From 68064e2f89570296d71bef32bc88fa6c3ba121c8 Mon Sep 17 00:00:00 2001 From: "TEAM 4.0[bot]" Date: Wed, 29 Oct 2025 06:52:14 +0000 Subject: [PATCH 1/3] Update `pre-commit` hooks --- .pre-commit-config.yaml | 2 +- {{ cookiecutter.project_slug }}/.pre-commit-config.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 5548fed..83c4671 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -81,7 +81,7 @@ repos: # More information can be found in its documentation: # https://docs.astral.sh/ruff/ - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.14.1 + rev: v0.14.2 hooks: - id: ruff-check name: ruff diff --git a/{{ cookiecutter.project_slug }}/.pre-commit-config.yaml b/{{ cookiecutter.project_slug }}/.pre-commit-config.yaml index d7cc42d..83ad394 100644 --- a/{{ cookiecutter.project_slug }}/.pre-commit-config.yaml +++ b/{{ cookiecutter.project_slug }}/.pre-commit-config.yaml @@ -84,7 +84,7 @@ repos: # More information can be found in its documentation: # https://docs.astral.sh/ruff/ - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.14.1 + rev: v0.14.2 hooks: - id: ruff-check name: ruff From 52d78587b3f2c72c007ba9ffeddc1188073f55bb Mon Sep 17 00:00:00 2001 From: Casper Welzel Andersen Date: Wed, 29 Oct 2025 21:54:19 +0100 Subject: [PATCH 2/3] Temporarily use pip<25.3 due to pip-tools issue --- .github/utils/requirements.txt | 1 + .../.github/utils/requirements_ci.txt | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/utils/requirements.txt b/.github/utils/requirements.txt index a548fdf..bd227da 100644 --- a/.github/utils/requirements.txt +++ b/.github/utils/requirements.txt @@ -1,3 +1,4 @@ cookiecutter~=2.6 flit~=3.12 +pip<25.3 # temporary pip-tools~=7.5 diff --git a/{{ cookiecutter.project_slug }}/.github/utils/requirements_ci.txt b/{{ cookiecutter.project_slug }}/.github/utils/requirements_ci.txt index a9db422..5fdc317 100644 --- a/{{ cookiecutter.project_slug }}/.github/utils/requirements_ci.txt +++ b/{{ cookiecutter.project_slug }}/.github/utils/requirements_ci.txt @@ -1 +1,2 @@ +pip<25.3 # temporary pip-tools==7.5.1 From d767811cbeb92973e555a480d1ebac8e1c3b9abf Mon Sep 17 00:00:00 2001 From: Casper Welzel Andersen Date: Wed, 29 Oct 2025 21:57:12 +0100 Subject: [PATCH 3/3] Temporarily ignore pip 25.2 vulnerability --- .github/workflows/ci_tests.yml | 3 +++ {{ cookiecutter.project_slug }}/.github/workflows/ci_tests.yml | 3 +++ 2 files changed, 6 insertions(+) diff --git a/.github/workflows/ci_tests.yml b/.github/workflows/ci_tests.yml index 80cae59..e7636fe 100644 --- a/.github/workflows/ci_tests.yml +++ b/.github/workflows/ci_tests.yml @@ -96,3 +96,6 @@ jobs: uses: pypa/gh-action-pip-audit@v1.1.0 with: inputs: ${{ github.workspace }}/requirements.txt ${{ github.workspace }}/.github/utils/requirements.txt + # Temporarily ignore pip vulnerability until we can upgrade to pip 25.3+ + ignore-vulns: | + GHSA-4xh5-x5gv-qwph diff --git a/{{ cookiecutter.project_slug }}/.github/workflows/ci_tests.yml b/{{ cookiecutter.project_slug }}/.github/workflows/ci_tests.yml index 20c017f..9fb5d02 100644 --- a/{{ cookiecutter.project_slug }}/.github/workflows/ci_tests.yml +++ b/{{ cookiecutter.project_slug }}/.github/workflows/ci_tests.yml @@ -70,6 +70,9 @@ jobs: uses: pypa/gh-action-pip-audit@v1.1.0 with: inputs: ${{ runner.temp }}/requirements.txt + # Temporarily ignore pip vulnerability until we can upgrade to pip 25.3+ + ignore-vulns: | + GHSA-4xh5-x5gv-qwph pytest: name: pytest (${{ matrix.os[1] }}-py${{ matrix.python-version }})