build(deps): bump the actions-monthly group with 8 updates

[dependabot]

Bumps the actions-monthly group with 8 updates:

Package	From	To
actions/checkout	6.0.1	6.0.2
astral-sh/setup-uv	7.1.6	7.2.1
astral-sh/ruff-action	3.5.1	3.6.1
github/codeql-action	3.31.8	4.32.0
conda-incubator/setup-miniconda	3.2.0	3.3.0
JamesIves/github-pages-deploy-action	4.7.6	4.8.0
actions/setup-python	6.1.0	6.2.0
pypa/cibuildwheel	3.3.0	3.3.1

Updates actions/checkout from 6.0.1 to 6.0.2

Release notes

Sourced from actions/checkout's releases.

v6.0.2

What's Changed

• Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by @​TingluoHuang in actions/checkout#2355
• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

Full Changelog: actions/checkout@v6.0.1...v6.0.2

Commits

• de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
• 064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
• See full diff in compare view

Updates astral-sh/setup-uv from 7.1.6 to 7.2.1

Release notes

Sourced from astral-sh/setup-uv's releases.

v7.2.0 🌈 add outputs python-version and python-cache-hit

Changes

Among some minor typo fixes and quality of life features for developers of actions the main feature of this release are new outputs:

• python-version: The Python version that was set (same content as existing UV_PYTHON)
• python-cache-hit: A boolean value to indicate the Python cache entry was found

While implementing this it became clear, that it is easier to handle the Python binaries in a separate cache entry. The added benefit for users is that the "normal" cache containing the dependencies can be used in all runs no matter if these cache the Python binaries or not.

[!NOTE]
This release will invalidate caches that contain the Python binaries. This happens a single time.

🐛 Bug fixes

• chore: remove stray space from UV_PYTHON_INSTALL_DIR message @​akx (#720)

🚀 Enhancements

• add outputs python-version and python-cache-hit @​eifinger (#728)
• Add action typings with validation @​krzema12 (#721)

🧰 Maintenance

• fix: use uv_build backend for old-python-constraint-project @​eifinger (#729)
• chore: update known checksums for 0.9.22 @github-actions[bot] (#727)
• chore: update known checksums for 0.9.21 @github-actions[bot] (#726)
• chore: update known checksums for 0.9.20 @github-actions[bot] (#725)
• chore: update known checksums for 0.9.18 @github-actions[bot] (#718)

⬆️ Dependency updates

• Bump peter-evans/create-pull-request from 7.0.9 to 8.0.0 @dependabot[bot] (#719)
• Bump github/codeql-action from 4.31.6 to 4.31.9 @dependabot[bot] (#723)

Commits

• 803947b chore: update known checksums for 0.9.28 (#744)
• 24553ac chore: update known checksums for 0.9.27 (#742)
• 085087a Bump zizmorcore/zizmor-action from 0.3.0 to 0.4.1 (#741)
• 9cfd029 chore: update known checksums for 0.9.26 (#734)
• dd9d55b chore: update known checksums for 0.9.25 (#733)
• 8512ad0 Clarify impact of using actions/setup-python (#732)
• cc55817 chore: update known checksums for 0.9.24 (#730)
• 61cb8a9 add outputs python-version and python-cache-hit (#728)
• 11050ed fix: use uv_build backend for old-python-constraint-project (#729)
• 1d22faf Bump peter-evans/create-pull-request from 7.0.9 to 8.0.0 (#719)
• Additional commits viewable in compare view

Updates astral-sh/ruff-action from 3.5.1 to 3.6.1

Release notes

Sourced from astral-sh/ruff-action's releases.

v3.6.1 🌈 fix automatic minor tag updates

Changes

This is just a bugfix release for the release process

• fix: persist credentials for git push in update-major-minor-tags workflow @​eifinger-bot (#312)

🧰 Maintenance

• ci: add zizmor security linting @​eifinger-bot (#313)

Commits

• 4919ec5 fix: persist credentials for git push in update-major-minor-tags workflow (#312)
• 1977806 ci: add zizmor security linting (#313)
• aedff8d Bump dependencies and actions (#311)
• 191187a Bump actions/checkout from 5.0.0 to 6.0.1 (#278)
• ecac2cc Bump github/codeql-action from 3.30.5 to 4.31.10 (#294)
• ddb8c29 Bump actions/setup-node from 6.0.0 to 6.2.0 (#296)
• 5eee2a4 search in parent dir (#306)
• 1d756c4 chore: update known checksums for 0.14.13/0.14.14 (#297)
• fde82cb Fix CI: Pin ruff version to stable 0.13.x in test fixture (#305)
• deb6320 ignore environment markers in dep specs (#295)
• Additional commits viewable in compare view

Updates github/codeql-action from 3.31.8 to 4.32.0

Release notes

Sourced from github/codeql-action's releases.

v4.32.0

• Update default CodeQL bundle version to 2.24.0. #3425

v4.31.11

• When running a Default Setup workflow with Actions debugging enabled, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. #3409
• Improved error handling throughout the CodeQL Action. #3415
• Added experimental support for automatically excluding generated files from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. #3318
• The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. #3403

v4.31.10

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.10 - 12 Jan 2026

• Update default CodeQL bundle version to 2.23.9. #3393

See the full CHANGELOG.md for more information.

v4.31.9

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.9 - 16 Dec 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v4.31.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.8 - 11 Dec 2025

• Update default CodeQL bundle version to 2.23.8. #3354

See the full CHANGELOG.md for more information.

v4.31.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.7 - 05 Dec 2025

• Update default CodeQL bundle version to 2.23.7. #3343

... (truncated)

Commits

• b20883b Merge pull request #3428 from github/update-v4.32.0-e3b8227a2
• c9aa45d Update changelog for v4.32.0
• e3b8227 Merge pull request #3427 from github/henrymercer/bump-for-new-minor-series
• 8a01181 Compare minor version number
• 80e1425 Bump minor version for CLI v2.24.0
• b748848 Bump the Action minor version number on new CodeQL minor version series
• 5e767ef Merge pull request #3425 from github/update-bundle/codeql-bundle-v2.24.0
• 9752869 Add changelog note
• c62c214 Update default bundle to codeql-bundle-v2.24.0
• 25a224b Merge pull request #3423 from github/mbg/ci/yq-windows
• Additional commits viewable in compare view

Updates conda-incubator/setup-miniconda from 3.2.0 to 3.3.0

Release notes

Sourced from conda-incubator/setup-miniconda's releases.

Version 3.3.0

Fixes

• #411411: Deprecate auto-activate-base input
• #410410: Ignore auto_activate warning
• #414414: Activate default environment instead of base environment
• #435435: fix: remove accidental indentation from shell config template strings
• #442442: Translate POSIX set to xonsh's equivalent

Tasks and Maintenance

• #405405, #413413, #439439: Bump normalize-url from 8.0.1 to 8.1.1
• #425425: Bump @​actions/io from 1.1.3 to 2.0.0
• #432432: Bump @​actions/exec from 1.1.1 to 2.0.0
• #433433, #441441: Bump @​actions/core from 1.11.1 to 2.0.2
• #416416: Bump semver and @​types/semver
• #421421: Bump actions/setup-node from 5 to 6
• #427427: Bump js-yaml from 4.1.0 to 4.1.1

Changelog

Sourced from conda-incubator/setup-miniconda's changelog.

CHANGELOG

v3.3.0 (2026-01-20)

Fixes

• #410410: Ignore auto_activate warning
• #411411: Deprecate auto-activate-base input
• #414414: Activate default environment instead of base environment
• #435435: fix: remove accidental indentation from shell config template strings
• #442442: Translate POSIX set to xonsh's equivalent

Tasks and Maintenance

• #405405, #413413, #439439: Bump normalize-url from 8.0.1 to 8.1.1
• #425425: Bump @​actions/io from 1.1.3 to 2.0.0
• #432432: Bump @​actions/exec from 1.1.1 to 2.0.0
• #433433, #441441: Bump @​actions/core from 1.11.1 to 2.0.2
• #416416: Bump semver and @​types/semver
• #421421: Bump actions/setup-node from 5 to 6
• #427427: Bump js-yaml from 4.1.0 to 4.1.1

[v3.2.0] (2025-06-04)

Fixes

• #398 Check all .condarc files when removing defaults
• #397 Add version normalization for minicondaVersion in input validation
• #402 Workaround for auto_activate_base deprecation

Tasks and Maintenance

... (truncated)

Commits

• fc2d68f Merge pull request #443 from conda-incubator/prepare-3.3.0
• ee22b26 Prepare 3.3.0
• e56a69e Bump @​actions/core from 2.0.1 to 2.0.2 (#441)
• 88f68ec Translate POSIX set to xonsh's equivalent (#442)
• 671a2a2 Bump normalize-url from 8.1.0 to 8.1.1 (#439)
• 574256d fix: remove accidental indentation from shell config template strings (#435)
• 1998b40 Bump @​actions/exec from 1.1.1 to 2.0.0 (#432)
• aacb0f8 Bump @​actions/core from 1.11.1 to 2.0.1 (#433)
• ca4fa09 Bump actions/cache from 4 to 5 (#438)
• ae98e94 Bump actions/upload-artifact from 5.0.0 to 6.0.0 (#437)
• Additional commits viewable in compare view

Updates JamesIves/github-pages-deploy-action from 4.7.6 to 4.8.0

Release notes

Sourced from JamesIves/github-pages-deploy-action's releases.

v4.8.0

What's Changed

Build 🔧

• Migrate from Node.js 20 to Node.js 24 runtime
• build(deps-dev): bump the eslint group with 3 updates by @​dependabot[bot] in JamesIves/github-pages-deploy-action#1920
• build(deps): bump the actions group with 2 updates by @​dependabot[bot] in JamesIves/github-pages-deploy-action#1931
• build(deps): bump @​actions/core from 2.0.0 to 2.0.1 in the actions group by @​dependabot[bot] in JamesIves/github-pages-deploy-action#1933
• build(deps): bump codecov/codecov-action from 5.5.1 to 5.5.2 by @​dependabot[bot] in JamesIves/github-pages-deploy-action#1932
• build(deps): bump the actions group with 2 updates by @​dependabot[bot] in JamesIves/github-pages-deploy-action#1942
• build(deps): bump the eslint group across 1 directory with 4 updates by @​dependabot[bot] in JamesIves/github-pages-deploy-action#1938
• build(deps): bump typescript-eslint from 8.49.0 to 8.50.0 in the typescript group by @​dependabot[bot] in JamesIves/github-pages-deploy-action#1937
• build(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 by @​dependabot[bot] in JamesIves/github-pages-deploy-action#1936
• build(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 by @​dependabot[bot] in JamesIves/github-pages-deploy-action#1935

Full Changelog: JamesIves/github-pages-deploy-action@v4...v4.8.0

Commits

• d92aa23 Deploy Production Code for Commit e28dece811c3ec29b89d2e5e7ff7112cd94f55c3 🚀
• e28dece Merge pull request #1943 from JamesIves/dev
• 3de785c build(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 (#1935)
• 2c2aabb build(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 (#1936)
• 9437d05 build(deps): bump typescript-eslint in the typescript group (#1937)
• 167e44d build(deps): bump the eslint group across 1 directory with 4 updates (#1938)
• e92cea4 chore: Migrate from Node.js 20 to Node.js 24 LTS (#1941)
• 5eb9f60 build(deps): bump the actions group with 2 updates (#1942)
• 9fa3b18 Deploying to dev from @ JamesIves/github-pages-deploy-action@7c9298abb2dd9020...
• 7c9298a Deploying to dev from @ JamesIves/github-pages-deploy-action@66909b7a50caef56...
• Additional commits viewable in compare view

Updates actions/setup-python from 6.1.0 to 6.2.0

Release notes

Sourced from actions/setup-python's releases.

v6.2.0

What's Changed

Dependency Upgrades

• Upgrade dependencies to Node 24 compatible versions by @​salmanmkc in actions/setup-python#1259
• Upgrade urllib3 from 2.5.0 to 2.6.3 in /__tests__/data by @​dependabot in actions/setup-python#1253 and actions/setup-python#1264

Full Changelog: actions/setup-python@v6...v6.2.0

Commits

• a309ff8 Bump urllib3 from 2.6.0 to 2.6.3 in /tests/data (#1264)
• bfe8cc5 Upgrade @​actions dependencies to Node 24 compatible versions (#1259)
• 4f41a90 Bump urllib3 from 2.5.0 to 2.6.0 in /tests/data (#1253)
• See full diff in compare view

Updates pypa/cibuildwheel from 3.3.0 to 3.3.1

Release notes

Sourced from pypa/cibuildwheel's releases.

v3.3.1

• 🛠 Update dependencies and container pins, including updating to CPython 3.14.2. (#2708)

Changelog

Sourced from pypa/cibuildwheel's changelog.

---

title: Changelog

Changelog

v3.3.1

5 January 2026

• 🛠 Update dependencies and container pins, including updating to CPython 3.14.2. (#2708)

v3.3.0

12 November 2025

• 🐛 Fix an incompatibility with Docker v29 (#2660)
• ✨ Adds test-runtime option, to customise how tests on simulated/emulated environments are run (#2636)
• ✨ Adds support for new manylinux_2_35 images on 32-bit ARM armv7l, offering better C++20 compatibility (#2656)
• ✨ build[uv] is now supported on Android (#2587)
• ✨ You can now install extras (such as uv) with a simple option on the GitHub Action (#2630)
• ✨ {project} and {package} placeholders are now supported in repair-wheel-command (#2589)
• 🛠 The versions set with dependency-versions no longer constrain packages specified by your build-system.requires. Previously, on platforms other than Linux, the constraints in this option would remain in the environment during the build. This has been tidied up make behaviour more consistent between platforms, and to prevent version conflicts. (#2583)
• 🛠 Improve the handling of test-command on Android, enabling more options to be passed (#2590)
• 📚 Docs improvements (#2618)

v3.2.1

12 October 2025

• 🛠 Update to CPython 3.14.0 final (#2614)
• 🐛 Fix the default MACOSX_DEPLOYMENT_TARGET on Python 3.14 (#2613)
• 📚 Docs improvements (#2617)

v3.2.0

22 September 2025

• ✨ Adds GraalPy v25 (Python 3.12) support (#2597)
• 🛠 Update to CPython 3.14.0rc3 (#2602)
• 🛠 Adds CPython 3.14.0 prerelease support for Android, and a number of improvements to Android builds (#2568, #2591)
• 🛠 Improvements to testing on Android, passing environment markers when installing the venv, and providing more debug output when build-verbosity is set (#2575)
• ⚠️ PyPy 3.10 was moved to pypy-eol in the enable option, as it is now end-of-life. (#2521)
• 📚 Docs improvements (#2574, #2601, #2598)

v3.1.4

19 August 2025

• ✨ Add a --clean-cache command to clean up our cache (#2489)

... (truncated)

Commits

• 298ed2f Bump version: v3.3.1
• f0ff944 [3.3.x] Update dependencies (#2708)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[leofang]

/ok to test 829398a

[github-actions]

Doc Preview CI
Preview removed because the pull request was closed or merged.