Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci(deps): update pre-commit hooks #84

Merged
merged 1 commit into from
Feb 1, 2025
Merged

ci(deps): update pre-commit hooks #84

merged 1 commit into from
Feb 1, 2025

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Feb 1, 2025

This PR contains the following updates:

Package Type Update Change
astral-sh/ruff-pre-commit repository minor v0.8.3 -> v0.9.4
crate-ci/typos repository minor v1.28.3 -> v1.29.5
gitleaks/gitleaks repository minor v8.21.2 -> v8.23.3
pre-commit/mirrors-mypy repository minor v1.13.0 -> v1.14.1
python-jsonschema/check-jsonschema repository minor 0.30.0 -> 0.31.1
rhysd/actionlint repository patch v1.7.4 -> v1.7.7

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

Release Notes

astral-sh/ruff-pre-commit (astral-sh/ruff-pre-commit)

v0.9.4

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.9.4

v0.9.3

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.9.3

v0.9.2

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.9.2

v0.9.1

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.9.1

v0.9.0

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.9.0

v0.8.6

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.8.6

v0.8.5

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.8.5

v0.8.4

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.8.4

crate-ci/typos (crate-ci/typos)

v1.29.5

Compare Source

[1.29.5] - 2025-01-30

Internal
  • Update a dependency

v1.29.4

Compare Source

[1.29.4] - 2025-01-03

v1.29.3

Compare Source

[1.29.3] - 2025-01-02

v1.29.2

Compare Source

v1.29.1

Compare Source

[1.29.1] - 2025-01-02

Fixes
  • Don't correct deriver

v1.29.0

Compare Source

[1.29.0] - 2024-12-31

Features
Performance
  • Sped up dictionary lookups

v1.28.4

Compare Source

[1.28.4] - 2024-12-16

Features
  • --format sarif support
gitleaks/gitleaks (gitleaks/gitleaks)

v8.23.3

Compare Source

Changelog

v8.23.2

Compare Source

Changelog

v8.23.1

Compare Source

Changelog

v8.23.0

Compare Source

Changelog

READ THIS!!! The default gitleaks config now uses [[rules.allowlists]]

##### ⚠️ In v8.21.0 `[rules.allowlist]` was replaced with `[[rules.allowlists]]`.
##### This change was backwards-compatible: instances of `[rules.allowlist]` still  work.
    #

##### You can define multiple allowlists for a rule to reduce false positives.
##### A finding will be ignored if _ANY_ `[[rules.allowlists]]` matches.
    [[rules.allowlists]]
    description = "ignore commit A"

##### When multiple criteria are defined the default condition is "OR".
##### e.g., this can match on |commits| OR |paths| OR |stopwords|.
    condition = "OR"
    commits = [ "commit-A", "commit-B"]
    paths = [
      '''go\.mod''',
      '''go\.sum'''
    ]

##### note: stopwords targets the extracted secret, not the entire regex match
##### like 'regexes' does. (stopwords introduced in 8.8.0)
    stopwords = [
      '''client''',
      '''endpoint''',
    ]

    [[rules.allowlists]]

##### The "AND" condition can be used to make sure all criteria match.
##### e.g., this matches if |regexes| AND |paths| are satisfied.
    condition = "AND"

##### note: |regexes| defaults to check the _Secret_ in the finding.
##### Acceptable values for |regexTarget| are "secret" (default), "match", and "line".
    regexTarget = "match"
    regexes = [ '''(?i)parseur[il]''' ]
    paths = [ '''package-lock\.json''' ]

v8.22.1

Compare Source

Changelog

v8.22.0

Compare Source

Changelog

This bumps the gitleaks binary size from around 8.5MB to 15MB but yields 2-4x speedup. Worth it imo. If you feel strongly against this change feel free to open an issue where we can discuss the tradeoffs in more depth. Credit to @​ahrav

v8.21.4

Compare Source

Changelog

v8.21.3

Compare Source

Changelog

pre-commit/mirrors-mypy (pre-commit/mirrors-mypy)

v1.14.1

Compare Source

v1.14.0

Compare Source

python-jsonschema/check-jsonschema (python-jsonschema/check-jsonschema)

v0.31.1

Compare Source

  • Update vendored schemas: buildkite, cloudbuild, compose-spec, mergify,
    renovate (2025-01-26)
  • Update the gitlab and renovate hooks to use
    --regex-variant nonunicode. Thanks :user:quentin-ag and :user:Callek
    for reporting! (:issue:516, :issue:518)
  • Update the required ruamel.yaml version to a range,
    >=0.18.10,<0.19.0.

v0.31.0

Compare Source

  • Update vendored schemas: azure-pipelines, bamboo-spec, buildkite, circle-ci,
    dependabot, gitlab-ci, mergify, readthedocs, renovate, taskfile (2025-01-07)

  • Drop support for Python 3.8

  • Rename --format-regex to --regex-variant and convert
    --format-regex to a deprecated alias.
    It will be removed in a future release.

  • Regular expression interpretation in "pattern", "patternProperties", and
    "format": "regex" usages now uses unicode-mode JS regular expressions by
    default. (:issue:353)

    • Use --regex-variant nonunicode to get non-unicode JS regular
      expressions, the default behavior from previous versions.
    • Custom validators may be impacted by the new regular expression
      features. Validators are now always modified with the jsonschema
      library's extend() API to control the pattern and
      patternProperties keywords.
rhysd/actionlint (rhysd/actionlint)

v1.7.7

Compare Source

[Changes][v1.7.7]

v1.7.6

Compare Source

  • Using contexts at specific workflow keys is incorrectly reported as not allowed. Affected workflow keys are as follows. (#​495, #​497, #​498, #​500)
    • jobs.<job_id>.steps.with.args
    • jobs.<job_id>.steps.with.entrypoint
    • jobs.<job_id>.services.<service_id>.env
  • Update Go dependencies to the latest.

[Changes][v1.7.6]

v1.7.5

Compare Source

  • Strictly check available contexts in ${{ }} placeholders following the 'Context availability' table in the official document.
    • For example, jobs.<job>.env allows github context but jobs.<job>.services.<service>.env doesn't allow any contexts. Now actionlint can catch the mistake. 
      jobs:
  test:
    runs-on: ubuntu-latest
    env:

OK. github context is available here.

      COMMIT_SHA: ${{ github.sha }}
    services:
      redis:
        image: redis
        env:

ERROR: No context is available here.

          COMMIT_SHA: ${{ github.sha }}
    steps:
      - ...
```
  • Check a string literal passed to fromJSON() call. This pattern is popular to create array or object constants because GitHub Actions does not provide the literal syntax for them. See the document for more details. (#​464) 
    jobs:
  test:

ERROR: Key 'mac' does not exist in the object returned by the fromJSON()

  runs-on: ${{ fromJSON('{"win":"windows-latest","linux":"ubuntul-latest"}')['mac'] }}
  steps:
    - run: echo This is a special branch!

ERROR: Broken JSON string passed to fromJSON.

      if: contains(fromJSON('["main","release","dev"'), github.ref_name)

- Allow passing command arguments to `-shellcheck` argument. ([#&#8203;483](https://redirect.github.com/rhysd/actionlint/issues/483), thanks [@&#8203;anuraaga](https://redirect.github.com/anuraaga))
- This is useful when you want to use alternative build of shellcheck like [go-shellcheck](https://redirect.github.com/wasilibs/go-shellcheck/).
  ```sh
  actionlint -shellcheck="go run github.com/wasilibs/go-shellcheck/cmd/shellcheck@latest"
  ```
- Support undocumented `repository_visibility`, `artifact_cache_size_limit`, `step_summary`, `output`, `state` properties in `github` context. ([#&#8203;489](https://redirect.github.com/rhysd/actionlint/issues/489), thanks [@&#8203;rasa](https://redirect.github.com/rasa) for adding `repository_visibility` property)
- Remove `macos-12` runner label from known labels because it was [dropped](https://redirect.github.com/actions/runner-images/issues/10721) from GitHub-hosted runners on Dec. 3 and is no longer available.
- Add `windows-2025` runner label to the known labels. The runner is in [public preview](https://github.blog/changelog/2024-12-19-windows-server-2025-is-now-in-public-preview/). ([#&#8203;491](https://redirect.github.com/rhysd/actionlint/issues/491), thanks [@&#8203;ericcornelissen](https://redirect.github.com/ericcornelissen))
- Add `black` to the list of colors for `branding.color` action metadata. ([#&#8203;485](https://redirect.github.com/rhysd/actionlint/issues/485), thanks [@&#8203;eifinger](https://redirect.github.com/eifinger))
- Add `table` to the list of icons for `branding.icon` action metadata.
- Fix parsing escaped `{` in `format()` function call's first argument.
- Fix the incorrect `join()` function overload. `join(s1: string, s2: string)` was wrongly accepted.
- Update popular actions data set to the latest.
- Add `download-artifact/v3-node20` to the data set. ([#&#8203;468](https://redirect.github.com/rhysd/actionlint/issues/468))
- Fix missing the `reviewdog/action-hadolint@v1` action input. ([#&#8203;487](https://redirect.github.com/rhysd/actionlint/issues/487), thanks [@&#8203;mi-wada](https://redirect.github.com/mi-wada))
- Link to the documents of the stable version in actionlint `man` page and `-help` output.
- Refactor `LintStdin()` API example and some unit tests. ([#&#8203;472](https://redirect.github.com/rhysd/actionlint/issues/472), [#&#8203;475](https://redirect.github.com/rhysd/actionlint/issues/475), thanks [@&#8203;alexandear](https://redirect.github.com/alexandear))
- Improve the configuration example in `actionlint.yaml` document to explain glob patterns for `paths`. ([#&#8203;481](https://redirect.github.com/rhysd/actionlint/issues/481))

[Changes][v1.7.5]

<a id="v1.7.4"></a>

Configuration

📅 Schedule: Branch creation - "before 5am on Saturday every 4 weeks of the year starting on the 2th week" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot merged commit f579754 into main Feb 1, 2025
10 checks passed
@renovate renovate bot deleted the renovate/pre-commit-hooks branch February 1, 2025 20:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@DeadNews DeadNews

Labels
deps pre-commit
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@DeadNews