Merge pull request #198 from python-discord/bump-ci

Bump ci

10 files changed, 75 insertions, 61 deletions

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index d98d32f..a06db60 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -20,7 +20,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # The version script relies on history. Fetch 100 commits to be safe.
           fetch-depth: 100
@@ -37,10 +37,10 @@ jobs:
       # which comes with BuildKit. It has cache features which can speed up
       # the builds. See https://github.com/docker/build-push-action
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
 
       - name: Log in to GitHub Container Registry
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
@@ -74,7 +74,7 @@ jobs:
       # If configured by the cache_config step, also cache the layers in
       # GitHub Actions.
       - name: Build image for linting and testing
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ./Dockerfile
@@ -92,7 +92,7 @@ jobs:
       # Make the image available as an artifact so other jobs will be able to
       # download it.
       - name: Upload image archive as an artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: ${{ env.artifact }}
           path: ${{ env.artifact }}.tar
diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index d8ad66b..0542fd1 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -18,7 +18,7 @@ jobs:
 
     steps:
       - name: Download image artifact
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: ${{ inputs.artifact }}
 
@@ -27,17 +27,17 @@ jobs:
         run: docker load -i ${{ inputs.artifact }}.tar
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
 
       - name: Log in to GitHub Container Registry
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN  }}
 
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # The version script relies on history. Fetch 100 commits to be safe.
           fetch-depth: 100
@@ -45,7 +45,7 @@ jobs:
       # Build the final production image and push it to GHCR.
       # Tag it with both the short commit SHA and 'latest'.
       - name: Build final image
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ./Dockerfile
@@ -61,9 +61,7 @@ jobs:
 
       # Deploy to Kubernetes.
       - name: Install kubectl
-        uses: azure/[email protected]
-        with:
-          version: "latest"
+        uses: azure/setup-kubectl@v3
 
       - name: Authenticate with Kubernetes
         uses: azure/k8s-set-context@v3
@@ -79,7 +77,7 @@ jobs:
 
       # Push the base image to GHCR, with an inline cache manifest.
       - name: Push base image
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ./Dockerfile
@@ -93,7 +91,7 @@ jobs:
 
       # Push the venv image to GHCR, with an inline cache manifest.
       - name: Push venv image
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ./Dockerfile
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
index 79856ba..e2a3173 100644
--- a/.github/workflows/lint.yaml
+++ b/.github/workflows/lint.yaml
@@ -11,11 +11,11 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up Python
         id: python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: "3.11"
           cache: pip
@@ -25,7 +25,7 @@ jobs:
         run: pip install -U -r requirements/lint.pip
 
       - name: Pre-commit environment cache
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: ${{ env.PRE_COMMIT_HOME }}
           key: "precommit-0-${{ runner.os }}-${{ env.PRE_COMMIT_HOME }}-\
diff --git a/.github/workflows/sentry_release.yaml b/.github/workflows/sentry_release.yaml
index 9b4109e..1a1db1b 100644
--- a/.github/workflows/sentry_release.yaml
+++ b/.github/workflows/sentry_release.yaml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # The version script relies on history. Fetch 100 commits to be safe.
           fetch-depth: 100
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
index 6f89d87..3da7e7a 100644
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -18,7 +18,7 @@ jobs:
 
     steps:
       - name: Download image artifact
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: ${{ inputs.artifact }}
 
@@ -27,7 +27,7 @@ jobs:
 
       # Needed for the Docker Compose file.
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Memory limit tests would fail if this isn't disabled.
       - name: Disable swap memory
@@ -47,9 +47,9 @@ jobs:
 
       # Upload it so the coverage from all matrix jobs can be combined later.
       - name: Upload coverage data
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
-          name: coverage
+          name: coverage-${{ matrix.os }}
           path: .coverage.*
           retention-days: 1
 
@@ -60,10 +60,10 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: "3.11"
           cache: pip
@@ -73,9 +73,10 @@ jobs:
         run: pip install -U -r requirements/coverage.pip
 
       - name: Download coverage data
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
-          name: coverage
+          pattern: coverage-*
+          merge-multiple: true
 
       - name: Combine coverage data
         run: coverage combine .coverage.*
@@ -89,10 +90,10 @@ jobs:
       # Comment on the PR with the coverage results and register a GitHub check
       # which links to the coveralls.io job.
       - name: Publish coverage report to coveralls.io
-        uses: coverallsapp/[email protected]
+        uses: coverallsapp/[email protected]
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
-          path-to-lcov: ./coverage.lcov
+          format: lcov
 
   dry-run-deploy:
     name: Dry run deployment.yaml init container
@@ -100,7 +101,7 @@ jobs:
     needs: test
     steps:
       - name: Download image artifact
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: ${{ inputs.artifact }}
 
@@ -109,7 +110,7 @@ jobs:
 
       # Needed for the Docker Compose file.
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Install eval deps the same way as init container from deployment.yaml
       # This is to ensure that deployment won't fail at that step
diff --git a/requirements/coverage.pip b/requirements/coverage.pip
index 5deedc3..a665758 100644
--- a/requirements/coverage.pip
+++ b/requirements/coverage.pip
@@ -4,5 +4,5 @@
 #
 #    pip-compile --output-file=requirements/coverage.pip requirements/coverage.in
 #
-coverage[toml]==7.2.1
+coverage[toml]==7.4.0
     # via -r requirements/coverage.in
diff --git a/requirements/lint.in b/requirements/lint.in
index 18bac76..dfe1a6b 100644
--- a/requirements/lint.in
+++ b/requirements/lint.in
@@ -1,4 +1,4 @@
 -c coverage.pip
 -c requirements.pip
 
-pre-commit>=2.13
+pre-commit>=3.4
diff --git a/requirements/lint.pip b/requirements/lint.pip
index 7790d45..b6ac3a6 100644
--- a/requirements/lint.pip
+++ b/requirements/lint.pip
@@ -4,23 +4,23 @@
 #
 #    pip-compile --output-file=requirements/lint.pip requirements/lint.in
 #
-cfgv==3.3.1
+cfgv==3.4.0
     # via pre-commit
-distlib==0.3.6
+distlib==0.3.8
     # via virtualenv
-filelock==3.9.0
+filelock==3.13.1
     # via virtualenv
-identify==2.5.20
+identify==2.5.33
     # via pre-commit
-nodeenv==1.7.0
+nodeenv==1.8.0
     # via pre-commit
-platformdirs==3.1.1
+platformdirs==4.1.0
     # via virtualenv
-pre-commit==3.1.1
+pre-commit==3.6.0
     # via -r requirements/lint.in
-pyyaml==6.0
+pyyaml==6.0.1
     # via pre-commit
-virtualenv==20.21.0
+virtualenv==20.25.0
     # via pre-commit
 
 # The following packages are considered to be unsafe in a requirements file:
diff --git a/requirements/pip-tools.pip b/requirements/pip-tools.pip
index 4793c2d..53446f3 100644
--- a/requirements/pip-tools.pip
+++ b/requirements/pip-tools.pip
@@ -4,17 +4,23 @@
 #
 #    pip-compile --output-file=requirements/pip-tools.pip requirements/pip-tools.in
 #
-build==0.10.0
+build==1.0.3
     # via pip-tools
-click==8.1.3
+click==8.1.7
     # via pip-tools
-packaging==23.0
-    # via build
+colorama==0.4.6
+    # via
+    #   build
+    #   click
+packaging==23.2
+    # via
+    #   -c requirements\requirements.pip
+    #   build
 pip-tools==7.3.0
     # via -r requirements/pip-tools.in
 pyproject-hooks==1.0.0
     # via build
-wheel==0.38.4
+wheel==0.42.0
     # via pip-tools
 
 # The following packages are considered to be unsafe in a requirements file:
diff --git a/requirements/requirements.pip b/requirements/requirements.pip
index 310685e..b7a28c6 100644
--- a/requirements/requirements.pip
+++ b/requirements/requirements.pip
@@ -4,26 +4,35 @@
 #
 #    pip-compile --extra=gunicorn --extra=sentry --output-file=requirements/requirements.pip pyproject.toml
 #
-attrs==22.2.0
-    # via jsonschema
-certifi==2022.12.7
+attrs==23.2.0
+    # via
+    #   jsonschema
+    #   referencing
+certifi==2023.11.17
     # via sentry-sdk
-falcon==3.1.1
+falcon==3.1.3
     # via
     #   sentry-sdk
     #   snekbox (pyproject.toml)
-gunicorn==20.1.0
-    # via snekbox (pyproject.toml)
-jsonschema==4.17.3
+gunicorn==21.2.0
     # via snekbox (pyproject.toml)
-protobuf==4.22.1
+jsonschema==4.21.1
     # via snekbox (pyproject.toml)
-pyrsistent==0.19.3
+jsonschema-specifications==2023.12.1
     # via jsonschema
-sentry-sdk[falcon]==1.16.0
+packaging==23.2
+    # via gunicorn
+protobuf==4.25.2
+    # via snekbox (pyproject.toml)
+referencing==0.32.1
+    # via
+    #   jsonschema
+    #   jsonschema-specifications
+rpds-py==0.17.1
+    # via
+    #   jsonschema
+    #   referencing
+sentry-sdk[falcon]==1.39.2
     # via snekbox (pyproject.toml)
-urllib3==1.26.15
+urllib3==2.1.0
     # via sentry-sdk
-
-# The following packages are considered to be unsafe in a requirements file:
-# setuptools