chore(deps): update actions/setup-python action to v6.3.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actions/setup-python	action	minor	v6.2.0 → v6.3.0
actions/setup-python	action	major	v5.6.0 → v6.3.0

---

Release Notes

actions/setup-python (actions/setup-python)

v6.3.0

Compare Source

What's Changed

Enhancement

• Add RHEL support and include Linux distro in cache keys by @​priyagupta108 in #​1323
• Fix pip cache error handling on Windows by @​priyagupta108 in #​1040

Dependency update

• Upgrade minimatch from 3.1.2 to 3.1.5 by @​dependabot in #​1281
• Upgrade actions dependencies by @​gowridurgad with @​Copilot in #​1303
• Upgrade @​actions/cache to 5.1.0, log cache write denied by @​jasongin in #​1324
• Upgrade dependency versions and test workflow configuration by @​HarithaVattikuti in #​1322

Documentation

• Update advanced-usage.md by @​Dunky-Z in #​811

New Contributors

• @​gowridurgad with @​Copilot made their first contribution in #​1303
• @​jasongin made their first contribution in #​1324
• @​Dunky-Z made their first contribution in #​811

Full Changelog: actions/setup-python@v6...v6.3.0

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[greptile-apps]

PR author is in the excluded authors list.

[changeset-bot]

⚠️ No Changeset found

Latest commit: c7ccae3

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[wave-bugbot]

🌊 WAVE BugBot — 7 finding(s)

🔴 7

• 🔴 P0 .github/workflows/_checks.yml:57 CWE-89 — Unpinned action tag (@v1)
  Using a versionless tag (@v1) for the actions/setup-python action can lead to security vulnerabilities if the action is updated in a way that introduces breakin
• 🔴 P0 .github/workflows/python-lint.yml:26 CWE-89 — Unpinned action tag (@v1)
  Using a versionless tag (@v1) for the actions/setup-python action can lead to security vulnerabilities if the action is updated in a way that introduces breakin
• 🔴 P0 .github/workflows/_checks.yml:57 CWE-862 — Unpinned action tag (@v1 vs commit SHA)
  The use of '@v1' for the actions/setup-python action is a known security risk as it can lead to using an outdated version of the action. Using a specific commit
• 🔴 P0 .github/workflows/python-lint.yml:26 CWE-862 — Unpinned action tag (@v1 vs commit SHA)
  The use of '@v1' for the actions/setup-python action is a known security risk as it can lead to using an outdated version of the action. Using a specific commit
• 🔴 P0 .github/workflows/_checks.yml:57 CWE-269 — Overbroad token permissions
  The action/setup-python step does not specify any permissions, which could allow the action to perform actions it shouldn't.
• 🔴 P0 .github/workflows/python-lint.yml:26 CWE-269 — Overbroad token permissions
  The action/setup-python step does not specify any permissions, which could allow the action to perform actions it shouldn't.
• 🔴 P0 .github/workflows/_checks.yml:57 CWE-312 — Secrets echoed to logs
  The action/setup-python step does not specify any secrets, but if it were to use a secret, it could be echoed to logs.

_{severity: critical · major · minor · info — local review · $0 inference · wave-dispatch · react 👍/👎 to tune}