From 1458284359efa6c618c0b0bdd48c2238f76aa98d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 18 Apr 2026 01:12:23 +0000 Subject: [PATCH 1/5] Bump github/codeql-action from 4.35.1 to 4.35.2 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.1 to 4.35.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/c10b8064de6f491fea524254123dbe5e09572f13...95e58e9a2cdfd71adc6e0353d5c52f41a045d225) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/openssf-scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/openssf-scorecard.yml b/.github/workflows/openssf-scorecard.yml index d5bdc00..5e6b9ec 100644 --- a/.github/workflows/openssf-scorecard.yml +++ b/.github/workflows/openssf-scorecard.yml @@ -69,6 +69,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1 + uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2 with: sarif_file: results.sarif From 9551afbcce98db71d7913184fe6f358009719aa0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 18 Apr 2026 01:12:29 +0000 Subject: [PATCH 2/5] Bump actions/cache from 5.0.4 to 5.0.5 Bumps [actions/cache](https://github.com/actions/cache) from 5.0.4 to 5.0.5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/668228422ae6a00e4ad889ee87cd7109ec5666a7...27d5ce7f107fe9357f9df03efb73ab90386fccae) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/conda-package-cf.yml | 8 ++++---- .github/workflows/conda-package.yml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/conda-package-cf.yml b/.github/workflows/conda-package-cf.yml index 3f7f8c9..2aa5865 100644 --- a/.github/workflows/conda-package-cf.yml +++ b/.github/workflows/conda-package-cf.yml @@ -38,7 +38,7 @@ jobs: echo "pkgs_dirs: [~/.conda/pkgs]" >> ~/.condarc - name: Cache conda packages - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 env: CACHE_NUMBER: 0 # Increase to reset cache with: @@ -109,7 +109,7 @@ jobs: python-version: ${{ matrix.python }} - name: Cache conda packages - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 env: CACHE_NUMBER: 3 # Increase to reset cache with: @@ -195,7 +195,7 @@ jobs: echo "pkgs_dirs: [~/.conda/pkgs]" >> ~/.condarc - name: Cache conda packages - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 env: CACHE_NUMBER: 0 # Increase to reset cache with: @@ -273,7 +273,7 @@ jobs: more lockfile - name: Cache conda packages - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 env: CACHE_NUMBER: 3 # Increase to reset cache with: diff --git a/.github/workflows/conda-package.yml b/.github/workflows/conda-package.yml index 3b745f4..4fad58c 100644 --- a/.github/workflows/conda-package.yml +++ b/.github/workflows/conda-package.yml @@ -38,7 +38,7 @@ jobs: echo "pkgs_dirs: [~/.conda/pkgs]" >> ~/.condarc - name: Cache conda packages - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 env: CACHE_NUMBER: 0 # Increase to reset cache with: @@ -109,7 +109,7 @@ jobs: python-version: ${{ matrix.python }} - name: Cache conda packages - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 env: CACHE_NUMBER: 3 # Increase to reset cache with: @@ -195,7 +195,7 @@ jobs: echo "pkgs_dirs: [~/.conda/pkgs]" >> ~/.condarc - name: Cache conda packages - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 env: CACHE_NUMBER: 0 # Increase to reset cache with: @@ -273,7 +273,7 @@ jobs: more lockfile - name: Cache conda packages - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 env: CACHE_NUMBER: 3 # Increase to reset cache with: From 7cfc35d77dc63631acb9ebdd254a0b5f1f3c48ab Mon Sep 17 00:00:00 2001 From: Anton Volkov Date: Fri, 24 Apr 2026 11:40:19 +0200 Subject: [PATCH 3/5] Fix insecure HTTP URLs to HTTPS Changed all GitHub repository URLs from http:// to https:// in project metadata files to address security vulnerability. Insecure HTTP connections are vulnerable to man-in-the-middle attacks. Updated files: - pyproject.toml: Download and Homepage URLs - conda-recipe/meta.yaml: home URL - conda-recipe-cf/meta.yaml: home URL Co-Authored-By: Claude Sonnet 4.5 --- CHANGELOG.md | 1 + conda-recipe-cf/meta.yaml | 2 +- conda-recipe/meta.yaml | 2 +- pyproject.toml | 4 ++-- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d613f9b..1aad224 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Changed ### Fixed +* Changed insecure HTTP URLs to HTTPS in `pyproject.toml` and conda recipe files for improved security ## [2.7.0] (04/16/2026) diff --git a/conda-recipe-cf/meta.yaml b/conda-recipe-cf/meta.yaml index c6653f5..1ccfc05 100644 --- a/conda-recipe-cf/meta.yaml +++ b/conda-recipe-cf/meta.yaml @@ -40,7 +40,7 @@ test: - pytest -vv --pyargs mkl about: - home: http://github.com/IntelPython/mkl-service + home: https://github.com/IntelPython/mkl-service license: BSD-3-Clause license_file: LICENSE.txt summary: Python hooks for IntelĀ® oneAPI Math Kernel Library (oneMKL) runtime control settings diff --git a/conda-recipe/meta.yaml b/conda-recipe/meta.yaml index c6653f5..1ccfc05 100644 --- a/conda-recipe/meta.yaml +++ b/conda-recipe/meta.yaml @@ -40,7 +40,7 @@ test: - pytest -vv --pyargs mkl about: - home: http://github.com/IntelPython/mkl-service + home: https://github.com/IntelPython/mkl-service license: BSD-3-Clause license_file: LICENSE.txt summary: Python hooks for IntelĀ® oneAPI Math Kernel Library (oneMKL) runtime control settings diff --git a/pyproject.toml b/pyproject.toml index fcf5cf3..4f2a1b4 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -69,8 +69,8 @@ requires-python = ">=3.10,<3.15" test = ["pytest"] [project.urls] -Download = "http://github.com/IntelPython/mkl-service" -Homepage = "http://github.com/IntelPython/mkl-service" +Download = "https://github.com/IntelPython/mkl-service" +Homepage = "https://github.com/IntelPython/mkl-service" [tool.black] line-length = 80 From aaa3dd50d8afd0ab416ffd3dc79e564870af7210 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 25 Apr 2026 01:12:22 +0000 Subject: [PATCH 4/5] Bump conda-incubator/setup-miniconda from 3.3.0 to 4.0.1 Bumps [conda-incubator/setup-miniconda](https://github.com/conda-incubator/setup-miniconda) from 3.3.0 to 4.0.1. - [Release notes](https://github.com/conda-incubator/setup-miniconda/releases) - [Changelog](https://github.com/conda-incubator/setup-miniconda/blob/main/CHANGELOG.md) - [Commits](https://github.com/conda-incubator/setup-miniconda/compare/fc2d68f6413eb2d87b895e92f8584b5b94a10167...8ee1f361103df19b6f8c8655fd3967a8ecb162d5) --- updated-dependencies: - dependency-name: conda-incubator/setup-miniconda dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/conda-package-cf.yml | 4 ++-- .github/workflows/conda-package.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/conda-package-cf.yml b/.github/workflows/conda-package-cf.yml index 2aa5865..907344a 100644 --- a/.github/workflows/conda-package-cf.yml +++ b/.github/workflows/conda-package-cf.yml @@ -101,7 +101,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - - uses: conda-incubator/setup-miniconda@fc2d68f6413eb2d87b895e92f8584b5b94a10167 # v3.3.0 + - uses: conda-incubator/setup-miniconda@8ee1f361103df19b6f8c8655fd3967a8ecb162d5 # v4.0.1 with: miniforge-version: latest activate-environment: build @@ -240,7 +240,7 @@ jobs: uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ env.PACKAGE_NAME }} ${{ runner.os }} Python ${{ matrix.python }} - - uses: conda-incubator/setup-miniconda@fc2d68f6413eb2d87b895e92f8584b5b94a10167 # v3.3.0 + - uses: conda-incubator/setup-miniconda@8ee1f361103df19b6f8c8655fd3967a8ecb162d5 # v4.0.1 with: miniforge-version: latest channels: conda-forge diff --git a/.github/workflows/conda-package.yml b/.github/workflows/conda-package.yml index 4fad58c..9831cb4 100644 --- a/.github/workflows/conda-package.yml +++ b/.github/workflows/conda-package.yml @@ -101,7 +101,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - - uses: conda-incubator/setup-miniconda@fc2d68f6413eb2d87b895e92f8584b5b94a10167 # v3.3.0 + - uses: conda-incubator/setup-miniconda@8ee1f361103df19b6f8c8655fd3967a8ecb162d5 # v4.0.1 with: miniforge-version: latest activate-environment: build @@ -240,7 +240,7 @@ jobs: uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ env.PACKAGE_NAME }} ${{ runner.os }} Python ${{ matrix.python }} - - uses: conda-incubator/setup-miniconda@fc2d68f6413eb2d87b895e92f8584b5b94a10167 # v3.3.0 + - uses: conda-incubator/setup-miniconda@8ee1f361103df19b6f8c8655fd3967a8ecb162d5 # v4.0.1 with: miniforge-version: latest channels: conda-forge From c46265a21338e62ee24188154b10ee6e224a1e98 Mon Sep 17 00:00:00 2001 From: ndgrigorian <46709016+ndgrigorian@users.noreply.github.com> Date: Sat, 25 Apr 2026 03:35:07 +0000 Subject: [PATCH 5/5] chore: update pre-commit hooks --- .pre-commit-config.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index efae271..88d0c12 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -50,7 +50,7 @@ repos: exclude: "_vendored/conv_template.py" - repo: https://github.com/pre-commit/mirrors-clang-format - rev: v22.1.3 + rev: v22.1.4 hooks: - id: clang-format args: ["-i"] @@ -71,7 +71,7 @@ repos: - flake8-bugbear==24.4.26 - repo: https://github.com/pycqa/isort - rev: 8.0.1 + rev: 9.0.0a3 hooks: - id: isort name: isort (python)