From 817ccb4d32ac256c707ef8375540123593055bad Mon Sep 17 00:00:00 2001
From: Jirka <jirka.borovec@seznam.cz>
Date: Sun, 17 Mar 2024 21:48:16 +0100
Subject: [PATCH 1/2] update dependabot & requirements

---
 .github/dependabot.yml | 21 +++++++++------------
 requirements/test.txt  |  6 +++---
 2 files changed, 12 insertions(+), 15 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index f609753245..3acd8d5cb8 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,5 +1,4 @@
-# Basic dependabot.yml file with
-# minimum configuration for two package managers
+# Basic dependabot.yml file with minimum configuration for two package managers
 
 version: 2
 updates:
@@ -9,10 +8,10 @@ updates:
     directory: "/"
     # Check for updates once a week
     schedule:
-      interval: "monthly"
+      interval: "weekly"
     # Labels on pull requests for version updates only
     labels:
-      - "ci / tests"
+      - "dependencies"
     pull-request-branch-name:
       # Separate sections of the branch name with a hyphen
       # for example, `dependabot-npm_and_yarn-next_js-acorn-6.4.1`
@@ -25,17 +24,15 @@ updates:
   # Enable version updates for GitHub Actions
   - package-ecosystem: "github-actions"
     directory: "/"
-    # Check for updates once a week
     schedule:
       interval: "monthly"
-    # Labels on pull requests for version updates only
-    labels:
-      - "ci / tests"
+    groups:
+      GH_actions:
+        patterns:
+          - "*"  # Check all dependencies
+    labels: ["ci"]
     pull-request-branch-name:
-      # Separate sections of the branch name with a hyphen
-      # for example, `dependabot-npm_and_yarn-next_js-acorn-6.4.1`
       separator: "-"
-    # Allow up to 5 open pull requests for GitHub Actions
-    open-pull-requests-limit: 5
+    open-pull-requests-limit: 2
     reviewers:
       - "Borda"
diff --git a/requirements/test.txt b/requirements/test.txt
index c6d95336ef..8c8b7ebe5a 100644
--- a/requirements/test.txt
+++ b/requirements/test.txt
@@ -1,5 +1,5 @@
-coverage ==7.4.3
-pytest ==8.0.2
+coverage ==7.4.4
+pytest ==8.1.1
 pytest-timeout ==2.2.0
 pytest-cov ==4.1.0
 pytest-xdist ==3.5.0
@@ -8,7 +8,7 @@ pytest-timestamper ==0.0.9
 graphviz ==0.20.1
 fdm ==0.4.1
 expecttest ==0.2.1  # for test_ddp.py
-hypothesis ==6.98.15  # for test_ddp.py
+hypothesis ==6.99.8  # for test_ddp.py
 numpy  # for test_ops.py
 einops  # for test_einops.py
 lit_gpt @ git+https://github.com/Lightning-AI/lit-gpt@f241d94df59d82b2017bfdcd3800ac8779eb45f5

From 480658f454c447cd561ed7e503a32866124a16db Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Mar 2024 15:39:25 +0000
Subject: [PATCH 2/2] Bump the gh_actions group with 2 updates

Bumps the gh_actions group with 2 updates: [actions/download-artifact](https://github.com/actions/download-artifact) and [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish).


Updates `actions/download-artifact` from 3 to 4
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v3...v4)

Updates `pypa/gh-action-pypi-publish` from 1.8.12 to 1.8.14
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.12...v1.8.14)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gh_actions
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh_actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/docs-build.yml   | 2 +-
 .github/workflows/release-pypi.yml | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/docs-build.yml b/.github/workflows/docs-build.yml
index a9c8d99b6f..4364af37dd 100644
--- a/.github/workflows/docs-build.yml
+++ b/.github/workflows/docs-build.yml
@@ -32,7 +32,7 @@ jobs:
         with:
           # If you're using actions/checkout@v4 you must set persist-credentials to false in most cases for the deployment to work correctly.
           persist-credentials: false
-      - uses: actions/download-artifact@v3
+      - uses: actions/download-artifact@v4
         with:
           name: docs-html-${{ github.sha }}
           path: docs/build/
diff --git a/.github/workflows/release-pypi.yml b/.github/workflows/release-pypi.yml
index e97fedf8e0..078f9e6066 100644
--- a/.github/workflows/release-pypi.yml
+++ b/.github/workflows/release-pypi.yml
@@ -27,7 +27,7 @@ jobs:
     # We do this, since failures on test.pypi aren't that bad
     - name: Publish to Test PyPI
       if: startsWith(github.event.ref, 'refs/tags') || github.event_name == 'release'
-      uses: pypa/gh-action-pypi-publish@v1.8.12
+      uses: pypa/gh-action-pypi-publish@v1.8.14
       with:
         user: __token__
         password: ${{ secrets.test_pypi_password }}
@@ -35,7 +35,7 @@ jobs:
 
     - name: Publish distribution 📦 to PyPI
       if: startsWith(github.event.ref, 'refs/tags') || github.event_name == 'release'
-      uses: pypa/gh-action-pypi-publish@v1.8.12
+      uses: pypa/gh-action-pypi-publish@v1.8.14
       with:
         user: __token__
         password: ${{ secrets.pypi_password }}