chore(deps): update actions/setup-python action to v6

.gitea/workflows/build-push-docker.yml

@@ -43,7 +43,7 @@ jobs:
           REPO: ${{ gitea.repository }}
 
       - name: Check out repository
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
           ref: ${{ inputs.release }}

.gitea/workflows/changelog.yaml

@@ -19,7 +19,7 @@ jobs:
       clean_changelog: ${{ steps.get_next_version.outputs.clean_changelog }}
     steps:
       - name: Check out repository
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
 

.gitea/workflows/ci-docker.yml

@@ -12,11 +12,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repository code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
 
-      - uses: hadolint/hadolint-action@v3.3.0
+      - uses: hadolint/hadolint-action@v3.1.0
         with:
           dockerfile: Dockerfile
           output-file: hadolint.out
@@ -24,7 +24,7 @@ jobs:
           no-fail: true
 
       - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v6.0.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 

.gitea/workflows/ci-python-poetry-with-docker.yml

@@ -20,11 +20,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repository code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
 
-      - uses: hadolint/hadolint-action@v3.3.0
+      - uses: hadolint/hadolint-action@v3.1.0
         with:
           dockerfile: Dockerfile
           output-file: hadolint.out
@@ -66,7 +66,7 @@ jobs:
           sed -i 's@${{ gitea.workspace }}@/github/workspace@g' coverage.xml
 
       - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v6.0.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 

.gitea/workflows/ci-python-poetry.yml

@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repository code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
 
@@ -57,7 +57,7 @@ jobs:
           sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
 
       - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v6.0.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 

.gitea/workflows/ci-python-uv-with-docker.yml

@@ -19,12 +19,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repository code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
 
       - name: Run Hadolint
-        uses: hadolint/hadolint-action@v3.3.0
+        uses: hadolint/hadolint-action@v3.1.0
         with:
           dockerfile: Dockerfile
           output-file: hadolint.out
@@ -63,7 +63,7 @@ jobs:
         run: uv cache prune --ci
 
       - name: SonarQube Scan
-        uses: SonarSource/sonarqube-scan-action@v6.0.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
         env:
           SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

.gitea/workflows/ci-python-with-docker.yml

@@ -17,11 +17,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repository code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
 
-      - uses: hadolint/hadolint-action@v3.3.0
+      - uses: hadolint/hadolint-action@v3.1.0
         with:
           dockerfile: Dockerfile
           output-file: hadolint.out
@@ -58,7 +58,7 @@ jobs:
           sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
 
       - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v6.0.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 

.gitea/workflows/ci-python.yml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repository code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
 
@@ -51,7 +51,7 @@ jobs:
           sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
 
       - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v6.0.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 

.gitea/workflows/create-release.yml

@@ -19,7 +19,7 @@ jobs:
       clean_changelog: ${{ steps.get_next_version.outputs.clean_changelog }}
     steps:
       - name: Check out repository
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
 
@@ -72,7 +72,7 @@ jobs:
     needs: get_next_release
     steps:
       - name: Check out repository
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
 

.gitea/workflows/docker-compose-deploy.yml

@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:      
       - name: "[ON RUNNER] Notify Build Start"
-        uses: https://git.tainton.uk/actions/pushover-action@v1.1.4
+        uses: https://git.tainton.uk/actions/pushover-action@v1.1.3
         env:
           PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }}
           PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }}
@@ -35,7 +35,7 @@ jobs:
           url_title: 'View Logs'
 
       - name: "[ON RUNNER] Checkout the repo"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v4
       
       - name: "[ON RUNNER] Set project variables"
         run: |
@@ -85,7 +85,7 @@ jobs:
             docker compose --env-file .env up --detach
       
       - name: "[ON RUNNER] Notify Build End"
-        uses: https://git.tainton.uk/actions/pushover-action@v1.1.4
+        uses: https://git.tainton.uk/actions/pushover-action@v1.1.3
         env:
           PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }}
           PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }}

.gitea/workflows/docker-compose-remove.yml

@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "[ON RUNNER] Notify Build Start"
-        uses: https://git.tainton.uk/actions/pushover-action@v1.1.4
+        uses: https://git.tainton.uk/actions/pushover-action@v1.1.3
         env:
           PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }}
           PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }}
@@ -54,7 +54,7 @@ jobs:
             rm -rf ${{ env.project_folder }}
       
       - name: "[ON RUNNER] Notify Build End"
-        uses: https://git.tainton.uk/actions/pushover-action@v1.1.4
+        uses: https://git.tainton.uk/actions/pushover-action@v1.1.3
         env:
           PUSHOVER_APP_TOKEN: ${{ secrets.PUSHOVER_APP_TOKEN }}
           PUSHOVER_USER_TOKEN: ${{ secrets.PUSHOVER_USER_TOKEN }}

.gitea/workflows/release-with-tag.yaml

@@ -19,7 +19,7 @@ jobs:
       clean_changelog: ${{ steps.get_next_version.outputs.clean_changelog }}
     steps:
       - name: Check out repository
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
 

.github/workflows/build-push-attest-docker.yml

@@ -24,7 +24,7 @@ jobs:
       success: ${{ steps.set_flag.outputs.success }}
     steps:
       - name: Check out the repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v4
         with:
           ref: ${{ inputs.release }}
 

.github/workflows/ci-docker.yml

@@ -12,17 +12,17 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repository code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
-      - uses: hadolint/hadolint-action@v3.3.0
+      - uses: hadolint/hadolint-action@v3.1.0
         with:
           dockerfile: Dockerfile
           output-file: hadolint.out
           format: sonarqube
           no-fail: true
       - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v6.0.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
@@ -34,7 +34,7 @@ jobs:
         with:
           args: --sarif-file-output=snyk.sarif --all-projects
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@v4
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: snyk.sarif
 

.github/workflows/ci-python-poetry-with-docker.yml

@@ -22,10 +22,10 @@ jobs:
           PYTHON_VERSION=${{ inputs.python-version }}
           echo "value=${PYTHON_VERSION:-"3.11"}" >> $GITHUB_OUTPUT
       - name: Check out repository code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
-      - uses: hadolint/hadolint-action@v3.3.0
+      - uses: hadolint/hadolint-action@v3.1.0
         with:
           dockerfile: Dockerfile
           output-file: hadolint.out
@@ -49,7 +49,7 @@ jobs:
           poetry run coverage xml
           sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
       - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v6.0.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
@@ -61,6 +61,6 @@ jobs:
         with:
           args: --sarif-file-output=snyk.sarif --all-projects
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@v4
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: snyk.sarif

.github/workflows/ci-python-poetry.yml

@@ -22,7 +22,7 @@ jobs:
           PYTHON_VERSION=${{ inputs.python-version }}
           echo "value=${PYTHON_VERSION:-"3.11"}" >> $GITHUB_OUTPUT
       - name: Check out repository code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
       - name: Setup Python
@@ -41,7 +41,7 @@ jobs:
           poetry run coverage xml
           sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
       - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v6.0.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
@@ -53,6 +53,6 @@ jobs:
         with:
           args: --sarif-file-output=snyk.sarif --all-projects
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@v4
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: snyk.sarif

.github/workflows/ci-python-with-docker.yml

@@ -22,10 +22,10 @@ jobs:
           PYTHON_VERSION=${{ inputs.python-version }}
           echo "value=${PYTHON_VERSION:-"3.11"}" >> $GITHUB_OUTPUT
       - name: Check out repository code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
-      - uses: hadolint/hadolint-action@v3.3.0
+      - uses: hadolint/hadolint-action@v3.1.0
         with:
           dockerfile: Dockerfile
           output-file: hadolint.out
@@ -50,7 +50,7 @@ jobs:
           coverage xml
           sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
       - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v6.0.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
@@ -62,6 +62,6 @@ jobs:
         with:
           args: --sarif-file-output=snyk.sarif --all-projects
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@v4
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: snyk.sarif

.github/workflows/ci-python.yml

@@ -22,7 +22,7 @@ jobs:
           PYTHON_VERSION=${{ inputs.python-version }}
           echo "value=${PYTHON_VERSION:-"3.11"}" >> $GITHUB_OUTPUT
       - name: Check out repository code
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.3.0
         with:
           fetch-depth: 0
       - name: Setup Python
@@ -44,7 +44,7 @@ jobs:
           coverage xml
           sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
       - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v6.0.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
@@ -56,6 +56,6 @@ jobs:
         with:
           args: --sarif-file-output=snyk.sarif --all-projects
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@v4
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: snyk.sarif

.github/workflows/create-release.yml

@@ -17,7 +17,7 @@ jobs:
       release_name: ${{ steps.tag_version.outputs.new_tag }}
       success: ${{ steps.set_flag.outputs.success }}
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
 

renovate.json

@@ -11,9 +11,6 @@
   "assigneesFromCodeOwners": false,
   "rebaseWhen": "behind-base-branch",
   "rollbackPrs": true,
-  "semanticCommits": "enabled",
-  "semanticCommitScope": "deps",
-  "semanticCommitType": "feat",
   "labels": [
     "type/dependencies"
   ],