Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build: bump poetry.lock dependencies and pre-commit hooks #347

Merged
merged 3 commits into from
Nov 13, 2023
Merged

build: bump poetry.lock dependencies and pre-commit hooks #347

merged 3 commits into from
Nov 13, 2023

Conversation

phylum-bot
Copy link
Collaborator

Bump dependencies in poetry.lock and hooks in .pre-commit-config.yaml.

@phylum-bot phylum-bot requested a review from a team as a code owner November 13, 2023 14:39
@phylum-bot phylum-bot requested a review from cd-work November 13, 2023 14:39
@github-actions GitHub Actions
Copy link

Phylum OSS Supply Chain Risk Analysis - INCOMPLETE

The analysis contains 2 package(s) Phylum has not yet processed,
preventing a complete risk analysis. Phylum is processing these
packages currently and should complete soon.
Please wait for up to 30 minutes, then re-run the analysis.

View this project in the Phylum UI

@cd-work cd-work requested review from maxrake and removed request for cd-work November 13, 2023 14:49
@maxrake maxrake self-assigned this Nov 13, 2023
@maxrake
ci: enable refurb hook again and bump it
df63318 
The bug has been temporarily fixed in `refurb` and the latest version
including the fix released.
@github-actions GitHub Actions
Copy link

Phylum OSS Supply Chain Risk Analysis - SUCCESS

The Phylum risk analysis is complete and has passed the active policy.

View this project in the Phylum UI

maxrake
maxrake approved these changes Nov 13, 2023
View reviewed changes
Copy link
Contributor

@maxrake maxrake left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are no major version dependency updates. The QA is passing (again). The Phylum analysis came back clean. LGTM.

The refurb pre-commit hook had a problem with an upstream dependency, but they fixed it by pinning the dependency and releasing a new version of refurb. See dosisod/refurb#305 for more detail.

Since I had to bump the hook again, this PR will need to be approved by someone else on the team.

@maxrake maxrake requested a review from kylewillmon November 13, 2023 21:29
@maxrake maxrake merged commit 62ef6f1 into main Nov 13, 2023
12 checks passed
@maxrake maxrake deleted the workflow-auto-updates branch November 13, 2023 21:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maxrake maxrake maxrake approved these changes

@kylewillmon kylewillmon kylewillmon approved these changes

Assignees

@maxrake maxrake

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@phylum-bot @kylewillmon @maxrake