Skip to content

MNT: upgrade zizmor (v1.0.0 -> v1.3.0) #17721

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pllim merged 1 commit into from
Feb 4, 2025
Merged

MNT: upgrade zizmor (v1.0.0 -> v1.3.0) #17721

pllim merged 1 commit into from
Feb 4, 2025

Conversation

@neutrinoceros
Copy link
Contributor

@neutrinoceros neutrinoceros commented Feb 4, 2025
edited by pllim
Loading

Description

This is a manual upgrade for zizmor, previously attempted automatically in #17710

The one new error flagged is explained in zizmor's doc. I've attempted to set explicit permissions in all places reported by zizmor 1.3.0, but I expect a couple iterations might be needed to get this right.

EDIT: Also close #14072

  • By checking this box, the PR author has requested that maintainers do NOT use the "Squash and Merge" button. Maintainers should respect this when possible; however, the final decision is at the discretion of the maintainer that merges the PR.

@github-actions github-actions bot added testing skip-changelog-checks Tells bot to skip changlog checks labels Feb 4, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Feb 4, 2025

Thank you for your contribution to Astropy! 🌌 This checklist is meant to remind the package maintainers who will review this pull request of some common things to look for.

  • Do the proposed changes actually accomplish desired goals?
  • Do the proposed changes follow the Astropy coding guidelines?
  • Are tests added/updated as required? If so, do they follow the Astropy testing guidelines?
  • Are docs added/updated as required? If so, do they follow the Astropy documentation guidelines?
  • Is rebase and/or squash necessary? If so, please provide the author with appropriate instructions. Also see instructions for rebase and squash.
  • Did the CI pass? If no, are the failures related? If you need to run daily and weekly cron jobs as part of the PR, please apply the "Extra CI" label. Codestyle issues can be fixed by the bot.
  • Is a change log needed? If yes, did the change log check pass? If no, add the "no-changelog-entry-needed" label. If this is a manual backport, use the "skip-changelog-checks" label unless special changelog handling is necessary.
  • Is this a big PR that makes a "What's new?" entry worthwhile and if so, is (1) a "what's new" entry included in this PR and (2) the "whatsnew-needed" label applied?
  • At the time of adding the milestone, if the milestone set requires a backport to release branch(es), apply the appropriate "backport-X.Y.x" label(s) before merge.

@github-actions
Copy link
Contributor

github-actions bot commented Feb 4, 2025

👋 Thank you for your draft pull request! Do you know that you can use [ci skip] or [skip ci] in your commit messages to skip running continuous integration tests until you are ready?

@neutrinoceros neutrinoceros mentioned this pull request Feb 4, 2025
Closed
@neutrinoceros neutrinoceros changed the title MNT: upgrade zizmor (v1.0.0 -> v1.3.0) MNT: upgrade zizmor (v1.0.0 -> v1.3.0) Feb 4, 2025
@neutrinoceros neutrinoceros modified the milestones: v7.1.0, v7.0.1 Feb 4, 2025
@neutrinoceros neutrinoceros marked this pull request as ready for review February 4, 2025 08:57
@neutrinoceros neutrinoceros requested a review from a team February 4, 2025 08:57
@nstarman
Copy link
Member

nstarman commented Feb 4, 2025

LGTM but wait for the security team.

pllim
pllim approved these changes Feb 4, 2025
View reviewed changes
Copy link
Member

@pllim pllim left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@pllim pllim merged commit d1421cd into astropy:main Feb 4, 2025
35 of 36 checks passed
@lumberbot-app

This comment was marked as resolved.

Sign in to view
@pllim
Copy link
Member

pllim commented Feb 4, 2025

@neutrinoceros are you able to help with manual backport? If not, I can do it. Let me know. Thanks! 🙏

@neutrinoceros
Copy link
Contributor Author

neutrinoceros commented Feb 4, 2025

Out of office hours for today, but happy to do it in the morning !

@neutrinoceros neutrinoceros deleted the mnt/upgrade_zizmor_1.3.0 branch February 4, 2025 18:07
pllim added a commit to pllim/astropy that referenced this pull request Feb 4, 2025
@pllim
Merge pull request astropy#17721 from neutrinoceros/mnt/upgrade_zizmo…
e4fa5fc 
…r_1.3.0

MNT: upgrade zizmor (`v1.0.0` -> `v1.3.0`)
(cherry picked from commit d1421cd)
@pllim pllim mentioned this pull request Feb 4, 2025
Merged
1 task
@pllim
Copy link
Member

pllim commented Feb 4, 2025

Ah, don't worry about it then. I opened #17724 . Thanks!

pllim added a commit that referenced this pull request Feb 4, 2025
@pllim
Merge pull request #17724 from pllim/backport-of-pr-17721-on-v7.0.x
8b36bad 
Backport PR #17721 on branch v7.0.x (MNT: upgrade zizmor (v1.0.0 -> v1.3.0))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pllim pllim pllim approved these changes

@nstarman nstarman nstarman approved these changes

@WilliamJamieson WilliamJamieson Awaiting requested review from WilliamJamieson WilliamJamieson is a code owner

Assignees

No one assigned

Labels

dev-automation no-changelog-entry-needed skip-changelog-checks Tells bot to skip changlog checks testing

Projects

None yet

Milestone

v7.0.1

Development

Successfully merging this pull request may close these issues.

MNT: Narrow down GitHub Actions permissions (Part 2)

3 participants

@neutrinoceros @nstarman @pllim