dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 1774303604 +0000

  benchmark:
    needs:
      - changes
    if: needs.changes.outputs.src == 'true' || github.ref == 'refs/heads/master'
    runs-on: ubuntu-latest
    env:
      UV_PYTHON: "3.13"
      UV_RESOLUTION: highest
    steps:
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: echo "$GITHUB_CONTEXT"
      - uses: actions/checkout@v6
      - name: Set up Python

```

Once the PR is merged, a GitHub Action ([latest-changes](https://github.com/tiangolo/latest-changes)) will use the PR title to update the latest changes automatically.

So, having a nice PR title will not only look nice in GitHub, but also in the release notes. 📝

## Add Labels to PRs

      - master
      - r2.**

permissions:
  contents: read

concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
  # Don't cancel in-progress jobs for master branches.
  cancel-in-progress: ${{ github.ref != 'master' }}

jobs:
  #build-and-test-linux-x86-cpu:
  #  uses: ./.github/workflows/build-reusable.yml
  #  with:
  #    runner: 'linux-x86-n2-16'
  #    tfci: 'py313,linux_x86,rbe'

      - "dependencies"

  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "daily"

  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "daily"
    target-branch: "maven-4.0.x"
    labels:
      - "mvn40"
      - "dependencies"
      - "github_actions"

  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:

      - name: Prepare Mimir for Maven 3.x
        shell: bash
        run: |
          mkdir -p ${{ env.MIMIR_BASEDIR }}
          cp .github/ci-mimir-session.properties ${{ env.MIMIR_BASEDIR }}/session.properties
          cp .github/ci-mimir-daemon.properties ${{ env.MIMIR_BASEDIR }}/daemon.properties
          cp .github/ci-extensions.xml .mvn/extensions.xml

      - name: Restore Mimir caches

# This workflow uses actions that are not certified by GitHub. They are provided
# by a third-party and are governed by separate terms of service, privacy
# policy, and support documentation.

name: Scorecard supply-chain security
on:
  # For Branch-Protection check. Only the default branch is supported. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
  branch_protection_rule:

        logging.info("The data hasn't changed, finishing.")
        return

    logging.info("Setting up GitHub Actions git user")
    subprocess.run(["git", "config", "user.name", "github-actions[bot]"], check=True)
    subprocess.run(
        ["git", "config", "user.email", "github-actions[bot]@users.noreply.github.com"],
        check=True,
    )
    branch_name = f"fastapi-people-experts-{secrets.token_hex(4)}"

## GitHub docs: https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
##
## CODEOWNERS style rules:
## 1. Prefer team ownership over individual user ownership.
## 2. GBT-related team should be listed first.
## 3. Try to keep paths alphabetically sorted within visual groups.
## 4. List individual owners last.
##

# Build infrastructure

* 👥 Update FastAPI GitHub topic repositories. PR [#15274](https://github.com/fastapi/fastapi/pull/15274) by [@tiangolo](https://github.com/tiangolo).
* ⬆ Bump fastmcp from 2.14.5 to 3.2.0. PR [#15267](https://github.com/fastapi/fastapi/pull/15267) by [@dependabot[bot]](https://github.com/apps/dependabot).