From 0082f8fccc0bccf60f19c2265358ee0550cb63b8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 10 Jan 2025 13:56:15 +0000
Subject: [PATCH] Bump the github-action-dependencies group with 2 updates

Bumps the github-action-dependencies group with 2 updates: [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) and [SonarSource/sonarcloud-github-action](https://github.com/sonarsource/sonarcloud-github-action).


Updates `pypa/gh-action-pypi-publish` from 1.12.2 to 1.12.3
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/v1.12.2...v1.12.3)

Updates `SonarSource/sonarcloud-github-action` from 3.1.0 to 4.0.0
- [Release notes](https://github.com/sonarsource/sonarcloud-github-action/releases)
- [Commits](https://github.com/sonarsource/sonarcloud-github-action/compare/v3.1.0...v4.0.0)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-action-dependencies
- dependency-name: SonarSource/sonarcloud-github-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/release.yml | 4 ++--
 .github/workflows/tests.yml   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index addd0a2..a1ef75a 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -61,11 +61,11 @@ jobs:
 
       - name: Publish package on PyPI
         if: steps.check-version.outputs.tag
-        uses: pypa/gh-action-pypi-publish@v1.12.2
+        uses: pypa/gh-action-pypi-publish@v1.12.3
 
       - name: Publish package on TestPyPI
         if: (!steps.check-version.outputs.tag)
-        uses: pypa/gh-action-pypi-publish@v1.12.2
+        uses: pypa/gh-action-pypi-publish@v1.12.3
         with:
           repository-url: https://test.pypi.org/legacy/
 
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 8ddfa94..2f2c7ab 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -168,4 +168,4 @@ jobs:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         # No need to run SonarCloud analysis if dependabot update or token not defined
         if: env.SONAR_TOKEN != '' && (github.actor != 'dependabot[bot]')
-        uses: SonarSource/sonarcloud-github-action@v3.1.0
+        uses: SonarSource/sonarcloud-github-action@v4.0.0