From 0e225892d3cb3a694f6ad9080be6625cf0a89641 Mon Sep 17 00:00:00 2001 From: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> Date: Fri, 2 Jan 2026 17:38:47 +0200 Subject: [PATCH 1/4] Replace pre-commit with prek in CI --- .github/workflows/lint.yml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 0cc45787..efe6e275 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -2,12 +2,11 @@ name: Lint on: [push, pull_request, workflow_dispatch] +permissions: {} + env: FORCE_COLOR: 1 -permissions: - contents: read - jobs: lint: runs-on: ubuntu-latest @@ -16,7 +15,4 @@ jobs: - uses: actions/checkout@v6 with: persist-credentials: false - - uses: actions/setup-python@v6 - with: - python-version: "3.x" - - uses: tox-dev/action-pre-commit-uv@v1 + - uses: j178/prek-action@v1 From 5e02df4b1af65dad1a985cad7acae648ee8b0d9e Mon Sep 17 00:00:00 2001 From: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> Date: Fri, 2 Jan 2026 17:39:17 +0200 Subject: [PATCH 2/4] Update hooks --- .pre-commit-config.yaml | 8 ++++---- bedevere/backport.py | 1 + bedevere/close_pr.py | 1 + bedevere/filepaths.py | 1 + bedevere/gh_issue.py | 1 + bedevere/news.py | 1 + bedevere/prtype.py | 1 + 7 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 70470385..e0c3ac00 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,17 +1,17 @@ repos: - - repo: https://github.com/psf/black - rev: 23.9.1 + - repo: https://github.com/psf/black-pre-commit-mirror + rev: 25.12.0 hooks: - id: black - repo: https://github.com/PyCQA/isort - rev: 5.12.0 + rev: 7.0.0 hooks: - id: isort files: \.py$ - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.5.0 + rev: v6.0.0 hooks: - id: check-builtin-literals - id: check-added-large-files diff --git a/bedevere/backport.py b/bedevere/backport.py index 6dede2d0..968ab6ea 100644 --- a/bedevere/backport.py +++ b/bedevere/backport.py @@ -1,4 +1,5 @@ """Automatically remove a backport label, and check backport PR validity.""" + import functools import re diff --git a/bedevere/close_pr.py b/bedevere/close_pr.py index a05c856b..c9b6a7f9 100644 --- a/bedevere/close_pr.py +++ b/bedevere/close_pr.py @@ -1,4 +1,5 @@ """Automatically close PR that tries to merge maintenance branch into main.""" + import re import gidgethub.routing diff --git a/bedevere/filepaths.py b/bedevere/filepaths.py index 02dd3fad..72df27d9 100644 --- a/bedevere/filepaths.py +++ b/bedevere/filepaths.py @@ -1,4 +1,5 @@ """Checks related to filepaths on a pull request.""" + import gidgethub.routing from . import news, prtype, util diff --git a/bedevere/gh_issue.py b/bedevere/gh_issue.py index 46dc1b20..9614ae53 100644 --- a/bedevere/gh_issue.py +++ b/bedevere/gh_issue.py @@ -1,4 +1,5 @@ """Check if a GitHub issue number is specified in the pull request's title.""" + import re from typing import Literal diff --git a/bedevere/news.py b/bedevere/news.py index 6088af34..576452ab 100644 --- a/bedevere/news.py +++ b/bedevere/news.py @@ -1,4 +1,5 @@ """Check for a news entry.""" + import functools import pathlib import re diff --git a/bedevere/prtype.py b/bedevere/prtype.py index 5136c74a..64e97520 100644 --- a/bedevere/prtype.py +++ b/bedevere/prtype.py @@ -1,4 +1,5 @@ """Label a pull request based on its type.""" + import enum import pathlib From 7e53d57b1d1d047ccbd3d67045417ec9db597f8d Mon Sep 17 00:00:00 2001 From: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> Date: Fri, 2 Jan 2026 17:59:59 +0200 Subject: [PATCH 3/4] Add more hooks --- .github/dependabot.yml | 4 ++++ .github/workflows/ci.yml | 2 +- .github/zizmor.yml | 6 ++++++ .pre-commit-config.yaml | 30 ++++++++++++++++++++++++++++-- dev-requirements.txt | 2 +- requirements.txt | 2 +- tox.ini | 17 ++++++++++------- 7 files changed, 51 insertions(+), 12 deletions(-) create mode 100644 .github/zizmor.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 772a9742..d130504b 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -11,6 +11,8 @@ updates: pip: patterns: - "*" + cooldown: + default-days: 7 # Maintain dependencies for GitHub Actions - package-ecosystem: "github-actions" @@ -23,3 +25,5 @@ updates: actions: patterns: - "*" + cooldown: + default-days: 7 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a9bf51c1..73eef87b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -44,5 +44,5 @@ jobs: if: always() with: token: ${{ secrets.CODECOV_ORG_TOKEN }} - file: ./coverage.xml + files: ./coverage.xml flags: Python_${{ steps.python-install.outputs.python-version }} diff --git a/.github/zizmor.yml b/.github/zizmor.yml new file mode 100644 index 00000000..10002656 --- /dev/null +++ b/.github/zizmor.yml @@ -0,0 +1,6 @@ +# https://docs.zizmor.sh/configuration/ +rules: + unpinned-uses: + config: + policies: + "*": ref-pin diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index e0c3ac00..fc439616 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -16,9 +16,35 @@ repos: - id: check-builtin-literals - id: check-added-large-files - id: check-case-conflict - - id: check-toml - id: check-yaml - id: debug-statements - id: end-of-file-fixer - - id: forbid-new-submodules + - id: forbid-submodules + - id: requirements-txt-fixer - id: trailing-whitespace + + - repo: https://github.com/python-jsonschema/check-jsonschema + rev: 0.36.0 + hooks: + - id: check-dependabot + - id: check-github-workflows + + - repo: https://github.com/rhysd/actionlint + rev: v1.7.10 + hooks: + - id: actionlint + + - repo: https://github.com/woodruffw/zizmor-pre-commit + rev: v1.19.0 + hooks: + - id: zizmor + + - repo: https://github.com/tox-dev/tox-ini-fmt + rev: 1.7.1 + hooks: + - id: tox-ini-fmt + + - repo: meta + hooks: + - id: check-hooks-apply + - id: check-useless-excludes diff --git a/dev-requirements.txt b/dev-requirements.txt index 3a7f06ea..1a6a940b 100644 --- a/dev-requirements.txt +++ b/dev-requirements.txt @@ -1,6 +1,6 @@ -r requirements.txt asynctest==0.13.0 pytest==9.0.2 -pytest-asyncio==1.3.0 pytest-aiohttp==1.1.0 +pytest-asyncio==1.3.0 pytest-cov==7.0.0 diff --git a/requirements.txt b/requirements.txt index 90cb5186..23099c89 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,7 +7,7 @@ gidgethub==5.4.0 multidict==6.7.0 packaging==25.0 pyparsing==3.3.1 +sentry-sdk==2.48.0 six==1.17.0 uritemplate==4.2.0 yarl==1.22.0 -sentry-sdk==2.48.0 diff --git a/tox.ini b/tox.ini index a266c2eb..ef6d8586 100644 --- a/tox.ini +++ b/tox.ini @@ -1,12 +1,15 @@ [tox] -envlist = py{314, 313, 312, 311, 310} -toxworkdir={env:TOX_WORK_DIR:.tox} +requires = + tox>=4.2 +env_list = + py{314, 313, 312, 311, 310} +work_dir = {env:TOX_WORK_DIR:.tox} [testenv] -passenv = - FORCE_COLOR -skip_install = True +skip_install = true deps = - -r dev-requirements.txt + -r dev-requirements.txt +pass_env = + FORCE_COLOR commands = - pytest {posargs} + pytest {posargs} From e7f75de3dbec8fdaf52f206a89b7d24a2d426756 Mon Sep 17 00:00:00 2001 From: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> Date: Fri, 2 Jan 2026 18:07:34 +0200 Subject: [PATCH 4/4] Remove redundant config: tox already uses TOX_WORK_DIR and defaults to .tox --- tox.ini | 1 - 1 file changed, 1 deletion(-) diff --git a/tox.ini b/tox.ini index ef6d8586..640915e4 100644 --- a/tox.ini +++ b/tox.ini @@ -3,7 +3,6 @@ requires = tox>=4.2 env_list = py{314, 313, 312, 311, 310} -work_dir = {env:TOX_WORK_DIR:.tox} [testenv] skip_install = true