Bump actions/setup-python from 4 to 5#3
Merged
Conversation
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/github_actions/actions/setup-python-5
branch
from
April 23, 2024 19:18
c9e6d7f to
cb4148c
Compare
AdityaMandiwal
pushed a commit
that referenced
this pull request
Aug 21, 2025
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-python/releases">actions/setup-python's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <p>In scope of this release, we update node version runtime from node16 to node20 (<a href="https://redirect.github.com/actions/setup-python/pull/772">actions/setup-python#772</a>). Besides, we update dependencies to the latest versions.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-python/compare/v4.8.0...v5.0.0">https://github.com/actions/setup-python/compare/v4.8.0...v5.0.0</a></p> <h2>v4.8.0</h2> <h2>What's Changed</h2> <p>In scope of this release we added support for GraalPy (<a href="https://redirect.github.com/actions/setup-python/pull/694">actions/setup-python#694</a>). You can use this snippet to set up GraalPy:</p> <pre lang="yaml"><code>steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v4 with: python-version: 'graalpy-22.3' - run: python my_script.py </code></pre> <p>Besides, the release contains such changes as:</p> <ul> <li>Trim python version when reading from file by <a href="https://github.com/FerranPares"><code>@FerranPares</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/628">actions/setup-python#628</a></li> <li>Use non-deprecated versions in examples by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/724">actions/setup-python#724</a></li> <li>Change deprecation comment to past tense by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/723">actions/setup-python#723</a></li> <li>Bump <code>@babel/traverse</code> from 7.9.0 to 7.23.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/743">actions/setup-python#743</a></li> <li>advanced-usage.md: Encourage the use actions/checkout@v4 by <a href="https://github.com/cclauss"><code>@cclauss</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/729">actions/setup-python#729</a></li> <li>Examples now use checkout@v4 by <a href="https://github.com/simonw"><code>@simonw</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/738">actions/setup-python#738</a></li> <li>Update actions/checkout to v4 by <a href="https://github.com/dmitry-shibanov"><code>@dmitry-shibanov</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/761">actions/setup-python#761</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/FerranPares"><code>@FerranPares</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/628">actions/setup-python#628</a></li> <li><a href="https://github.com/timfel"><code>@timfel</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/694">actions/setup-python#694</a></li> <li><a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/724">actions/setup-python#724</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-python/compare/v4...v4.8.0">https://github.com/actions/setup-python/compare/v4...v4.8.0</a></p> <h2>v4.7.1</h2> <h2>What's Changed</h2> <ul> <li>Bump word-wrap from 1.2.3 to 1.2.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/702">actions/setup-python#702</a></li> <li>Add range validation for toml files by <a href="https://github.com/dmitry-shibanov"><code>@dmitry-shibanov</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/726">actions/setup-python#726</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-python/compare/v4...v4.7.1">https://github.com/actions/setup-python/compare/v4...v4.7.1</a></p> <h2>v4.7.0</h2> <p>In scope of this release, the support for reading python version from pyproject.toml was added (<a href="https://redirect.github.com/actions/setup-python/pull/669">actions/setup-python#669</a>).</p> <pre lang="yaml"><code> - name: Setup Python uses: actions/setup-python@v4 </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-python/commit/82c7e631bb3cdc910f68e0081d67478d79c6982d"><code>82c7e63</code></a> Documentation changes for avoiding rate limit issues on GHES (<a href="https://redirect.github.com/actions/setup-python/issues/835">#835</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/10aa35afd7f071e70ffaa122e3d7c6ffcb5f7ed1"><code>10aa35a</code></a> feat: fallback to raw endpoint for manifest when rate limit is reached (<a href="https://redirect.github.com/actions/setup-python/issues/766">#766</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/9a7ac94420f42ee15fc60ab88d0dca4be1fd5757"><code>9a7ac94</code></a> Bump undici from 5.27.2 to 5.28.3 (<a href="https://redirect.github.com/actions/setup-python/issues/817">#817</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/871daa956ca9ea99f3c3e30acb424b7960676734"><code>871daa9</code></a> Fix the "Specifying multiple Python/PyPy versions" link (<a href="https://redirect.github.com/actions/setup-python/issues/782">#782</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/2f078955e4d0f34cc7a8b0108b2eb7bbe154438e"><code>2f07895</code></a> Fix broken README.md link (<a href="https://redirect.github.com/actions/setup-python/issues/793">#793</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/e9d6f990972a57673cdb72ec29e19d42ba28880f"><code>e9d6f99</code></a> Replace setup-python@v4 by setup-python@v5 in README (<a href="https://redirect.github.com/actions/setup-python/issues/776">#776</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/0a5c61591373683505ea898e09a3ea4f39ef2b9c"><code>0a5c615</code></a> Update action to node20 (<a href="https://redirect.github.com/actions/setup-python/issues/772">#772</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/0ae58361cdfd39e2950bed97a1e26aa20c3d8955"><code>0ae5836</code></a> Add example of GraalPy to docs (<a href="https://redirect.github.com/actions/setup-python/issues/773">#773</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/b64ffcaf5b410884ad320a9cfac8866006a109aa"><code>b64ffca</code></a> update actions/checkout to v4 (<a href="https://redirect.github.com/actions/setup-python/issues/761">#761</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/8d2896179abf658742de432b3f203d2c2d86a587"><code>8d28961</code></a> Examples now use checkout@v4 (<a href="https://redirect.github.com/actions/setup-python/issues/738">#738</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/setup-python/compare/v4...v5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
8 tasks
vb-dbrks
added a commit
that referenced
this pull request
Jul 3, 2026
…ecret Addresses Marcin's review comments on the MCP server plus a round of Genie feedback from driving the tools end to end. Write governance (#1-#3): the persisting tools no longer take a caller-supplied destination. save_checks / apply_checks_and_save_to_table now take a bare output name and the runner writes it into the caller's own SP-owned per-user schema (dqx_mcp_<user>), granting only that caller access. This lets me delete the OBO write pre-check entirely - it checked the caller's perms while the SP did the write (false assurance), rejected MODIFY-granted non-owners, and classified UC errors by string-matching. The SP now only ever writes where it owns. Runner robustness (#5, #6): save_checks applies write mode via config.replace() instead of attribute assignment (which silently no-op'd on file backends), with an up-front append/overwrite whitelist; generate_rules validates each profile and raises a clear InvalidParameterError on a missing name/column instead of a KeyError deep in the runner. Correctness & CI (#4, #7, #8): execute_sql follows next_chunk_index so wide schemas and the temp-view sweep aren't silently truncated to the first chunk; added basedpyright (make mcp-check, wired into push.yml) and fixed the type errors it surfaced; pointed the integration-coverage source at the MCP packages rather than the DQX library. Docs (#9): moved deploy/prerequisites into the installation page and linked back. Genie feedback (MCP-side wrappers): generate_rules_from_contract now accepts inline contract_content (or a file), reads it as the caller and stages a copy to a runner-readable volume - so a Workspace-file contract works even though the runner SP has no access to it; list_available_checks takes a filter substring so agents can search instead of scanning every entry; generate_rules flags that its bounds are data-derived and should be reviewed. Dropped the catalog secret: a UC catalog name isn't sensitive (access is governed by UC grants, not by hiding the name), so the app reads DQX_CATALOG as a plain config value set from the catalog_name deploy var (inline app config, no app.yaml) - nothing to create or manage out of band. Also fixed make mcp-integration for local runs (absolute UV_BUILD_CONSTRAINT, mirroring mcp-deploy) and updated the integration test + fixture for the new tool shapes. Extracted the runner's pure naming/validation helpers into naming.py so they're unit-tested without Spark.
fedeflowers
added a commit
to fedeflowers/dqx
that referenced
this pull request
Jul 4, 2026
…gle validation boundary Move all check validation onto the CheckSpec Pydantic model via a model_validator so Pydantic is the single typed validation boundary (the maintainer's headline request), and resolve the ranked findings: - Native validation (meta): criticality value, function resolution, and signature/argument validation now run in CheckSpec._validate_semantics (model_validator). ChecksValidator becomes a thin layer that calls model_validate per check and translates ValidationError to DQX messages. - #1 user_metadata regression: widen to dict[str, Any] on CheckSpec, DQRule, and DQForEachColRule so non-string values (e.g. {"confidence": 0.95}) load as they did pre-migration; add a regression test. - databrickslabs#2/databrickslabs#3 double validation & discarded spec: _validate_and_parse returns the parsed specs; ChecksDeserializer.deserialize reuses them instead of re-parsing the raw dict, giving a single typed pass. - databrickslabs#4 error-shim fragility: add a test pinning the Pydantic error-type codes the translator branches on so a rename fails loudly (pydantic<3 already caps the major version). - databrickslabs#6 loader divergence: route the Delta from_dataframe path through the same project_to_check_schema allow-list as the Lakebase path; add a guard test. - databrickslabs#7 docstrings: replace double-backticks with italics per AGENTS.md. databrickslabs#5 (extra="forbid") confirmed safe with no code change: all *ChecksStorageConfig construction sites use explicit kwargs and the behavior is already locked by existing config tests (test_storage_config_rejects_unknown_kwarg).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps actions/setup-python from 4 to 5.
Release notes
Sourced from actions/setup-python's releases.
... (truncated)
Commits
82c7e63Documentation changes for avoiding rate limit issues on GHES (#835)10aa35afeat: fallback to raw endpoint for manifest when rate limit is reached (#766)9a7ac94Bump undici from 5.27.2 to 5.28.3 (#817)871daa9Fix the "Specifying multiple Python/PyPy versions" link (#782)2f07895Fix broken README.md link (#793)e9d6f99Replace setup-python@v4 by setup-python@v5 in README (#776)0a5c615Update action to node20 (#772)0ae5836Add example of GraalPy to docs (#773)b64ffcaupdate actions/checkout to v4 (#761)8d28961Examples now use checkout@v4 (#738)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)