Open
Conversation
Signed-off-by: Bernát Gábor <bgabor8@bloomberg.net>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
updates: - [github.com/python-jsonschema/check-jsonschema: 0.31.0 → 0.31.1](python-jsonschema/check-jsonschema@0.31.0...0.31.1) - [github.com/codespell-project/codespell: v2.4.0 → v2.4.1](codespell-project/codespell@v2.4.0...v2.4.1) - [github.com/astral-sh/ruff-pre-commit: v0.9.3 → v0.9.4](astral-sh/ruff-pre-commit@v0.9.3...v0.9.4)
[pre-commit.ci] pre-commit autoupdate
Signed-off-by: Bernát Gábor <bgabor8@bloomberg.net>
Signed-off-by: Bernát Gábor <bgabor8@bloomberg.net>
Remove old virtualenv wheel
Bump pip to 25.0.1
release 20.29.2
updates: - [github.com/astral-sh/ruff-pre-commit: v0.9.4 → v0.9.6](astral-sh/ruff-pre-commit@v0.9.4...v0.9.6) - [github.com/rbubley/mirrors-prettier: v3.4.2 → v3.5.0](rbubley/mirrors-prettier@v3.4.2...v3.5.0)
for more information, see https://pre-commit.ci
[pre-commit.ci] pre-commit autoupdate
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Previously, message and args would each get interpolated separately,
with a result like
wrote python info of %s at (PosixPath('/usr/bin/python3.12'),
PosixPath('/home/...f265.json')) [DEBUG via_disk_folder:153]
Now, remove the formatting placeholder from the message passed by
concrete classes. msg then becomes unnecessary; pass it in as part
of msg_args. The result is more like
wrote python info of /usr/bin/python3.12 at /home/...f265.json
[DEBUG via_disk_folder:153]
Remove duplicate bug report template
Fix debug logging interpolation
When enumerating over search paths in `$PATH`, ignore any entry where `Path.iterdir()` fails or produces no results.
Ignore directories in PATH that can't be opened
updates: - [github.com/tox-dev/pyproject-fmt: v2.5.0 → v2.5.1](tox-dev/pyproject-fmt@v2.5.0...v2.5.1) - [github.com/astral-sh/ruff-pre-commit: v0.9.7 → v0.9.9](astral-sh/ruff-pre-commit@v0.9.7...v0.9.9) - [github.com/rbubley/mirrors-prettier: v3.5.2 → v3.5.3](rbubley/mirrors-prettier@v3.5.2...v3.5.3)
…3074) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
This change adds full return-type and parameter-type annotations to all ~625 functions and methods across the entire virtualenv source tree. It brings the codebase from ~26% type coverage to near-complete coverage, matching the standard already established in the sibling tox project. Key changes include: - PEP 561 marker: Added `py.typed` so downstream consumers get inline type information. - Ruff ANN rules enabled: Replaced the blanket "ANN" ignore in `pyproject.toml` with only the two specific exceptions (ANN003, ANN401), and added FBT001 to the global ignore since the existing boolean-positional-argument function signatures are public API. - ty type checker hardened: Added --error-on-warning to both `type` and `type-3.8` tox environments in `tox.toml`. - All modules annotated: config, run, create (including CPython/PyPy/GraalPy/RustPython builders), activation (all 7 shells), seed (pip install, wheels, periodic update), app_data, util (lock, path, subprocess, zipapp), and discovery — every function now has explicit parameter types and return types. - Both linters pass clean: ruff check and ty check --python-version 3.14 --error-on-warning report zero errors. All pre-existing tests continue to pass. Fixes: #3075 ### Thanks for contributing, make sure you address all the checklists (for details on how see [development documentation](https://virtualenv.pypa.io/en/latest/development.html#development)) - [x] ran the linter to address style issues (`tox -e fix`) - [x] wrote descriptive pull request text - [x] ensured there are test(s) validating the fix - [x] added news fragment in `docs/changelog` folder - [x] updated/extended the documentation --------- Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
GitHub recognizes SECURITY.md in .github/ directory. Remove the duplicate from repo root.
Remove .yml duplicates and rename to .yaml where needed: rename dependabot.yml->.yaml rename release.yml->.yaml rename FUNDING.yml->.yaml
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Automated upgrade of embedded pip, setuptools, and wheel dependencies. This PR was created automatically by the [upgrade workflow](https://github.com/pypa/virtualenv/actions/workflows/upgrade.yaml). --------- Co-authored-by: gaborbernat <690238+gaborbernat@users.noreply.github.com> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
<!--pre-commit.ci start--> updates: - [github.com/tox-dev/pyproject-fmt: v2.16.2 → v2.19.0](tox-dev/pyproject-fmt@v2.16.2...v2.19.0) - [github.com/astral-sh/ruff-pre-commit: v0.15.5 → v0.15.6](astral-sh/ruff-pre-commit@v0.15.5...v0.15.6) <!--pre-commit.ci end--> --------- Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> Co-authored-by: Bernát Gábor <bgabor8@bloomberg.net>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
GitHub Actions workflows were vulnerable to several security issues including template injection, credential exposure, and permission over-scoping. These vulnerabilities could allow attackers to execute arbitrary code or access sensitive tokens. This change adds `zizmor` as a pre-commit hook to continuously audit workflow security and fixes all existing vulnerabilities. The fixes include pinning actions to commit hashes, moving secrets to dedicated environments, isolating GitHub context from shell execution, and restricting permissions to the minimum required scope. All workflows now pass security audit with zero findings. Future workflow changes will be automatically checked before commit. --------- Signed-off-by: Bernát Gábor <bgabor8@bloomberg.net> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
<!--pre-commit.ci start--> updates: - [github.com/python-jsonschema/check-jsonschema: 0.37.0 → 0.37.1](python-jsonschema/check-jsonschema@0.37.0...0.37.1) - [github.com/astral-sh/ruff-pre-commit: v0.15.7 → v0.15.8](astral-sh/ruff-pre-commit@v0.15.7...v0.15.8) <!--pre-commit.ci end--> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )