Skip to content

Add zizmor as a pre-commit hook #626

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jul 7, 2025
Merged

Add zizmor as a pre-commit hook #626

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
dae988d
Add zizmor as a pre-commit hook
AlexWaygood Jul 7, 2025
457a37e
Merge branch 'main' into zizmor
AlexWaygood Jul 7, 2025
2035a54
.
AlexWaygood Jul 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,8 @@ jobs:

steps:
- uses: actions/checkout@v4
with:
persist-credentials: false

- name: Set up Python
uses: actions/setup-python@v5
Expand Down
14 changes: 12 additions & 2 deletions .github/workflows/publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,12 +24,16 @@ jobs:

steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Check package metadata
run: python scripts/check_package.py ${{ github.ref }}
env:
GITHUB_REF: ${{ github.ref }}
run: python scripts/check_package.py "${GITHUB_REF}"
- name: Install pypa/build
run: |
# Be wary of running `pip install` here, since it becomes easy for us to
Expand All @@ -52,6 +56,8 @@ jobs:

steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@v5
with:
Expand Down Expand Up @@ -79,6 +85,8 @@ jobs:

steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@v5
with:
Expand All @@ -105,6 +113,8 @@ jobs:

steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@v5
with:
Expand Down Expand Up @@ -149,4 +159,4 @@ jobs:
- name: Ensure exactly one sdist and one wheel have been downloaded
run: test "$(find dist/*.tar.gz | wc -l | xargs)" = 1 && test "$(find dist/*.whl | wc -l | xargs)" = 1
- name: Publish distribution to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc
9 changes: 9 additions & 0 deletions .github/workflows/third_party.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@ jobs:
uses: actions/checkout@v4
with:
path: typing-extensions-latest
persist-credentials: false
- name: Add local version of typing_extensions as a dependency
run: cd pydantic; uv add --editable ../typing-extensions-latest
- name: Install pydantic test dependencies
Expand Down Expand Up @@ -94,6 +95,7 @@ jobs:
uses: actions/checkout@v4
with:
path: typing-extensions-latest
persist-credentials: false
- name: Install typing_inspect test dependencies
run: |
set -x
Expand Down Expand Up @@ -131,6 +133,7 @@ jobs:
uses: actions/checkout@v4
with:
path: typing-extensions-latest
persist-credentials: false
- name: Install pycroscope test requirements
run: |
set -x
Expand Down Expand Up @@ -168,6 +171,7 @@ jobs:
uses: actions/checkout@v4
with:
path: typing-extensions-latest
persist-credentials: false
- name: Install typeguard test requirements
run: |
set -x
Expand Down Expand Up @@ -205,6 +209,7 @@ jobs:
uses: actions/checkout@v4
with:
path: typing-extensions-latest
persist-credentials: false
- name: Configure git for typed-argument-parser tests
# typed-argument parser does this in their CI,
# and the tests fail unless we do this
Expand Down Expand Up @@ -249,6 +254,7 @@ jobs:
uses: actions/checkout@v4
with:
path: typing-extensions-latest
persist-credentials: false
- name: Install mypy test requirements
run: |
set -x
Expand Down Expand Up @@ -284,6 +290,7 @@ jobs:
uses: actions/checkout@v4
with:
path: typing-extensions-latest
persist-credentials: false
- name: Install pdm for cattrs
run: pip install pdm
- name: Add latest typing-extensions as a dependency
Expand Down Expand Up @@ -326,6 +333,7 @@ jobs:
uses: actions/checkout@v4
with:
path: typing-extensions-latest
persist-credentials: false
- name: Install sqlalchemy test dependencies
run: uv pip install --system tox setuptools
- name: List installed dependencies
Expand Down Expand Up @@ -362,6 +370,7 @@ jobs:
uses: actions/checkout@v4
with:
path: typing-extensions-latest
persist-credentials: false
- name: Install uv
run: curl -LsSf https://astral.sh/uv/install.sh | sh
- name: Run litestar tests
Expand Down
4 changes: 4 additions & 0 deletions .pre-commit-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,10 @@ repos:
# and checks these with shellcheck. This is arguably its most useful feature,
# but the integration only works if shellcheck is installed
- "github.com/wasilibs/go-shellcheck/cmd/shellcheck@v0.10.0"
- repo: https://github.com/woodruffw/zizmor-pre-commit
rev: v1.11.0
hooks:
- id: zizmor
- repo: meta
hooks:
- id: check-hooks-apply
Loading