https://github.com/python/cpython/commit/e6b11c886190ae83b9b54b9e026a5443c42bc19b
commit: e6b11c886190ae83b9b54b9e026a5443c42bc19b
branch: 3.14
author: Hugo van Kemenade <[email protected]>
committer: hugovk <[email protected]>
date: 2025-12-23T16:51:54Z
summary:
[3.14] Update pre-commit with zizmor and Ruff fixes (GH-143095) (#143102)
files:
M .github/dependabot.yml
M .github/workflows/tail-call.yml
M .pre-commit-config.yaml
M Doc/tools/check-warnings.py
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index c8a3165d690364..7f3376f8ddb1e2 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -12,6 +12,11 @@ updates:
update-types:
- "version-update:semver-minor"
- "version-update:semver-patch"
+ cooldown:
+ #
https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns
+ # Cooldowns protect against supply chain attacks by avoiding the
+ # highest-risk window immediately after new releases.
+ default-days: 14
- package-ecosystem: "pip"
directory: "/Tools/"
schedule:
@@ -19,3 +24,5 @@ updates:
labels:
- "skip issue"
- "skip news"
+ cooldown:
+ default-days: 14
diff --git a/.github/workflows/tail-call.yml b/.github/workflows/tail-call.yml
index e99e317182eaa6..182aadda77832b 100644
--- a/.github/workflows/tail-call.yml
+++ b/.github/workflows/tail-call.yml
@@ -81,24 +81,24 @@ jobs:
- name: Native Windows (debug)
if: runner.os == 'Windows' && matrix.architecture != 'ARM64'
- shell: cmd
+ shell: pwsh
run: |
choco install llvm --allow-downgrade --no-progress --version ${{
matrix.llvm }}.1.0
- set PlatformToolset=clangcl
- set LLVMToolsVersion=${{ matrix.llvm }}.1.0
- set LLVMInstallDir=C:\Program Files\LLVM
- call ./PCbuild/build.bat --tail-call-interp -d -p ${{
matrix.architecture }}
- call ./PCbuild/rt.bat -d -p ${{ matrix.architecture }} -q
--multiprocess 0 --timeout 4500 --verbose2 --verbose3
+ $env:PlatformToolset = "clangcl"
+ $env:LLVMToolsVersion = "${{ matrix.llvm }}.1.0"
+ $env:LLVMInstallDir = "C:\Program Files\LLVM"
+ ./PCbuild/build.bat --tail-call-interp -d -p ${{ matrix.architecture
}}
+ ./PCbuild/rt.bat -d -p ${{ matrix.architecture }} -q --multiprocess
0 --timeout 4500 --verbose2 --verbose3
# No tests (yet):
- name: Emulated Windows (release)
if: runner.os == 'Windows' && matrix.architecture == 'ARM64'
- shell: cmd
+ shell: pwsh
run: |
choco install llvm --allow-downgrade --no-progress --version ${{
matrix.llvm }}.1.0
- set PlatformToolset=clangcl
- set LLVMToolsVersion=${{ matrix.llvm }}.1.0
- set LLVMInstallDir=C:\Program Files\LLVM
+ $env:PlatformToolset = "clangcl"
+ $env:LLVMToolsVersion = "${{ matrix.llvm }}.1.0"
+ $env:LLVMInstallDir = "C:\Program Files\LLVM"
./PCbuild/build.bat --tail-call-interp -p ${{ matrix.architecture }}
- name: Native macOS (release)
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index ee89e18db35e15..ed88e9ca81b49c 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
repos:
- repo: https://github.com/astral-sh/ruff-pre-commit
- rev: v0.13.2
+ rev: v0.14.10
hooks:
- id: ruff-check
name: Run Ruff (lint) on Apple/
@@ -52,7 +52,7 @@ repos:
files: ^Tools/wasm/
- repo: https://github.com/psf/black-pre-commit-mirror
- rev: 25.9.0
+ rev: 25.12.0
hooks:
- id: black
name: Run Black on Tools/jit/
@@ -83,24 +83,24 @@ repos:
files: '^\.github/CODEOWNERS|\.(gram)$'
- repo: https://github.com/python-jsonschema/check-jsonschema
- rev: 0.34.0
+ rev: 0.36.0
hooks:
- id: check-dependabot
- id: check-github-workflows
- id: check-readthedocs
- repo: https://github.com/rhysd/actionlint
- rev: v1.7.7
+ rev: v1.7.9
hooks:
- id: actionlint
- repo: https://github.com/woodruffw/zizmor-pre-commit
- rev: v1.14.1
+ rev: v1.19.0
hooks:
- id: zizmor
- repo: https://github.com/sphinx-contrib/sphinx-lint
- rev: v1.0.0
+ rev: v1.0.2
hooks:
- id: sphinx-lint
args: [--enable=default-role]
diff --git a/Doc/tools/check-warnings.py b/Doc/tools/check-warnings.py
index f9b8c45a78af49..3168f3f01cd1e2 100644
--- a/Doc/tools/check-warnings.py
+++ b/Doc/tools/check-warnings.py
@@ -311,8 +311,11 @@ def main(argv: list[str] | None = None) -> int:
if not Path("Doc").exists() or not Path("Doc").is_dir():
raise RuntimeError(wrong_directory_msg)
- with Path("Doc/sphinx-warnings.txt").open(encoding="UTF-8") as f:
- warnings = f.read().splitlines()
+ warnings = (
+ Path("Doc/sphinx-warnings.txt")
+ .read_text(encoding="UTF-8")
+ .splitlines()
+ )
cwd = str(Path.cwd()) + os.path.sep
files_with_nits = {
_______________________________________________
Python-checkins mailing list -- [email protected]
To unsubscribe send an email to [email protected]
https://mail.python.org/mailman3//lists/python-checkins.python.org
Member address: [email protected]
