMi/publish-unit-test-result-action/linux@v2
• macOS (Bash shell): uses: EnricoMi/publish-unit-test-result-action/macos@v2
• Windows (PowerShell): uses: EnricoMi/publish-unit-test-result-action/windows@v2
• Windows (Bash shell): uses: EnricoMi/publish-unit-test-result-action/windows/bash@v2

Or continue to use the Docker action uses: EnricoMi/publish-unit-test-result-action@v2.

Adds the following features:

• OS-specific composite actions, supports Windows PowerShell (#​576)
• Fix grouping lines in GitHub actions output (#​577)

v2.14.0

Compare Source

Adds the following features:

• Publish JSON even when check_run is false (#​568)
• Quote vars in composite action to support values with spaces (#​571)
• Uprade actions/cache to 4 in composite action (#​574)

v2.13.0

Compare Source

Adds the following features:

• Upgrade lxml to 5.1.0 (#​433)
• Rework how composite action checks and installs virtualenv / venv package, and activates virtual environment (#​558)

v2.12.0

Compare Source

Adds the following features:

• Add option to disable status checks (#​532)
• Fix action_fail_on_inconclusive, which was not working (#​543)
• Improve emoji for passed tests (changed from   to ✅) (#​542)
• Remove link from emojis in summary markdown (#​540)
• Handle incomplete / none JSON elements (#​530)
• Action warns about usage of absolute paths (#​519)
• Upgrade dependencies (#​523)

v2.11.0

Compare Source

Adds the following features:

• Reduce output from action_fail (#​511)
• Support running as ARM images (#​512, #​513, #​514)
• Use virtualenv in composite action to isolate package installation (#​501)
• Update urllib3 and charset-normalizer dependencies (#​507)

v2.10.0

Compare Source

Adds the following features:

• Allow for adding or removing test file path prefix (#​495)
• Support for Windows with Python 3.11, and macOS 13 by upgrading lxml from 4.9.1 to 4.9.3 (#​387)

v2.9.0

Compare Source

Adds the following features:

• Upgrade PyGithub dependency
• Move to PyGithub implementation of retry and throttling logic (#​469)

v2.8.0

Compare Source

Adds the following features:

• Add github_token_actor option to support Github App installation or App user token (#​460)
• Upgrade dependencies, drop Python 3.6 (#​457)

This release removes support for Python 3.6. Please use action version 2.7 with Python 3.6.

uses: EnricoMi/[email protected]

v2.7.0

Compare Source

Adds the following features:

• Add test time to case annotation (test failures and errors) (#​439)
• Allow to publish job summary for pull_request event on fork (#​441)
• Links in comments point to README.md version that matches the used action (#​432)

v2.6.2

Compare Source

Fixes the following issues:

• Publish comment on the pull request of the event, or on the pull request of the commit otherwise (#​438)

In contrast to v2.6.1, the action falls back to the commit's pull requests when the event does not provide a PR.

v2.6.1

Compare Source

Fixes the following issues:

• Publish comments only to the pull request that triggered the action (not all commit's pull requests) (#​428)

This means that the action only publishes pull request comments on pull_request events (and workflow_run events triggered from pull_request events). The action running on either pull request used to overwrite the other pull request's results. This is not useful since different pull requests that share a commit may have different results.

v2.6.0

Compare Source

Adds the following features:

• Reduce likelihood of secondary rate limit errors (#​425)

v2.5.0

Compare Source

Adds the following features:

• Add support for Dart and Mocha JSON test results (#​404)
• Speed up composite action by caching PIP packages (#​418, #​422)
• Speed up package installation by always installing wheel package
• Pin versions of all transient dependencies so that composite action always uses the same versions (#​421)
• Speed up parsing large TRX files by adding lookup index (#​417)
• Restrict XSLT permissions used for non-JUnit XML files (#​415)
• Add explicit number typing to XSLT (#​416)

v2.4.2

Compare Source

Fixes the following issues:

• Fix list of added/removed tests when test list is spread over multiple annotations (#​407)
• Log detected file types only if there actually are files
• Remove deprecation comment from composite action.yaml

v2.4.1

Compare Source

Adds the following features:

• Auto-detect file format, re-introduce the FILES option (#​395)
• Add option to parse XML with huge tree option (#​400)

v2.3.0

Compare Source

Adds the following features:

• Add suite logs as annotations (#​392)
• Add action_fail option to fail publish action on test failures (#​378)
• Fix action example that fetches all artifacts from triggering workflow (84dbe97)
• Upgrade all dependencies except lxml to latest (#​394)

v2.2.0

Compare Source

Adds the following features:

• Add option to write test cases to JSON file (#​366)

v2.1.0

Compare Source

Adds the following features:

• Include test case stdout and stderr in annotation details (#​358)
• Use GHA env file to set output, fall back to stdout command (#​360)

actions/upload-artifact (actions/upload-artifact)

v4.6.2

Compare Source

What's Changed

• Update to use artifact 2.3.2 package & prepare for new upload-artifact release by @​salmanmkc in #​685

New Contributors

• @​salmanmkc made their first contribution in #​685

Full Changelog: actions/upload-artifact@v4...v4.6.2

v4.6.1

Compare Source

What's Changed

• Update to use artifact 2.2.2 package by @​yacaovsnc in #​673

Full Changelog: actions/upload-artifact@v4...v4.6.1

v4.6.0

Compare Source

What's Changed

• Expose env vars to control concurrency and timeout by @​yacaovsnc in #​662

Full Changelog: actions/upload-artifact@v4...v4.6.0

v4.5.0

Compare Source

What's Changed

• fix: deprecated Node.js version in action by @​hamirmahal in #​578
• Add new artifact-digest output by @​bdehamer in #​656

New Contributors

• @​hamirmahal made their first contribution in #​578
• @​bdehamer made their first contribution in #​656

Full Changelog: actions/upload-artifact@v4.4.3...v4.5.0

v4.4.3

Compare Source

What's Changed

• Undo indirect dependency updates from #​627 by @​joshmgross in #​632

Full Changelog: actions/upload-artifact@v4.4.2...v4.4.3

v4.4.2

Compare Source

What's Changed

• Bump @actions/artifact to 2.1.11 by @​robherley in #​627
  • Includes fix for relative symlinks not resolving properly

Full Changelog: actions/upload-artifact@v4.4.1...v4.4.2

v4.4.1

Compare Source

What's Changed

• Add a section about hidden files by @​joshmgross in #​607
• Add workflow file for publishing releases to immutable action package by @​Jcambass in #​621
• Update @​actions/artifact to latest version, includes symlink and timeout fixes by @​robherley in #​625

New Contributors

• @​Jcambass made their first contribution in #​621

Full Changelog: actions/upload-artifact@v4.4.0...v4.4.1

v4.4.0

Compare Source

Notice: Breaking Changes ⚠️

We will no longer include hidden files and folders by default in the upload-artifact action of this version. This reduces the risk that credentials are accidentally uploaded into artifacts. Customers who need to continue to upload these files can use a new option, include-hidden-files, to continue to do so.

See "Notice of upcoming deprecations and breaking changes in GitHub Actions runners" changelog and this issue for more details.

What's Changed

• Exclude hidden files by default by @​joshmgross in #​598

Full Changelog: actions/upload-artifact@v4.3.6...v4.4.0

v4.3.6

Compare Source

What's Changed

• Revert to @​actions/artifact 2.1.8 by @​robherley in #​594

Full Changelog: actions/upload-artifact@v4...v4.3.6

v4.3.5

Compare Source

What's Changed

• Bump @​actions/artifact to v2.1.9 by @​robherley in #​588
  • Fixed artifact upload chunk timeout logic #​1774
  • Use lazy stream to prevent issues with open file limits #​1771

Full Changelog: actions/upload-artifact@v4.3.4...v4.3.5

v4.3.4

Compare Source

What's Changed

• Update @​actions/artifact version, bump dependencies by @​robherley in #​584

Full Changelog: actions/upload-artifact@v4.3.3...v4.3.4

v4.3.3

Compare Source

What's Changed

• updating @actions/artifact dependency to v2.1.6 by @​eggyhead in #​565

Full Changelog: actions/upload-artifact@v4.3.2...v4.3.3

v4.3.2

Compare Source

What's Changed

• Update release-new-action-version.yml by @​konradpabjan in #​516
• Minor fix to the migration readme by @​andrewakim in #​523
• Update readme with v3/v2/v1 deprecation notice by @​robherley in #​561
• updating @actions/artifact dependency to v2.1.5 and @actions/core to v1.0.1 by @​eggyhead in #​562

New Contributors

• @​andrewakim made their first contribution in #​523

Full Changelog: actions/upload-artifact@v4.3.1...v4.3.2

v4.3.1

Compare Source

• Bump @​actions/artifacts to latest version to include updated GHES host check

v4.3.0

Compare Source

What's Changed

• Reorganize upload code in prep for merge logic & add more tests by @​robherley in #​504
• Add sub-action to merge artifacts by @​robherley in #​505

Full Changelog: actions/upload-artifact@v4...v4.3.0

v4.2.0

Compare Source

What's Changed

• Ability to overwrite an Artifact by @​robherley in #​501

Full Changelog: actions/upload-artifact@v4...v4.2.0

v4.1.0

Compare Source

What's Changed

• Add migrations docs by @​robherley in #​482
• Update README.md by @​samuelwine in #​492
• Support artifact-url output by @​konradpabjan in #​496
• Update readme to reflect new 500 artifact per job limit by @​robherley in #​497

New Contributors

• @​samuelwine made their first contribution in #​492

Full Changelog: actions/upload-artifact@v4...v4.1.0

ni/python-actions (ni/python-actions)

v0.7.0: ni/python-actions v0.7.0

Compare Source

What's Changed

• analyze-project: Replace extras input with a more general install-args input (#​40)

  • Now you can use install-args to pass whatever arguments you want to poetry install. Example:

  - uses: ni/python-actions/analyze-project@v0
    with:
      project-directory: ${{ github.workspace }}/packages/myproject
      install-args: "--extras 'colors serialization' --with dev,docs,utils"

  • The extras input has been removed. This breaks compatibility, but this project's major version is still 0, so we are only bumping the minor version.

• setup-poetry: Use temporary directory for Poetry installs (#​41)

  • Originally, the Poetry install directory was $HOME/.local/poetry. This worked fine on GitHub-hosted runners and ephemeral self-hosted runners, but on long-lived self-hosted runners it produces errors when the directory already exists.
  • In v0.6.0, the Poetry install directory was changed to $GITHUB_WORKSPACE/.cache/poetry so that self-hosted runners would automatically clean it up. However, this broke compatibility with clients that run tools that search the entire GitHub workspace for Python files.
  • In v0.6.1, the Poetry install directory was changed to the pipeline directory ($GITHUB_WORKSPACE/..) to hide it from tools that search the entire GitHub workspace. However, this caused a regression for long-lived self-hosted runners.
  • In v0.7.0, the Poetry install directory was changed to $RUNNER_TEMP/poetry, which is cleaned up before/after each job, but which is outside the GitHub workspace. This directory seems to be stable enough that caching is still effective. Hopefully this will be the last change of Poetry install location; if not, we will probably add an input to allow overriding it.

Full Changelog: ni/python-actions@v0.6.1...v0.7.0

v0.6.1: ni/python-actions v0.6.1

Compare Source

Bug Fixes

• ni/python-actions/analyze-project: Fix #​31 - ni/python-actions/analyze-project does not think mypy is installed (#​32)
• ni/python-actions/setup-poetry: Fix #​33 - Moving Poetry install directory to $GITHUB_WORKSPACE/.cache breaks nps lint with default excludes (#​34)

What's Changed

• Enable immutable releases
• Documentation
  • Replace @v0.2 with @v0 and recommend pinning (#​29)
  • Update analyze-project docs (#​30)
• ni/python-actions/analyze-project:
  • Use a custom shell to run the venv's python (#​35)
  • Update jakebailey/pyright-action action to v2.3.3 (#​37)
  • Add test scenarios for analyze-project (#​36)

Full Changelog: ni/python-actions@v0.6.0...v0.6.1

v0.6.0: ni/python-actions v0.6.0

Compare Source

What's Changed

• Add ni/python-actions/analyze-project composite action (#​24)
  • This action analyzes the code quality of a Python project using various linters and type checkers including ni-python-styleguide, mypy (if the mypy package is installed), and pyright (if the 'pyright' package is installed).
• Change Poetry install directory (#​26)
  • This improves compatibility with self-hosted runners.
  • The Poetry cache key now includes a hash of the Poetry install directory.
• Add a separate README.md for each action (#​25)
• Update actions/setup-python action to v6 (#​27)

New Contributors

• @​szb640 made their first contribution in #​26
• @​dixonjoel made their first contribution in #​24

Full Changelog: ni/python-actions@v0.5.1...v0.6.0

v0.5.1: ni/python-actions v0.5.1

Compare Source

What's Changed

• update-project-version: Add workaround for chained PRs to PR description text (#​21)

Full Changelog: ni/python-actions@v0.5.0...v0.5.1

v0.5.0: ni/python-actions v0.5.0

Compare Source

What's Changed

• setup-poetry:
  • Change default Poetry version to 2.1.4 (#​18)
• update-project-version:
  • Show project names and versions (#​20)
    • The PR body now contains a table showing the project names, versions, and pyproject.toml paths
    • When updating a single project, the PR title now says shows the project name and version, e.g. "chore: Update project nitypes to v1.2.3"
  • Change how branch name is shown (#​20)
    • The branch name is now shown in brackets at the beginning of the PR title, e.g. "[releases/1.2] chore: Update project nitypes to v1.2.3"
    • The branch name is no longer shown for main/master branches.
• tests:
  • The actions are now tested on macOS (#​15)

Full Changelog: ni/python-actions@v0.4.1...v0.5.0

v0.4.1: ni/python-actions v0.4.1

Compare Source

What's Changed

• check-project-version: Set expected-version to release.tag_name for release events (#​14)

New Contributors

• @​mjohanse-emr made their first contribution in #​14

Full Changelog: ni/python-actions@v0.4.0...v0.4.1

v0.4.0: ni/python-actions v0.4.0

Compare Source

What's Changed

• setup-python, setup-poetry: Support PyPy and free-threading (#​11)
  • To use PyPy, set the python-version input to pypy3.10, pypy3.11, etc.
  • To use CPython with free-threading, add a t suffix to the python-version input (e.g. 3.13t).
    • Note: free-threading is only available with Python 3.13 and later.
    • Note: installing Poetry with free-threading does not work yet, because the cryptography and cffi packages do not yet support free-threading.
  • The python-version output now reflects the the PyPy language+implementation versions (e.g. pypy3.11.11-v7.3.19) and has a t suffix for free-threaded builds (e.g. 3.13.4t)
  • The ni/setup-python action now uses the pythonVersion environment variable to pass the Python version to ni/setup-poetry.

Full Changelog: ni/python-actions@v0.3.1...v0.4.0

v0.3.1: ni/python-actions v0.3.1

Compare Source

What's Changed

• setup-poetry: Log debug info on failure (#​12)

Full Changelog: ni/python-actions@v0.3.0...v0.3.1

v0.3.0: ni/python-actions v0.3.0

Compare Source

What's Changed

• update-project-version: Add token input (#​9)
  • The default GITHUB_TOKEN cannot trigger PR workflows, so the generated pull request will not run any status checks. You can work around this by using token to specify a token that is saved in a repo/org secret.
• setup-poetry: Add use-cache input (#​8)
  • If you run into caching problems, you can disable caching by specifying use-cache: false.

Full Changelog: ni/python-actions@v0.2.0...v0.3.0

v0.2.0: ni/python-actions v0.2.0

Compare Source

What's Changed

• Add the check-project-version action (#​5)
  • The check-project-version action uses Poetry to get the version of a Python project and checks that it matches an expected version.
  • You can use this action in your project's publish workflow to verify that the project version matches the GitHub release tag.
  • By default, this action checks against github.ref_name, which is the GitHub release tag for GitHub release events.
• Add the update-project-version action (#​5)
  • The update-project-version action uses Poetry to update the version of a Python project and creates a pull request to modify its pyproject.toml file.
  • You can use this action in your project's publish workflow to update the version number for the next release or pre-release.
  • You can specify version-rule and use-dev-suffix to customize the versioning scheme.
    • version-rule specifies the rule for updating the version number. For example, major will update 1.0.0 -> 2.0.0, while patch will update 1.0.0 -> 1.0.1. See the docs for poetry version for the list of rules and their behavior.
    • use-dev-suffix specifies whether to use development versions like 1.0.0.dev0.

New Contributors

• @​renovate made their first contribution in #​2

Full Changelog: ni/python-actions@v0.1.0...v0.2.0

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) in timezone US/Central, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Test Results

 10 files  ±0   10 suites  ±0   9s ⏱️ -1s
 54 tests ±0   53 ✅ ±0   1 💤 ±0  0 ❌ ±0 
530 runs  ±0  482 ✅ ±0  48 💤 ±0  0 ❌ ±0 

Results for commit d93a31f. ± Comparison against base commit f5156a5.

♻️ This comment has been updated with latest results.

[wchung-ni]

Looks good and it is expected changes after #58 .