Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

gh-140681: Freeze pre-commit hooks and update zizmor links#140682

Merged
hugovk merged 5 commits intopython:mainfrom
shenxianpeng:update-for-zizmor
Mar 5, 2026
Merged

gh-140681: Freeze pre-commit hooks and update zizmor links#140682
hugovk merged 5 commits intopython:mainfrom
shenxianpeng:update-for-zizmor

Conversation

@shenxianpeng
Copy link
Contributor

gh-140681: Update zizmor repo and doc links

@shenxianpengshenxianpeng changed the titleUpdate zizmor repo and doc linksgh-140681: Update zizmor repo and doc linksOct 27, 2025
@hugovk
Copy link
Member

We're in no rush here, it still works because of the redirects.

If we're going to update this, we might as well update the others (for example,prek autoupdate --jobs 0 orpre-commit autoupdate --jobs 0).

We can also now remove theself-hosted-runner of.github/actionlint.yaml.

And there might be a Sphinx Lint release fairly soon, so could also wait for that.

StanFromIreland and yihong0618 reacted with thumbs up emoji

@hugovkhugovk added the infraCI, GitHub Actions, buildbots, Dependabot, etc. labelOct 27, 2025
@hugovkhugovk changed the titlegh-140681: Update zizmor repo and doc linksgh-140681: Freeze pre-commit hooks and update zizmor linksMar 4, 2026
@hugovkhugovk added needs backport to 3.13bugs and security fixes needs backport to 3.14bugs and security fixes labelsMar 4, 2026
@hugovk
Copy link
Member

As this was still open, I've updated it to also freeze the pre-commit hooks, as discussed atpython/devguide#1748 (review). In short, if a repo became compromised, they could rewrite the tag to something malicious. Git SHAs can mitigate this.

If we're going to update this, we might as well update the others (for example,prek autoupdate --jobs 0 orpre-commit autoupdate --jobs 0).

We can also now remove theself-hosted-runner of.github/actionlint.yaml.

I did these too.

@hugovkhugovk merged commit11840ca intopython:mainMar 5, 2026
53 checks passed
@miss-islington-app
Copy link

Thanks@shenxianpeng for the PR, and@hugovk for merging it 🌮🎉.. I'm working now to backport this PR to: 3.13, 3.14.
🐍🍒⛏🤖

@miss-islington-app
Copy link

Sorry,@shenxianpeng and@hugovk, I could not cleanly backport this to3.14 due to a conflict.
Please backport usingcherry_picker on command line.

cherry_picker 11840ca99ae809c1c8401b4f34d2820de55e27a0 3.14

@miss-islington-app
Copy link

Sorry,@shenxianpeng and@hugovk, I could not cleanly backport this to3.13 due to a conflict.
Please backport usingcherry_picker on command line.

cherry_picker 11840ca99ae809c1c8401b4f34d2820de55e27a0 3.13

hugovk added a commit to hugovk/cpython that referenced this pull requestMar 5, 2026
…ks (pythonGH-140682)(cherry picked from commit11840ca)Co-authored-by: Xianpeng Shen <xianpeng.shen@gmail.com>Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
@bedevere-app
Copy link

GH-145536 is a backport of this pull request to the3.14 branch.

@bedevere-appbedevere-appbot removed the needs backport to 3.14bugs and security fixes labelMar 5, 2026
hugovk added a commit to hugovk/cpython that referenced this pull requestMar 5, 2026
…hon#140682)Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
@hugovk
Copy link
Member

hugovk commentedMar 5, 2026
edited
Loading

3.13 blocked byGH-144593 so cherry-picked into that one.

@hugovkhugovk removed the needs backport to 3.13bugs and security fixes labelMar 5, 2026
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

@webknjazwebknjazwebknjaz approved these changes

@hugovkhugovkhugovk approved these changes

@sethmlarsonsethmlarsonsethmlarson approved these changes

@StanFromIrelandStanFromIrelandStanFromIreland approved these changes

@ezio-melottiezio-melottiAwaiting requested review from ezio-melottiezio-melotti is a code owner

@AA-TurnerAA-TurnerAwaiting requested review from AA-TurnerAA-Turner is a code owner

Assignees

@hugovkhugovk

Labels

infraCI, GitHub Actions, buildbots, Dependabot, etc.skip news

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@shenxianpeng@hugovk@webknjaz@sethmlarson@StanFromIreland
[8]ページ先頭
©2009-2026 Movatter.jp