Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: github-community-projects/contributors
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v2.0.15
Choose a base ref
...
head repository: github-community-projects/contributors
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v2.0.16
Choose a head ref
  • 9 commits
  • 18 files changed
  • 3 contributors

Commits on May 25, 2026

  1. chore(deps): bump types-requests from 2.33.0.20260508 to 2.33.0.20260513 

    Bumps [types-requests](https://github.com/python/typeshed) from 2.33.0.20260508 to 2.33.0.20260513.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-requests
  dependency-version: 2.33.0.20260513
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored May 25, 2026
    Configuration menu
    Copy the full SHA
    99c8ef7 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #487 from github-community-projects/dependabot/uv/… 

    …types-requests-2.33.0.20260513
    @zkoppert
    zkoppert authored May 25, 2026
    Configuration menu
    Copy the full SHA
    2fe4d4c View commit details
    Browse the repository at this point in the history

  3. chore(deps): bump the dependencies group across 1 directory with 3 up… 

    …dates (#486)
    @dependabot
    dependabot[bot] authored May 25, 2026
    Configuration menu
    Copy the full SHA
    9b0cb48 View commit details
    Browse the repository at this point in the history

  4. chore(deps): bump the dependencies group with 3 updates (#485)

    @dependabot
    dependabot[bot] authored May 25, 2026
    Configuration menu
    Copy the full SHA
    67557c9 View commit details
    Browse the repository at this point in the history

Commits on May 27, 2026

  1. chore(deps): bump python in the dependencies group (#484) 

    Bumps the dependencies group with 1 update: python.


Updates `python` from 3.14.0-slim to 3.14.5-slim

---
updated-dependencies:
- dependency-name: python
  dependency-version: 3.14.5-slim
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 27, 2026
    Configuration menu
    Copy the full SHA
    42c69a8 View commit details
    Browse the repository at this point in the history

Commits on Jun 3, 2026

  1. chore(deps): bump the dependencies group with 4 updates (#488) 

    Bumps the dependencies group with 4 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [github/codeql-action](https://github.com/github/codeql-action), [github-community-projects/contributors](https://github.com/github-community-projects/contributors) and [actions/stale](https://github.com/actions/stale).


Updates `step-security/harden-runner` from 2.19.3 to 2.19.4
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@ab7a940...9af89fc)

Updates `github/codeql-action` from 4.35.5 to 4.36.0
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@9e0d7b8...7211b7c)

Updates `github-community-projects/contributors` from 2.0.13 to 2.0.15
- [Release notes](https://github.com/github-community-projects/contributors/releases)
- [Commits](4eab98a...4fda46a)

Updates `actions/stale` from 10.2.0 to 10.3.0
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@b5d41d4...eb5cf3a)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.19.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-version: 4.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github-community-projects/contributors
  dependency-version: 2.0.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: actions/stale
  dependency-version: 10.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jun 3, 2026
    Configuration menu
    Copy the full SHA
    d7f6716 View commit details
    Browse the repository at this point in the history

  2. chore(deps): bump black from 26.5.0 to 26.5.1 in the dependencies gro… 

    …up (#489)

Bumps the dependencies group with 1 update: [black](https://github.com/psf/black).


Updates `black` from 26.5.0 to 26.5.1
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](psf/black@26.5.0...26.5.1)

---
updated-dependencies:
- dependency-name: black
  dependency-version: 26.5.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jun 3, 2026
    Configuration menu
    Copy the full SHA
    6e96d3f View commit details
    Browse the repository at this point in the history

Commits on Jun 4, 2026

  1. chore(deps): bump types-requests from 2.33.0.20260513 to 2.33.0.20260… 

    …518 (#490)
    @dependabot
    dependabot[bot] authored Jun 4, 2026
    Configuration menu
    Copy the full SHA
    7f041ed View commit details
    Browse the repository at this point in the history

  2. fix: handle null repositoryOwner and dict-shaped commit author (#494) 

    * fix: handle null repositoryOwner and dict-shaped commit author

Relates to #493
Relates to #492

## What

Guard get_sponsor_information against a null repositoryOwner returned by
the GraphQL `... on User` fragment, and guard get_contributors against
github3.py leaving commit.author (or a repo.contributors() entry) as a
raw dict instead of a ShortUser. Document GitHub Discussions cross-repo
token requirements in the README.

## Why

The monthly contributor report crashed with "'NoneType' object is not
subscriptable" whenever a contributor login resolved to an Organization,
a deleted/renamed user, or any non-User entity, because the fragment
returns null for non-User logins. Before that fatal error, get_contributors
was already silently failing per-repo with "'dict' object has no attribute
'login'" whenever github3.py surfaced an author payload without a matching
GitHub user. Both stop the workflow from producing the report. The README
note addresses issue #492: GITHUB_TOKEN cannot create discussions in a
foreign repository regardless of declared permissions.

## Notes

- avatars/counts dicts are now typed explicitly; this is what unblocked
  mypy after switching to getattr-based attribute reads.
- get_contributors falls through silently on dict/None authors rather than
  raising into the existing broad-except. That preserves partial output
  for the repository instead of returning None for the whole repo.
- README change is documentation-only; it does not alter the existing
  workflow examples that target the same repo (issues, not discussions).

Signed-off-by: jmeridth <jmeridth@gmail.com>

* test: assert no print on user-without-login path

Relates to #494 (comment)

## What

Wrap test_get_contributors_no_commit_end_date_skips_user_without_login
in patch("builtins.print") and assert mock_print.assert_not_called(),
matching the assertion already present on test_get_contributors_skips_dict_author.

## Why

Pins down that the user-without-login skip happens via the explicit
`continue`, not by raising into the broad-except branch that logs an
error and returns None for the whole repo. Without this assertion a
future regression that swaps getattr() back to user.login could pass
silently because the except would swallow the AttributeError.

## Notes

- No production code change; assertion only.

Co-authored-by: Zack Koppert <zkoppert@github.com>
Signed-off-by: jmeridth <jmeridth@gmail.com>

---------

Signed-off-by: jmeridth <jmeridth@gmail.com>
Co-authored-by: Zack Koppert <zkoppert@github.com>
    @jmeridth @zkoppert
    jmeridth and zkoppert authored Jun 4, 2026
    Configuration menu
    Copy the full SHA
    cc2aed6 View commit details
    Browse the repository at this point in the history
Loading