ci: bump the actions group across 1 directory with 2 updates

[dependabot]

Bumps the actions group with 2 updates in the / directory: actions/checkout and hynek/build-and-inspect-python-package.

Updates actions/checkout from 6.0.2 to 6.0.3

Release notes

Sourced from actions/checkout's releases.

v6.0.3

What's Changed

• Update changelog by @​ericsciple in actions/checkout#2357
• fix: expand merge commit SHA regex and add SHA-256 test cases by @​yaananth in actions/checkout#2414
• Fix checkout init for SHA-256 repositories by @​yaananth in actions/checkout#2439
• Update changelog for v6.0.3 by @​yaananth in actions/checkout#2446

New Contributors

• @​yaananth made their first contribution in actions/checkout#2414

Full Changelog: actions/checkout@v6...v6.0.3

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.3

• Fix checkout init for SHA-256 repositories by @​yaananth in actions/checkout#2439
• fix: expand merge commit SHA regex and add SHA-256 test cases by @​yaananth in actions/checkout#2414

v6.0.2

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

v6.0.1

• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327

v6.0.0

• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248

v5.0.1

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

v5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

v4.3.1

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

v4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774

... (truncated)

Commits

• df4cb1c Update changelog for v6.0.3 (#2446)
• 1cce339 Fix checkout init for SHA-256 repositories (#2439)
• 900f221 fix: expand merge commit SHA regex and add SHA-256 test cases (#2414)
• 0c366fd Update changelog (#2357)
• See full diff in compare view

Updates hynek/build-and-inspect-python-package from 2.17.0 to 2.18.0

Release notes

Sourced from hynek/build-and-inspect-python-package's releases.

v2.18.0

Added

• New input: skip-sdist to skip building the source distribution. #228

Changelog

Sourced from hynek/build-and-inspect-python-package's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

2.18.0 - 2026-05-11

Added

• New input: skip-sdist to skip building the source distribution. #228

2.17.0 - 2026-03-27

Fixed

• The action now passes Zizmor in pedantic mode. #212

2.16.0 - 2026-03-26

Added

• New input: include-free-threaded When set to 'true', free-threaded Python siblings (for example, 3.14t) are included in the version outputs for Python 3.14 and later, inserted inline after each matching version. #208

2.15.0 - 2026-03-19

Added

• The Python version used to build the package can now be configured using the python-version input. #191

Changed

• Pick Python version explictly instead of "3.x" to prevent incompatibily problems like #182 in the future.

... (truncated)

Commits

• d44ca7d v2.18.0
• fc6c064 Prepare for release tooling
• e46f867 docs: nobody is using download-artifact@v3 anymore
• 4c9a9fb Automated dependency upgrades (#229)
• b3b197d Add skip-sdist input (#228)
• 37fb3a3 Bump the github-actions group with 3 updates (#226)
• dae682b Automated dependency upgrades (#225)
• c0b0c57 Bump cryptography from 46.0.6 to 46.0.7 in /requirements (#224)
• a438e96 Bump pygments from 2.19.2 to 2.20.0 in /requirements (#222)
• 76bf8b2 Consistent endashes
• Additional commits viewable in compare view