Bumps [bruceadams/get-release](https://github.com/bruceadams/get-release) from 1.2.3 to 1.3.1.
- [Release notes](https://github.com/bruceadams/get-release/releases)
- [Commits](https://github.com/bruceadams/get-release/compare/v1.2.3...v1.3.1)

---
updated-dependencies:
- dependency-name: bruceadams/get-release
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

[skip ci]

(cherry picked from commit ce9570de56)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* refactor: use file api for reading data in import

* fix: remove unused import

Co-authored-by: Raffael Meyer <14891507+barredterra@users.noreply.github.com>

Co-authored-by: Faris Ansari <netchampfaris@users.noreply.github.com>
Co-authored-by: Raffael Meyer <14891507+barredterra@users.noreply.github.com>

(cherry picked from commit 66710ae5c5)

Co-authored-by: Ankush Menat <ankush@frappe.io>

* test(UI): use non-admin user for tests

(cherry picked from commit f07bc3b369)

# Conflicts:
#	.github/workflows/ui-tests.yml

* test: fix tests using admin account

(cherry picked from commit a6b341bd59)

# Conflicts:
#	cypress/integration/dashboard_links.js

* test: add test role to user

(cherry picked from commit 0896873c8a)

* chore: conflicts

* test: fix broken test

Not sure why there's test on doctype "created by". Makes no sense.

Co-authored-by: Ankush Menat <ankush@frappe.io>

This is reusing normal cache which doesn't contain half the things

(cherry picked from commit 236ab8dbed)

Not required on stable branches.

Coverage has ~30% overhead, not required on stable branch

* ci: mergify v14 hotfix and develop backports

* ci: setup automated releases for v14

[skip ci]

release.yml was a bit ambiguous given we have separate action configs
related to release event or intent.

* Trigger static asset building & updating release assets
* Trigger Docker release build

* Rename CI actions to add database_type
* Add workflow_dispatch to assets build action on develop
* Rename unit test jobs for better labelling on PR check titles
* Rename Patch action for consistency

* Combine jobs to be triggered at pull_request events: commit-lint,
  docs-required, linter
* PY310-ize helper scripts

* ci: bump node version to node16

* chore: remove `node-sass` - no longer used

Co-authored-by: Sagar Vora <sagar@resilient.tech>

In most cases we need 10-50 previous commits. Checking out full repo is
time consuming and not required.

[skip ci]

ref: https://github.com/frappe/frappe/runs/7175643618

* ci: slightly faster patch test

This workflow doesn't seem to properly cache built versions :)

* ci: bump pyenv action to latest version

latest version has fix for tool cache


[skip ci]

\# HACK

Given how widespread PY310's usage has become, and how we're just a
few months away from PY311 major release. This is a slightly late
bumping but necessary to ensure smoother updates & maintenance for
Frappe, ERPNext & other apps in the coming years. Almost all people
who participated in the pool from the community as well as Frappe team
voted (via active telegram groups) PY310 as their preferred minimum
requirement for v14.

Since version pinned in pyproject.toml is 38 & we've been running on 39,
we've pushed a few incompatible changes since :crie:

* ci: respekt my authoritah

* ci: use pip semgrep

Co-authored-by: Ankush Menat <ankush@frappe.io>

Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Bumps [pre-commit/action](https://github.com/pre-commit/action) from 2.0.3 to 3.0.0.
- [Release notes](https://github.com/pre-commit/action/releases)
- [Commits](https://github.com/pre-commit/action/compare/v2.0.3...v3.0.0)

---
updated-dependencies:
- dependency-name: pre-commit/action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 2 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2 to 3.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 4.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [bruceadams/get-release](https://github.com/bruceadams/get-release) from 1.2.0 to 1.2.3.
- [Release notes](https://github.com/bruceadams/get-release/releases)
- [Commits](https://github.com/bruceadams/get-release/compare/v1.2.0...v1.2.3)

---
updated-dependencies:
- dependency-name: bruceadams/get-release
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

- Cache invalidated if any of the files change: *requirements.txt,
pyproject.toml, setup.py or setup.cfg
- Updated boilerplate for new apps too

This reverts commit 4c8787d523.

chore: Set permissions for GitHub actions

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>