Skip to content

chore: pin all actions and enable zizmor in pre-commit#666

Merged
mayeut merged 1 commit intopypa:mainfrom
mayeut:pin-action
Jan 4, 2026
Merged

chore: pin all actions and enable zizmor in pre-commit#666
mayeut merged 1 commit intopypa:mainfrom
mayeut:pin-action

Conversation

@mayeut
Copy link
Member

@mayeut mayeut commented Jan 4, 2026

No description provided.

@mayeut mayeut requested a review from Copilot January 4, 2026 13:06
Copilot AI reviewed Jan 4, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR enhances security by pinning GitHub Actions to specific commit SHAs and adds zizmor (a security linter for GitHub Actions) to the pre-commit configuration. The changes also modify the Dependabot schedule from weekly to monthly updates.

  • Pins all GitHub Actions to commit SHAs with version comments for better security and reproducibility
  • Adds zizmor pre-commit hook for GitHub Actions security scanning
  • Updates Dependabot to monthly intervals with cooldown configuration

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File Description
.pre-commit-config.yaml Adds zizmor hook for GitHub Actions workflow security scanning
.github/workflows/test.yml Pins actions/checkout, actions/setup-python, actions/cache, docker/setup-qemu-action, pre-commit/action, and codecov/codecov-action to commit SHAs
.github/workflows/release.yml Pins actions/checkout and actions/download-artifact to commit SHAs
.github/dependabot.yml Changes update interval from weekly to monthly and adds cooldown configuration

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@codecov
Copy link

codecov bot commented Jan 4, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 95.24%. Comparing base (dbef2a6) to head (75359da).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #666   +/-   ##
=======================================
  Coverage   95.24%   95.24%           
=======================================
  Files          22       22           
  Lines        1829     1829           
  Branches      343      343           
=======================================
  Hits         1742     1742           
  Misses         48       48           
  Partials       39       39

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@mayeut mayeut merged commit d7c6f0d into pypa:main Jan 4, 2026
24 checks passed
@mayeut mayeut deleted the pin-action branch January 4, 2026 14:15
@mayeut mayeut mentioned this pull request Jan 4, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mayeut