From 66f82e7f5caa5f23879658d38f6bd38086217d6c Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Tue, 4 Feb 2025 00:06:57 +0000 Subject: [PATCH 1/2] [pre-commit.ci] pre-commit autoupdate MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit updates: - [github.com/astral-sh/ruff-pre-commit: v0.8.6 → v0.9.4](https://github.com/astral-sh/ruff-pre-commit/compare/v0.8.6...v0.9.4) - [github.com/woodruffw/zizmor-pre-commit: v1.0.0 → v1.3.0](https://github.com/woodruffw/zizmor-pre-commit/compare/v1.0.0...v1.3.0) --- .pre-commit-config.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 0392b65..35408d4 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -20,12 +20,12 @@ repos: - id: check-docstring-first - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.8.6 + rev: v0.9.5 hooks: - id: ruff - id: ruff-format - repo: https://github.com/woodruffw/zizmor-pre-commit - rev: v1.0.0 + rev: v1.3.0 hooks: - id: zizmor From e534a9f6816bd2d9a08929624189a7c4b2177930 Mon Sep 17 00:00:00 2001 From: Branch Vincent Date: Sat, 8 Feb 2025 14:41:23 -0800 Subject: [PATCH 2/2] chore: fix zizmor findings --- .github/workflows/main.yaml | 2 ++ .github/workflows/release.yaml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 4c6c6e1..350044a 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -10,6 +10,8 @@ concurrency: group: tests-${{ github.head_ref || github.ref }} cancel-in-progress: ${{ github.event_name == 'pull_request' }} +permissions: {} + jobs: tests: name: ${{ matrix.os }} / ${{ matrix.python-version }} ${{ matrix.suffix }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 7559d93..670a49f 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -4,6 +4,8 @@ on: release: types: [published] +permissions: {} + jobs: build: name: Build