10000 Add zizmor as a pre-commit hook (#626) · python/typing_extensions@3b9b86e · GitHub
[go: up one dir, main page]
Skip to content

Commit 3b9b86e

Browse files
AlexWaygoodAlexWaygood
authored
Add zizmor as a pre-commit hook (#626)
1 parent a50c112 commit 3b9b86e

File tree

4 files changed

+27
-2
lines changed

4 files changed

+27
-2
lines changed

.github/workflows/ci.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,8 @@ jobs:
5757

5858
steps:
5959
- uses: actions/checkout@v4
60+
with:
61+
persist-credentials: false
6062

6163
- name: Set up Python
6264
uses: actions/setup-python@v5

.github/workflows/publish.yml

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -24,12 +24,16 @@ jobs:
2424

2525
steps:
2626
- uses: actions/checkout@v4
27+
with:
28+
persist-credentials: false
2729
- name: Set up Python
2830
uses: actions/setup-python@v5
2931
with:
3032
python-version: "3.x"
3133
- name: Check package metadata
32-
run: python scripts/check_package.py ${{ github.ref }}
34+
env:
35+
GITHUB_REF: ${{ github.ref }}
36+
run: python scripts/check_package.py "${GITHUB_REF}"
3337
- name: Install pypa/build
3438
run: |
3539
# Be wary of running `pip install` here, since it becomes easy for us to
@@ -52,6 +56,8 @@ jobs:
5256

5357
steps:
5458
- uses: actions/checkout@v4
59+
with:
60+
persist-credentials: false
5561
- name: Set up Python
5662
uses: actions/setup-python@v5
5763
with:
@@ -79,6 +85,8 @@ jobs:
7985

8086
steps:
8187
- uses: actions/checkout@v4
88+
with:
89+
persist-credentials: false
8290
- name: Set up Python
8391
uses: actions/setup-python@v5
8492
with:
@@ -105,6 +113,8 @@ jobs:
105113

106114
steps:
107115
- uses: actions/checkout@v4
116+
with:
117+
persist-credentials: false
108118
- name: Set up Python
109119
uses: actions/setup-python@v5
110120
with:
@@ -149,4 +159,4 @@ jobs:
149159
- name: Ensure exactly one sdist and one wheel have been downloaded
150160
run: test "$(find dist/*.tar.gz | wc -l | xargs)" = 1 && test "$(find dist/*.whl | wc -l | xargs)" = 1
151161
- name: Publish distribution to PyPI
152-
uses: pypa/gh-action-pypi-publish@release/v1
162+
uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc

.github/workflows/third_party.yml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -63,6 +63,7 @@ jobs:
6363
uses: actions/checkout@v4
6464
with:
6565
path: typing-extensions-latest
66+
persist-credentials: false
6667
- name: Add local version of typing_extensions as a dependency
6768
run: cd pydantic; uv add --editable ../typing-extensions-latest
6869
- name: Install pydantic test dependencies
@@ -94,6 +95,7 @@ jobs:
9495
uses: actions/checkout@v4
9596
with:
9697
path: typing-extensions-latest
98+
persist-credentials: false
9799
- name: Install typing_inspect test dependencies
98100
run: |
99101
set -x
@@ -131,6 +133,7 @@ jobs:
131133
uses: actions/checkout@v4
132134
with:
133135
path: typing-extensions-latest
136+
persist-credentials: false
134137
- name: Install pycroscope test requirements
135138
run: |
136139
set -x
@@ -168,6 +171,7 @@ jobs:
168171
uses: actions/checkout@v4
169172
with:
170173
path: typing-extensions-latest
174+
persist-credentials: false
171175
- name: Install typeguard test requirements
172176
run: |
173177
set -x
@@ -205,6 +209,7 @@ jobs:
205209
uses: actions/checkout@v4
206210
with:
207211
path: typing-extensions-latest
212+
persist-credentials: false
208213
- name: Configure git for typed-argument-parser tests
209214
# typed-argument parser does this in their CI,
210215
# and the tests fail unless we do this
@@ -249,6 +254,7 @@ jobs:
249254
uses: actions/checkout@v4
250255
with:
251256
path: typing-extensions-latest
257+
persist-credentials: false
252258
- name: Install mypy test requirements
253259
run: |
254260
set -x
@@ -284,6 +290,7 @@ jobs:
284290
uses: actions/checkout@v4
285291
with:
286292
path: typing-extensions-latest
293+
persist-credentials: false
287294
- name: Install pdm for cattrs
288295
run: pip install pdm
289296
- name: Add latest typing-extensions as a dependency
@@ -326,6 +333,7 @@ jobs:
326333
uses: actions/checkout@v4
327334
with:
328335
path: typing-extensions-latest
336+
persist-credentials: false
329337
- name: Install sqlalchemy test dependencies
330338
run: uv pip install --system tox setuptools
331339
- name: List installed dependencies
@@ -362,6 +370,7 @@ jobs:
362370
uses: actions/checkout@v4
363371
with:
364372
path: typing-extensions-latest
373+
persist-credentials: false
365374
- name: Install uv
366375
run: curl -LsSf https://astral.sh/uv/install.sh | sh
367376
- name: Run litestar tests

.pre-commit-config.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,10 @@ repos:
4141
# and checks these with shellcheck. This is arguably its most useful feature,
4242
# but the integration only works if shellcheck is installed
4343
- "github.com/wasilibs/go-shellcheck/cmd/shellcheck@v0.10.0"
44+
- repo: https://github.com/woodruffw/zizmor-pre-commit
45+
rev: v1.11.0
46+
hooks:
47+
- id: zizmor
4448
- repo: meta
4549
hooks:
4650
- id: check-hooks-apply

0 commit comments

Comments
 (0)
0