ci: bump ansys/actions from 10.1.0 to 10.1.1 in the actions group #4230

dependabot · 2025-09-22T22:05:13Z

Bumps the actions group with 1 update: ansys/actions.

Updates ansys/actions from 10.1.0 to 10.1.1

Release notes

Sourced from ansys/actions's releases.

v10.1.1

If you are migrating the actions of your project to a new major release, breaking changes can be expected. To make sure everything is compatible with your current workflow, refer to the Migration Guide for v10 to find out more about new features and potential breaking changes.

Full Changelog: ansys/actions@v10.1.0...v10.1.1

Commits

e0de7dd chore: updating CHANGELOG for v10.1.1
97b3ab0 release: v10.1.1
7aeebd6 docs: improve migration guide (#1003)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions group with 1 update: [ansys/actions](https://github.com/ansys/actions). Updates `ansys/actions` from 10.1.0 to 10.1.1 - [Release notes](https://github.com/ansys/actions/releases) - [Changelog](https://github.com/ansys/actions/blob/main/CHANGELOG.md) - [Commits](ansys/actions@v10.1.0...v10.1.1) --- updated-dependencies: - dependency-name: ansys/actions dependency-version: 10.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

sourcery-ai

New security issues found

sourcery-ai · 2025-09-22T22:06:58Z

.github/workflows/ci.yml

      pull-requests: write
    steps:
-      - uses: ansys/actions/doc-deploy-changelog@v10.1.0
+      - uses: ansys/actions/doc-deploy-changelog@v10.1.1


security (yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha): An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

Source: opengrep

sourcery-ai · 2025-09-22T22:06:58Z

.github/workflows/ci.yml

    steps:
      - name: Check pull-request name
-        uses: ansys/actions/check-pr-title@v10.1.0
+        uses: ansys/actions/check-pr-title@v10.1.1


security (yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha): An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

Source: opengrep

sourcery-ai · 2025-09-22T22:06:58Z

.github/workflows/ci.yml

    steps:
      - name: "Ansys documentation style checks"
-        uses: ansys/actions/doc-style@v10.1.0
+        uses: ansys/actions/doc-style@v10.1.1


security (yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha): An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

Source: opengrep

sourcery-ai · 2025-09-22T22:06:58Z

.github/workflows/ci.yml

      - name: "Build wheelhouse and perform smoke test"
        id: build-wheelhouse
-        uses: ansys/actions/build-wheelhouse@v10.1.0
+        uses: ansys/actions/build-wheelhouse@v10.1.1


security (yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha): An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

Source: opengrep

sourcery-ai · 2025-09-22T22:06:58Z

.github/workflows/ci.yml

    runs-on: ubuntu-latest
    steps:
-      - uses: ansys/actions/check-vulnerabilities@v10.1.0
+      - uses: ansys/actions/check-vulnerabilities@v10.1.1


security (yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha): An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

Source: opengrep

sourcery-ai · 2025-09-22T22:06:58Z

.github/workflows/ci.yml

    steps:
      - name: "Deploy the stable documentation"
-        uses: ansys/actions/doc-deploy-stable@v10.1.0
+        uses: ansys/actions/doc-deploy-stable@v10.1.1


security (yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha): An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

Source: opengrep

sourcery-ai · 2025-09-22T22:06:59Z

.github/workflows/ci.yml

    steps:
      - name: "Deploy the latest documentation"
-        uses: ansys/actions/doc-deploy-dev@v10.1.0
+        uses: ansys/actions/doc-deploy-dev@v10.1.1


security (yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha): An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

Source: opengrep

sourcery-ai · 2025-09-22T22:06:59Z

.github/workflows/docker_clean_untagged.yml


    - name: "Perform versions cleanup - except certain tags"
-      uses: ansys/actions/hk-package-clean-untagged@v10.1.0
+      uses: ansys/actions/hk-package-clean-untagged@v10.1.1


security (yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha): An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

Source: opengrep

sourcery-ai · 2025-09-22T22:06:59Z

.github/workflows/label.yml

    runs-on: ubuntu-latest
    steps:
-    - uses: ansys/actions/doc-changelog@v10.1.0
+    - uses: ansys/actions/doc-changelog@v10.1.1


security (yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha): An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

Source: opengrep

sourcery-ai · 2025-09-22T22:06:59Z

.github/workflows/pr-docs-cleaner.yml

    runs-on: ubuntu-latest
    steps:
-      - uses: ansys/actions/doc-deploy-pr@v10.1.0
+      - uses: ansys/actions/doc-deploy-pr@v10.1.1


security (yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha): An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

Source: opengrep

codecov · 2025-09-22T22:27:47Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 91.22%. Comparing base (b3a026c) to head (b14d0ed).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4230      +/-   ##
==========================================
- Coverage   91.36%   91.22%   -0.15%     
==========================================
  Files         193      193              
  Lines       15715    15715              
==========================================
- Hits        14358    14336      -22     
- Misses       1357     1379      +22

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

dependabot bot added the maintenance General maintenance of the repo (libraries, cicd, etc) label Sep 22, 2025

dependabot bot requested a review from a team as a code owner September 22, 2025 22:05

dependabot bot requested review from germa89 and pyansys-ci-bot September 22, 2025 22:05

dependabot bot added the maintenance General maintenance of the repo (libraries, cicd, etc) label Sep 22, 2025

github-actions bot added the CI/CD Related with CICD, Github Actions, etc label Sep 22, 2025

chore: adding changelog file 4230.maintenance.md [dependabot-skip]

b14d0ed

sourcery-ai bot requested changes Sep 22, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

ci: bump ansys/actions from 10.1.0 to 10.1.1 in the actions group #4230

ci: bump ansys/actions from 10.1.0 to 10.1.1 in the actions group #4230

Uh oh!

dependabot bot commented on behalf of github Sep 22, 2025

Uh oh!

sourcery-ai bot left a comment

Uh oh!

sourcery-ai bot Sep 22, 2025

Uh oh!

sourcery-ai bot Sep 22, 2025

Uh oh!

sourcery-ai bot Sep 22, 2025

Uh oh!

sourcery-ai bot Sep 22, 2025

Uh oh!

sourcery-ai bot Sep 22, 2025

Uh oh!

sourcery-ai bot Sep 22, 2025

Uh oh!

sourcery-ai bot Sep 22, 2025

Uh oh!

sourcery-ai bot Sep 22, 2025

Uh oh!

sourcery-ai bot Sep 22, 2025

Uh oh!

sourcery-ai bot Sep 22, 2025

Uh oh!

codecov bot commented Sep 22, 2025 •

edited

Loading

Uh oh!

Uh oh!

ci: bump ansys/actions from 10.1.0 to 10.1.1 in the actions group #4230

Are you sure you want to change the base?

ci: bump ansys/actions from 10.1.0 to 10.1.1 in the actions group #4230

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 22, 2025

v10.1.1

Uh oh!

sourcery-ai bot left a comment

Choose a reason for hiding this comment

Uh oh!

sourcery-ai bot Sep 22, 2025

Choose a reason for hiding this comment

Uh oh!

sourcery-ai bot Sep 22, 2025

Choose a reason for hiding this comment

Uh oh!

sourcery-ai bot Sep 22, 2025

Choose a reason for hiding this comment

Uh oh!

sourcery-ai bot Sep 22, 2025

Choose a reason for hiding this comment

Uh oh!

sourcery-ai bot Sep 22, 2025

Choose a reason for hiding this comment

Uh oh!

sourcery-ai bot Sep 22, 2025

Choose a reason for hiding this comment

Uh oh!

sourcery-ai bot Sep 22, 2025

Choose a reason for hiding this comment

Uh oh!

sourcery-ai bot Sep 22, 2025

Choose a reason for hiding this comment

Uh oh!

sourcery-ai bot Sep 22, 2025

Choose a reason for hiding this comment

Uh oh!

sourcery-ai bot Sep 22, 2025

Choose a reason for hiding this comment

Uh oh!

codecov bot commented Sep 22, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Uh oh!

codecov bot commented Sep 22, 2025 •

edited

Loading