Skip to content

chore: merge next release#1005

Merged
jenstroeger merged 33 commits into
releasefrom
main
Sep 20, 2025
Merged

chore: merge next release#1005
jenstroeger merged 33 commits into
releasefrom
main

Conversation

@jenstroeger

@jenstroeger jenstroeger commented Sep 20, 2025

Copy link
Copy Markdown
Owner

No description provided.

dependabot Bot and others added 30 commits September 10, 2025 10:12
@dependabot
chore(deps): bump pytest-cov from 6.1.0 to 6.3.0 (#996)
cabf83e
@dependabot
chore(deps): bump github/codeql-action from 3.28.13 to 3.30.1 (#995)
892b93a
@dependabot
chore(deps): bump twine from 6.1.0 to 6.2.0 (#994)
f14c3cf
@dependabot
chore(deps): bump actions/setup-python from 5.5.0 to 6.0.0 (#993)
a80136f
@dependabot
chore(deps): update hypothesis requirement from <6.130.9,>=6.21.0 to …
468be5f 
…>=6.21.0,<6.138.16 (#992)
@dependabot
chore(deps): bump pytest-cases from 3.8.6 to 3.9.1 (#958)
dd8ae59
@dependabot
chore(deps): update pre-commit requirement from <4.1.0,>=3.0.0 to >=3…
b6881a5 
….0.0,<4.4.0 (#983)
@dependabot
chore(deps): bump step-security/harden-runner from 2.11.1 to 2.13.0 (#…
4bc4285 
…975)
@dependabot
chore(deps): update mypy requirement from <1.15,>=1.0.0 to >=1.0.0,<1…
09d7c75 
….18 (#972)
@dependabot
chore(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#985)
c5ccbe4
@dependabot
chore(deps): bump slsa-framework/slsa-github-generator from 2.0.0 to …
8b97adb 
…2.1.0 (#916)
@dependabot
chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.2 (#942)
dfe12f3
@dependabot
chore(deps): bump faker from 37.1.0 to 37.6.0 (#990)
dd8777a
@dependabot
chore(deps): bump actions/upload-artifact from 4.5.0 to 4.6.2 (#914)
2d4284e
@dependabot
chore(deps): bump actions/download-artifact from 4.1.8 to 5.0.0 (#984)
a37762b
@dependabot
chore(deps): bump pytest-doctestplus from 1.3.0 to 1.4.0 (#909)
b051cfe
@dependabot @jenstroeger
chore(deps): bump commitizen from 4.5.0 to 4.8.4 (#997)
5a964f1 
* chore(deps): bump commitizen from 4.5.0 to 4.8.4

Bumps [commitizen](https://github.com/commitizen-tools/commitizen) from 4.5.0 to 4.8.4.
- [Release notes](https://github.com/commitizen-tools/commitizen/releases)
- [Changelog](https://github.com/commitizen-tools/commitizen/blob/master/CHANGELOG.md)
- [Commits](commitizen-tools/commitizen@v4.5.0...v4.8.4)

---
updated-dependencies:
- dependency-name: commitizen
  dependency-version: 4.8.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore: add missind deps

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Troeger <jens.troeger@light-speed.de>
@jenstroeger
fix: make sure isort skips over files listed as such in the pyproject…
6bfad98 
….toml tool configuration (#968)
@jenstroeger
fix: building the package’s dist files should *always* generate the b…
b7250ac 
…uild’s epoch as well, even when using the individual package goals only (#950)
@jenstroeger
fix: remove various repo files that leaked into the sdist of the pack…
63c2bd0 
…age (#948)
@jenstroeger
chore: add macOS .DS_Store system files and vim .swp files to the .gi…
ff72c39 
…tignore list (#945)
@jenstroeger
feat(ci): cancel existing running workflows for a PR when a new chang…
761f687 
…e is pushed to that PR (#927)
@dependabot
chore(deps): bump github/codeql-action from 3.30.1 to 3.30.3 (#1003)
7c137a4
@dependabot
chore(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1 (#…
c8fa9d6 
…1001)
@dependabot
chore(deps): bump pytest-cov from 6.3.0 to 7.0.0 (#1000)
67c08dd
@dependabot
chore(deps): update mypy requirement from <1.18,>=1.0.0 to >=1.0.0,<1…
38b7bc1 
….19 (#999)
@dependabot
chore(deps): update hypothesis requirement from <6.138.16,>=6.21.0 to…
6816936 
… >=6.21.0,<6.138.17 (#998)
@jenstroeger
perf(test): use Python’s system monitoring facilities to improve perf…
46d6167 
…ormance of test runs (#933)
@behnazh
build: use head_commit object for checking the bump message (#988)
4a58790 
This PR uses the `head_commit` object from the GitHub context object for checking the bump message. This approach provides a cleaner and more reliable way to detect version bump commits.
@behnazh
feat: add actions to CodeQL languages (#991)
7bd4bc4 
This PR adds the `actions` scanner to the CodeQL configuration, which has been recently added to the supported languages.
behnazh and others added 3 commits September 20, 2025 17:58
@behnazh
ci: remove path exclusion for CodeQL Action runs (#1004)
2da2306 
This PR adds .github/workflows to the CodeQL configuration and removes path exclusions from the CodeQL GitHub Action, ensuring that CodeQL runs on all changes, including modifications to GitHub Actions workflows themselves.
@dependabot
chore(deps): bump commitizen from 4.8.4 to 4.9.1 (#1002)
baf2c80
@jenstroeger
chore(deps-dev): update pre-commit tools (#949)
064fb57
@github-advanced-security

github-advanced-security AI commented Sep 20, 2025

Copy link
Copy Markdown

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

github-advanced-security[bot]
github-advanced-security AI found potential problems Sep 20, 2025
View reviewed changes
Comment thread .github/workflows/pr-conventional-commits.yaml
run: |
pip install --upgrade pip wheel
pip install 'commitizen ==4.5.0'
pip install 'commitizen ==4.9.1'

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 6: pipCommand not pinned by hash
Click Remediation section below to solve this issue
Comment thread .github/workflows/release.yaml
run: |
pip install --upgrade pip wheel
pip install 'commitizen ==4.5.0'
pip install 'commitizen ==4.9.1'

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 6: pipCommand not pinned by hash
Click Remediation section below to solve this issue
Comment thread .github/workflows/release.yaml
run: |
pip install --upgrade pip wheel
pip install 'commitizen ==4.5.0'
pip install 'commitizen ==4.9.1'

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 6: pipCommand not pinned by hash
Click Remediation section below to solve this issue
@jenstroeger jenstroeger merged commit 064fb57 into release Sep 20, 2025
42 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@behnazh behnazh behnazh approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jenstroeger @github-advanced-security @behnazh