update GHA workflows

.github/workflows/build.yml

@@ -68,7 +68,7 @@ jobs:
 
     steps:
     - name: Git checkout
-      uses: actions/checkout@v4 #https://github.com/actions/checkout
+      uses: actions/checkout@v4  # https://github.com/actions/checkout
 
 
     - name: Configure Fast APT Mirror

.github/workflows/codeql-analysis.yml

@@ -28,38 +28,39 @@ env:
   PYTHON_VERSION: "3.12"
 
 jobs:
+
+  ###########################################################
   analyze:
-    name: Analyze
+  ###########################################################
     runs-on: ubuntu-latest
     permissions:
       security-events: write
 
     steps:
-    - name: Git Checkout
-      uses: actions/checkout@v4 #https://github.com/actions/checkout
+    - name: Git checkout
+      uses: actions/checkout@v4  # https://github.com/actions/checkout
+
 
     - uses: actions/setup-python@v5
       with:
         python-version: "${{ env.PYTHON_VERSION }}"
 
-    - name: Install python dependencies
+
+    - uses: actions/cache@v4
+      with:
+        path: __pypackages__
+        key: ${{ runner.os }}-pypackages-${{ hashFiles('pdm.lock') }}
+
+
+    - name: "Install: Python dependencies"
       run: |
         set -eux
 
         python --version
-
         python -m pip install --upgrade pip
+        pip install --upgrade pdm
+        pdm install -v
 
-        # pin packaging to 21.3 for now to prevent: packaging.specifiers.InvalidSpecifier: Invalid specifier: '>=3.4.*'
-        # see https://github.com/pdm-project/pdm/issues/1556
-        pip install --upgrade pdm packaging==21.3
-
-        # don't install dependencies for now, as this makes CodeQL run forever
-        # pdm install -v
-
-        # Set the `CODEQL-PYTHON` environment variable to the Python executable
-        # that includes the dependencies
-        echo "CODEQL_PYTHON=$(which python)" >> $GITHUB_ENV
 
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3
@@ -67,5 +68,6 @@ jobs:
         languages: python
         setup-python-dependencies: false
 
+
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3 # https://github.com/github/codeql-action
+      uses: github/codeql-action/analyze@v3  # https://github.com/github/codeql-action

.github/workflows/update-python-deps.yml

@@ -37,8 +37,8 @@ jobs:
         private_key: ${{ secrets.DEPS_UPDATER_PRIVATE_KEY }}
 
 
-    - name: Git Checkout
-      uses: actions/checkout@v4 # https://github.com/actions/checkout
+    - name: Git checkout
+      uses: actions/checkout@v4  # https://github.com/actions/checkout
       with:
         token: ${{ steps.generate_token.outputs.token }}
 
@@ -78,8 +78,7 @@ jobs:
 
 
     - name: Create PR
-      id: create-pr
-      uses: peter-evans/create-pull-request@v6 # https://github.com/peter-evans/create-pull-request
+      uses: peter-evans/create-pull-request@v6  # https://github.com/peter-evans/create-pull-request
       if: "${{ steps.update_deps.outputs.updates != '' }}"
       with:
         title: "chore: Update Python dependencies"