From 3f72b5fb9bc24c17bb7d62974aef69c636218edd Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 29 Jan 2025 00:57:28 +0000
Subject: [PATCH] build(deps): bump actions/setup-python from 5.3.0 to 5.4.0
 (#7913)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [actions/setup-python](https://github.com/actions/setup-python)
from 5.3.0 to 5.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-python/releases">actions/setup-python's
releases</a>.</em></p>
<blockquote>
<h2>v5.4.0</h2>
<h2>What's Changed</h2>
<h3>Enhancements:</h3>
<ul>
<li>Update cache error message by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/968">actions/setup-python#968</a></li>
<li>Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 by <a
href="https://github.com/priya-kinthali"><code>@​priya-kinthali</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/985">actions/setup-python#985</a></li>
<li>Configure Dependabot settings by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1008">actions/setup-python#1008</a></li>
</ul>
<h3>Documentation changes:</h3>
<ul>
<li>Readme update - recommended permissions by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1009">actions/setup-python#1009</a></li>
<li>Improve Advanced Usage examples by <a
href="https://github.com/lrq3000"><code>@​lrq3000</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/645">actions/setup-python#645</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Upgrade <code>undici</code> from 5.28.4 to 5.28.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1012">actions/setup-python#1012</a></li>
<li>Upgrade <code>urllib3</code> from 1.25.9 to 1.26.19 in
/<strong>tests</strong>/data by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/895">actions/setup-python#895</a></li>
<li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to
0.0.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1014">actions/setup-python#1014</a></li>
<li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1020">actions/setup-python#1020</a></li>
<li>Upgrade <code>requests</code> from 2.24.0 to 2.32.2 in
/<strong>tests</strong>/data by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1019">actions/setup-python#1019</a></li>
<li>Upgrade <code>@actions/cache</code> to <code>^4.0.0</code> by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1007">actions/setup-python#1007</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benwells"><code>@​benwells</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/1009">actions/setup-python#1009</a></li>
<li><a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/1008">actions/setup-python#1008</a></li>
<li><a href="https://github.com/lrq3000"><code>@​lrq3000</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/645">actions/setup-python#645</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-python/compare/v5...v5.4.0">https://github.com/actions/setup-python/compare/v5...v5.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-python/commit/42375524e23c412d93fb67b49958b491fce71c38"><code>4237552</code></a>
Improve Advanced Usage examples (<a
href="https://redirect.github.com/actions/setup-python/issues/645">#645</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/709bfa58ba5a9cefd64220decb43e45cc2a85775"><code>709bfa5</code></a>
Bump requests from 2.24.0 to 2.32.2 in /<strong>tests</strong>/data (<a
href="https://redirect.github.com/actions/setup-python/issues/1019">#1019</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/ceb20b242df24c1f8bf064b3c943c31c2555ddd8"><code>ceb20b2</code></a>
Bump <code>@​actions/http-client</code> from 2.2.1 to 2.2.3 (<a
href="https://redirect.github.com/actions/setup-python/issues/1020">#1020</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/0dc2d2cf0c96a1befa4c9f1803d3b9eb03458031"><code>0dc2d2c</code></a>
Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (<a
href="https://redirect.github.com/actions/setup-python/issues/1014">#1014</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/feb9c6e7c63362340a8853582968731d6adb0454"><code>feb9c6e</code></a>
Bump urllib3 from 1.25.9 to 1.26.19 in /<strong>tests</strong>/data (<a
href="https://redirect.github.com/actions/setup-python/issues/895">#895</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/d0b4fc497a1daddb64da40799d80949aa3a0c559"><code>d0b4fc4</code></a>
Bump undici from 5.28.4 to 5.28.5 (<a
href="https://redirect.github.com/actions/setup-python/issues/1012">#1012</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/e3dfaac0fd011839eef87186e3b48165c3ba0162"><code>e3dfaac</code></a>
Configure Dependabot settings (<a
href="https://redirect.github.com/actions/setup-python/issues/1008">#1008</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/b8cf3eb1ebc9c7f906e4ca96fcdf2e289e25d230"><code>b8cf3eb</code></a>
Use the new cache service: upgrade <code>@actions/cache</code> to
<code>^4.0.0</code> (<a
href="https://redirect.github.com/actions/setup-python/issues/1007">#1007</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/1928ae624dc06094d8c65f021a4700ea8fa56b9d"><code>1928ae6</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/setup-python/issues/1009">#1009</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/3fddbee7870211eda9047db10474808be43c71ec"><code>3fddbee</code></a>
Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 (<a
href="https://redirect.github.com/actions/setup-python/issues/985">#985</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/setup-python/compare/0b93645e9fea7318ecaed2b359559ac225c90a2b...42375524e23c412d93fb67b49958b491fce71c38">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-python&package-manager=github_actions&previous-version=5.3.0&new-version=5.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/_static-analysis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/_static-analysis.yml b/.github/workflows/_static-analysis.yml
index 2251d10d1..2c7dcaa02 100644
--- a/.github/workflows/_static-analysis.yml
+++ b/.github/workflows/_static-analysis.yml
@@ -54,7 +54,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
+      - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
         with:
           python-version: "3.11"
       - uses: actions/cache/restore@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0