raushanprabhakar1 opened a new pull request, #3257: URL: https://github.com/apache/iggy/pull/3257
## Which issue does this PR close? Closes #3246 ## Rationale Supply-chain incidents increasingly rely on very new PyPI uploads. Adding uv’s `exclude-newer` cooldown limits how fresh a release can be when resolving dependencies. We also run `uv audit` locally via pre-commit and add Pyrefly 1.x for type checking alongside mypy, with CI and hooks aligned. ## What changed? Dependency resolution for `foreign/python` now applies a **7-day** `exclude-newer` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
