Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: github-community-projects/contributors
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.7.0
Choose a base ref
...
head repository: github-community-projects/contributors
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.7.1
Choose a head ref
  • 6 commits
  • 14 files changed
  • 3 contributors

Commits on Aug 25, 2025

  1. chore(deps): bump python from 8220cce to 27f90d7 

    Bumps python from `8220cce` to `27f90d7`.

---
updated-dependencies:
- dependency-name: python
  dependency-version: 3.13.7-slim
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Aug 25, 2025
    Configuration menu
    Copy the full SHA
    855b4ac View commit details
    Browse the repository at this point in the history

  2. chore(deps): bump requests in the dependencies group 

    Bumps the dependencies group with 1 update: [requests](https://github.com/psf/requests).


Updates `requests` from 2.32.4 to 2.32.5
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.4...v2.32.5)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.32.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Aug 25, 2025
    Configuration menu
    Copy the full SHA
    85b0a41 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #319 from github/dependabot/pip/dependencies-23f06… 

    …ca20f
    @zkoppert
    zkoppert authored Aug 25, 2025
    Configuration menu
    Copy the full SHA
    ae715be View commit details
    Browse the repository at this point in the history

  4. Merge pull request #318 from github/dependabot/docker/python-27f90d7

    @zkoppert
    zkoppert authored Aug 25, 2025
    Configuration menu
    Copy the full SHA
    4f538cc View commit details
    Browse the repository at this point in the history

Commits on Sep 11, 2025

  1. chore(deps): bump the dependencies group with 2 updates (#322) 

    * chore(deps): bump the dependencies group with 2 updates

Bumps the dependencies group with 2 updates: [pytest](https://github.com/pytest-dev/pytest) and [pytest-cov](https://github.com/pytest-dev/pytest-cov).


Updates `pytest` from 8.4.1 to 8.4.2
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.4.1...8.4.2)

Updates `pytest-cov` from 6.2.1 to 6.3.0
- [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst)
- [Commits](pytest-dev/pytest-cov@v6.2.1...v6.3.0)

---
updated-dependencies:
- dependency-name: pytest
  dependency-version: 8.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pytest-cov
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix: git version in Dockerfile

Signed-off-by: jmeridth <jmeridth@gmail.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: jmeridth <jmeridth@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: jmeridth <jmeridth@gmail.com>
    @dependabot @jmeridth
    dependabot[bot] and jmeridth authored Sep 11, 2025
    Configuration menu
    Copy the full SHA
    47851f0 View commit details
    Browse the repository at this point in the history

  2. chore(deps): bump the dependencies group with 4 updates (#320) 

    * chore(deps): bump the dependencies group with 4 updates

Bumps the dependencies group with 4 updates: [github/ospo-reusable-workflows](https://github.com/github/ospo-reusable-workflows), [github/contributors](https://github.com/github/contributors), [github/codeql-action](https://github.com/github/codeql-action) and [super-linter/super-linter](https://github.com/super-linter/super-linter).


Updates `github/ospo-reusable-workflows` from 0.5.2 to 0.5.3
- [Release notes](https://github.com/github/ospo-reusable-workflows/releases)
- [Changelog](https://github.com/github/ospo-reusable-workflows/blob/main/docs/release-image.md)
- [Commits](github-community-projects/ospo-reusable-workflows@ebb4e21...c9afb9b)

Updates `github/contributors` from 1.5.11 to 1.7.0
- [Release notes](https://github.com/github/contributors/releases)
- [Commits](69e531b...ae62be2)

Updates `github/codeql-action` from 3.29.9 to 3.29.11
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@df55935...3c3833e)

Updates `super-linter/super-linter` from 8.0.0 to 8.1.0
- [Release notes](https://github.com/super-linter/super-linter/releases)
- [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md)
- [Commits](super-linter/super-linter@5119dcd...ffde3b2)

---
updated-dependencies:
- dependency-name: github/ospo-reusable-workflows
  dependency-version: 0.5.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github/contributors
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-version: 3.29.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: super-linter/super-linter
  dependency-version: 8.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix: linting

- ensure credentials are not persisted past checkout of code
- add zizmor.yml file to allow pull_request_target in actions for auto-labeler to work on fork pull requests
- add HEALTHCHECK and non-root user to Dockerfile

Signed-off-by: jmeridth <jmeridth@gmail.com>

* fix: missing slash at end of Dockerfile run command

Signed-off-by: jmeridth <jmeridth@gmail.com>

* fix: create the group

Signed-off-by: jmeridth <jmeridth@gmail.com>

* fix: move zizmor config so super-linter can use it

Signed-off-by: jmeridth <jmeridth@gmail.com>

* fix: zizmor config

super linter is still using 1.12.1 so have to use that config for ignore/disable

disable is available in v1.13.0

Signed-off-by: jmeridth <jmeridth@gmail.com>

* fix: zizmor.yml is not the default filename for super-linter

yaml extension needed

Signed-off-by: jmeridth <jmeridth@gmail.com>

* fix: move zizmor.yaml back into linters folder, default place super-linter checks

Signed-off-by: jmeridth <jmeridth@gmail.com>

* fix: add trivy config file to ignore mypy_cache

Signed-off-by: jmeridth <jmeridth@gmail.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: jmeridth <jmeridth@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: jmeridth <jmeridth@gmail.com>
    @dependabot @jmeridth
    dependabot[bot] and jmeridth authored Sep 11, 2025
    Configuration menu
    Copy the full SHA
    a274afd View commit details
    Browse the repository at this point in the history
Loading