Build(deps): Bump actions/setup-python from 6 to 6.2.0

[dependabot]

Bumps actions/setup-python from 6 to 6.2.0.

Release notes

Sourced from actions/setup-python's releases.

v6.2.0

What's Changed

Dependency Upgrades

• Upgrade dependencies to Node 24 compatible versions by @​salmanmkc in actions/setup-python#1259
• Upgrade urllib3 from 2.5.0 to 2.6.3 in /__tests__/data by @​dependabot in actions/setup-python#1253 and actions/setup-python#1264

Full Changelog: actions/setup-python@v6...v6.2.0

v6.1.0

What's Changed

Enhancements:

• Add support for pip-install input by @​gowridurgad in actions/setup-python#1201
• Add graalpy early-access and windows builds by @​timfel in actions/setup-python#880

Dependency and Documentation updates:

• Enhanced wording and updated example usage for allow-prereleases by @​yarikoptic in actions/setup-python#979
• Upgrade urllib3 from 1.26.19 to 2.5.0 and document breaking changes in v6 by @​dependabot in actions/setup-python#1139
• Upgrade typescript from 5.4.2 to 5.9.3 and Documentation update by @​dependabot in actions/setup-python#1094
• Upgrade actions/publish-action from 0.3.0 to 0.4.0 & Documentation update for pip-install input by @​dependabot in actions/setup-python#1199
• Upgrade requests from 2.32.2 to 2.32.4 by @​dependabot in actions/setup-python#1130
• Upgrade prettier from 3.5.3 to 3.6.2 by @​dependabot in actions/setup-python#1234
• Upgrade @​types/node from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel by @​dependabot in actions/setup-python#1235

New Contributors

• @​yarikoptic made their first contribution in actions/setup-python#979

Full Changelog: actions/setup-python@v6...v6.1.0

Commits

• 03bb615 Bump idna from 2.9 to 3.7 in /tests/data (#843)
• 36da51d Add version parsing from Pipfile (#1067)
• 3c6f142 update documentation (#1156)
• 88ffd4d Include python version in PyPy python-version output (#1110)
• 532b046 Add Architecture-Specific PATH Management for Python with --user Flag on Wind...
• 1264885 Enhance cache-dependency-path handling to support files outside the workspace...
• e9c40fb Add support for pip-version (#1129)
• 5fa0ee6 Bump @​actions/tool-cache from 2.0.1 to 2.0.2 (#1095)
• 5db1cf9 Enhance reading from .python-version (#787)
• a26af69 Bump ts-jest from 29.1.2 to 29.3.2 (#1081)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Super-linter summary

Language	Validation result
CHECKOV	Pass ✅
GITHUB_ACTIONS	Pass ✅
GITHUB_ACTIONS_ZIZMOR	Pass ✅
GITLEAKS	Pass ✅
GIT_MERGE_CONFLICT_MARKERS	Pass ✅
JSCPD	Pass ✅
PRE_COMMIT	Pass ✅
SPELL_CODESPELL	Pass ✅
TRIVY	Pass ✅
YAML	Pass ✅
YAML_PRETTIER	Pass ✅

All files and directories linted successfully

For more information, see the GitHub Actions workflow run

Powered by Super-linter

[github-actions]

🤖 Claude Code Review

---

PR Code Review

Change: Pin actions/setup-python from @v6 (floating major-version tag) to @v6.2.0 (exact version tag) in .github/workflows/pytest.yaml.

---

Code Quality

• ✅ Style guide — YAML workflow file; no code-style violations. The single-line change is syntactically correct.
• ✅ No commented-out code — none present.
• ✅ Meaningful variable names — N/A for this change.
• ✅ DRY principle — The action is referenced once; no duplication.
• ✅ Defects / bugs / security — Pinning to an exact version is a security improvement. It eliminates the risk of a future v6.x release silently introducing a breaking change or a supply-chain compromise via a mutable tag. No logic errors or vulnerabilities introduced.
• ✅ CLAUDE.md — No .claude/CLAUDE.md found in the project; nothing to consider.

Testing

• ✅ Unit/integration tests — Not applicable; this is a CI workflow version bump, not application logic.
• ✅ Test coverage — N/A.

Documentation

• ✅ README — No update required for a dependency version bump.
• ✅ API docs — N/A.
• ✅ Inline comments — N/A.
• ❌ CHANGELOG.md — The [Unreleased] section does not mention this dependency bump. Dependency bumps for CI tooling are typically logged (e.g., under a Changed or Dependencies heading). This is a minor omission but worth noting for consistency with the project's keep-a-changelog format.

Security

• ✅ No hardcoded credentials — None.
• ✅ Input validation — N/A.
• ✅ Error handling — N/A.
• ✅ No sensitive data in logs — N/A.
• ✅ No .lic files / AQAAAD strings — None present.

---

Summary

The change is correct and an improvement — pinning to @v6.2.0 is more reproducible and supply-chain safe than the floating @v6 tag. The only minor gap is that CHANGELOG.md's [Unreleased] section was not updated to record this dependency bump. Everything else looks good.

Automated code review analyzing defects and coding standards