From 2cc6416928cb477cd02912468dea49792d09823a Mon Sep 17 00:00:00 2001
From: Trevor James Smith <10819524+Zeitsperre@users.noreply.github.com>
Date: Tue, 3 Feb 2026 16:21:18 -0500
Subject: [PATCH 1/6] pin actions to commit hashes

Signed-off-by: Trevor James Smith <10819524+Zeitsperre@users.noreply.github.com>
---
 .github/workflows/ci.yaml | 4 ++--
 action.yaml               | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index fe00a24..77fe6a7 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -15,9 +15,9 @@ jobs:
 
     steps:
       - name: clone the repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.2
       - name: setup python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
           python-version: ${{ matrix.python-version }}
       - name: upgrade pip
diff --git a/action.yaml b/action.yaml
index 84a70db..1216c98 100644
--- a/action.yaml
+++ b/action.yaml
@@ -46,7 +46,7 @@ runs:
       run: |
         python $GITHUB_ACTION_PATH/parse_logs.py ${{ inputs.log-path }}
     - name: create the issue
-      uses: actions/github-script@v7
+      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd  # v8.0.0
       with:
         github-token: ${{ github.token }}
         script: |

From f855b8de873d71909d970c260dabec806052c654 Mon Sep 17 00:00:00 2001
From: Trevor James Smith <10819524+Zeitsperre@users.noreply.github.com>
Date: Tue, 3 Feb 2026 16:21:47 -0500
Subject: [PATCH 2/6] add a dependabot configuration

Signed-off-by: Trevor James Smith <10819524+Zeitsperre@users.noreply.github.com>
---
 .github/dependabot.yml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..cce762c
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,20 @@
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: "quarterly"
+    groups:
+      actions:
+        patterns:
+          - "action.yaml"
+          - "ci.yaml"
+        update-types:
+          - patch
+          - minor
+          - major
+    cooldown:
+      default-days: 7

From 12336d713a7528fd5f124487f64b33e7c8a09dc2 Mon Sep 17 00:00:00 2001
From: Trevor James Smith <10819524+Zeitsperre@users.noreply.github.com>
Date: Tue, 3 Feb 2026 16:22:18 -0500
Subject: [PATCH 3/6] test against python 3.14

Signed-off-by: Trevor James Smith <10819524+Zeitsperre@users.noreply.github.com>
---
 .github/workflows/ci.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 77fe6a7..c4da92c 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -11,7 +11,7 @@ jobs:
     runs-on: [ubuntu-latest]
     strategy:
       matrix:
-        python-version: ["3.10", "3.11", "3.12", "3.13"]
+        python-version: ["3.10", "3.11", "3.12", "3.13", "3.14"]
 
     steps:
       - name: clone the repository

From f2e91b065e4588c8a4615a49d76ef5d88b32621c Mon Sep 17 00:00:00 2001
From: Trevor James Smith <10819524+Zeitsperre@users.noreply.github.com>
Date: Tue, 3 Feb 2026 16:22:51 -0500
Subject: [PATCH 4/6] update and re-run pre-commit hooks

Signed-off-by: Trevor James Smith <10819524+Zeitsperre@users.noreply.github.com>
---
 .pre-commit-config.yaml | 10 +++++-----
 parse_logs.py           | 12 ++++--------
 2 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 5dcb2a9..040da13 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -3,24 +3,24 @@ ci:
 
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v5.0.0
+    rev: v6.0.0
     hooks:
       - id: trailing-whitespace
       - id: end-of-file-fixer
 
   - repo: https://github.com/psf/black-pre-commit-mirror
-    rev: 25.1.0
+    rev: 26.1.0
     hooks:
       - id: black
 
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.12.2
+    rev: v0.15.0
     hooks:
-      - id: ruff
+      - id: ruff-check
         args: ["--fix", "--show-fixes"]
 
   - repo: https://github.com/rbubley/mirrors-prettier
-    rev: v3.6.2
+    rev: v3.8.1
     hooks:
       - id: prettier
         args: ["--cache-location=.prettier_cache/cache"]
diff --git a/parse_logs.py b/parse_logs.py
index 756aa19..1039e6b 100644
--- a/parse_logs.py
+++ b/parse_logs.py
@@ -149,8 +149,7 @@ def format_summary(report):
 
 
 def format_report(summaries, py_version):
-    template = textwrap.dedent(
-        """\
+    template = textwrap.dedent("""\
         <details><summary>Python {py_version} Test Summary</summary>
 
         ```
@@ -158,8 +157,7 @@ def format_report(summaries, py_version):
         ```
 
         </details>
-        """
-    )
+        """)
     # can't use f-strings because that would format *before* the dedenting
     message = template.format(summaries="\n".join(summaries), py_version=py_version)
     return message
@@ -228,8 +226,7 @@ def compressed_report(reports, max_chars, **formatter_kwargs):
 
 
 def format_collection_error(error, **formatter_kwargs):
-    return textwrap.dedent(
-        """\
+    return textwrap.dedent("""\
         <details><summary>Python {py_version} Test Summary</summary>
 
         {name} failed:
@@ -238,8 +235,7 @@ def format_collection_error(error, **formatter_kwargs):
         ```
 
         </details>
-        """
-    ).format(py_version=py_version, name=error.name, traceback=error.repr_)
+        """).format(py_version=py_version, name=error.name, traceback=error.repr_)
 
 
 if __name__ == "__main__":

From bd2f905e714da1475a6f5fd2b7159bde58b38aa9 Mon Sep 17 00:00:00 2001
From: Trevor James Smith <10819524+Zeitsperre@users.noreply.github.com>
Date: Tue, 3 Feb 2026 22:03:22 +0000
Subject: [PATCH 5/6] Apply suggestion from @bsipocz
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Brigitta Sipőcz <b.sipocz@gmail.com>
---
 .github/dependabot.yml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index cce762c..35f7a41 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -13,8 +13,6 @@ updates:
           - "action.yaml"
           - "ci.yaml"
         update-types:
-          - patch
-          - minor
-          - major
+          - "*"
     cooldown:
       default-days: 7

From 53d55e8528fd886d5675c0c4f318dd032767744d Mon Sep 17 00:00:00 2001
From: Trevor James Smith <10819524+Zeitsperre@users.noreply.github.com>
Date: Tue, 3 Feb 2026 22:03:33 +0000
Subject: [PATCH 6/6] Update .github/dependabot.yml
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Brigitta Sipőcz <b.sipocz@gmail.com>
---
 .github/dependabot.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 35f7a41..b0c50dc 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -15,4 +15,4 @@ updates:
         update-types:
           - "*"
     cooldown:
-      default-days: 7
+      default-days: 14