Bump hynek/build-and-inspect-python-package from 1.5 to 2.6

[dependabot]

Bumps hynek/build-and-inspect-python-package from 1.5 to 2.6.

Release notes

Sourced from hynek/build-and-inspect-python-package's releases.

v2.6.0

Added

• Support for ubuntu-24.04 builders. #126

• New output: artifact-name is the name of the uploaded artifact. #125

v2.5.0

Added

• New input: attest-build-provenance-github generates signed build provenance attestations for workflow artifacts. #122

v2.4.0

Changed

• The action doesn't crash anymore if the user sets globally the UV_SYSTEM_PYTHON environment variable. #116

v2.3.0

Added

• Cache busting for the uv cache. GitHub Actions's caching behavior is a bit idiosyncratic: Once a cache is created, it's immutable. But as long as it's accessed within 7 days, it never goes away.

  Therefore, baipp now uses the hash of the requirements file as part of the cache key. Behaviorally, nothing changes, except that the cache doesn't grow useless over time. #115

v2.2.1

Fixed

• The action uses wheel to unpack wheels again (this is a revert of #103) due to incompatibilities with, for example, pytest. To avoid the confusion due to wrong timestamps, the wheel's tree output in the Summary has no timestamps anymore. #114

v2.2.0

Changed

• Use uv as installer command for build for further speedups. #107

v2.1.0

Highlight

This is a very exciting release with two very exciting stand-out features:

1. The action now uses uv to install its tools which made it much faster.

2. The new supported_python_classifiers_json_array and supported_python_classifiers_json_job_matrix_value outputs allow you to use support Python classifiers from your package's metadata directly to build the CI matrix.

   One place fewer to update when adding support for a new Python version (or removing for one, for that matter) and this is how this feature looks in real life: hynek/structlog#608

Full Changelog

Added

... (truncated)

Changelog

Sourced from hynek/build-and-inspect-python-package's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

Added

• A header before package contents in the summary. Especially useful together with a preceding build provenance attestation. #131

2.6.0 - 2024-05-26

Added

• Support for ubuntu-24.04 builders. #126

• New output: artifact-name is the name of the uploaded artifact. #125

2.5.0 - 2024-05-13

Added

• New input: attest-build-provenance-github generates signed build provenance attestations for workflow artifacts. #122

2.4.0 - 2024-04-11

Changed

• The action doesn't crash anymore if the user sets globally the UV_SYSTEM_PYTHON environment variable. #116

2.3.0 - 2024-04-11

Added

• Cache busting for the uv cache. GitHub Actions's caching behavior is a bit idiosyncratic: Once a cache is created, it's immutable.

... (truncated)

Commits

• b4fc3f6 v2.6.0
• 9711831 Automated dependency upgrades (#127)
• 33e6e29 Add output for name of uploaded artifact (#125)
• 25cbdca Add support for ubuntu-24.04 (#126)
• 92f078e Bump requests from 2.31.0 to 2.32.0 in /requirements (#124)
• 27043f2 Start new cycle
• 4aea7de v2.5.0
• 0f9f778 Attest build provenance of artifacts (#122)
• 36b0128 [pre-commit.ci] pre-commit autoupdate (#121)
• 5841954 Automated dependency upgrades (#120)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.