Skip to content

⚠️ CONFLICT! Lineage pull request for: skeleton#39

Merged
jsf9k merged 48 commits into
developfrom
lineage/skeleton
Jan 20, 2026
Merged

⚠️ CONFLICT! Lineage pull request for: skeleton#39
jsf9k merged 48 commits into
developfrom
lineage/skeleton

Conversation

@cisagovbot

@cisagovbot cisagovbot commented Nov 19, 2025
edited by jsf9k
Loading

Copy link
Copy Markdown

Lineage Pull Request: CONFLICT

Achtung!!!

Lineage has created this pull request to incorporate new changes found in an upstream repository:

Upstream repository: https://github.com/cisagov/skeleton-generic.git
Remote branch: HEAD

Check the changes in this pull request to ensure they won't cause issues with your project.

The lineage/skeleton branch has one or more unresolved merge conflicts that you must resolve before merging this pull request!

How to resolve the conflicts

  1. Take ownership of this pull request by removing any other assignees.

  2. Clone the repository locally, and reapply the merge:

    git clone git@github.com:cisagov/skeleton-aws-lambda-python.git skeleton-aws-lambda-python
cd skeleton-aws-lambda-python
git remote add skeleton https://github.com/cisagov/skeleton-generic.git
git remote set-url --push skeleton no_push
git switch develop
git switch --create lineage/skeleton --track origin/develop
git pull skeleton HEAD
git status

  3. Review the changes displayed by the status command. Fix any conflicts and possibly incorrect auto-merges.

  4. After resolving each of the conflicts, add your changes to the branch, commit, and push your changes:

    git add README.md 
git commit
git push --force --set-upstream origin lineage/skeleton

    Note that you may append to the default merge commit message that git creates for you, but please do not delete the existing content. It provides useful information about the merge that is being performed.

  5. Wait for all the automated tests to pass.

  6. Confirm each item in the "Pre-approval checklist" below.

  7. Remove any of the checklist items that do not apply.

  8. Ensure every remaining checkbox has been checked.

  9. Mark this draft pull request "Ready for review".

✅ Pre-approval checklist

  • ✌️ The conflicts in this pull request have been resolved.
  • All relevant type-of-change labels have been added.
  • All new and existing tests pass.

Note

You are seeing this because one of this repository's maintainers has configured Lineage to open pull requests.

For more information:

🛠 Lineage configurations for this project are stored in .github/lineage.yml

📚 Read more about Lineage

dependabot Bot and others added 30 commits October 13, 2025 18:01
@dependabot
Bump github/codeql-action from 3 to 4
59f893b 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v3...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@mcdonnnj
Remove an unnecessary permission from the PR label workflow
a44c47d 
There should be no reason for the actions/labeler action to create new
labels so we can remove the permission that would allow this to occur.
@jsf9k
Add a license badge
629a0cc
@mcdonnnj
Update the color used for the python label
e133119 
This updates the existing color, which was pulled from the Python logo,
to the color used in the Python website's CSS for the "Python" item in
the site's top menu.
@mcdonnnj
Update the color used for the javascript label
15771ca 
This reflects the value defined by JSConf and used in their
unofficially official logo for JS.
@mcdonnnj
Update the color used for the typescript label
a7eeb15 
This reflects the color of the logo from the TypeScript branding page
at https://www.typescriptlang.org/branding/.
@mcdonnnj
Update the color used for the ansible label
fb7a736 
This mirrors the value used as a background for the mango Ansible
community mark logo found in the ansible/logos repository.
@mcdonnnj
Update the color used for the docker label
5503151 
This is the "Moby Blue" primary color as defined in the Docker brand
guidelines color section found at
https://www.docker.com/company/newsroom/media-resources/.
@mcdonnnj
Add a label and auto-label configuration for shell scripts
dc0d9a0 
Since we use shell scripts throughout our projects it makes sense to
have a dedicated label.
@jsf9k
Remove needless blank line
586af7c
@mcdonnnj @dav3r
Improve a labeler configuration's explanatory comment
8b5f6d2 
Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
@jsf9k
Rename .flake8 to pyproject.toml and update syntax
ad708bd 
We can configure all our Python tooling in a single pyproject.toml
file.

Note that using pyproject.toml to configure flake8 requires the
addition of the flake8-pyproject Python library.
@jsf9k
Add flake8-pyproject as an additional dependency of the flake8 pre-co…
2a3bb8b 
…mmit hook

This will ensure that, even when run as a pre-commit hook, flake8
reads its configuration from the pyproject.toml file.
@jsf9k
Move isort config to pyproject.toml file
a70cf3c
@jsf9k
Add pyproject.toml as a trigger for the test label
c1861e6 
Also remove .flake8 and .isort.cfg as triggers for the same label.
@jsf9k
Remove the .bandit.yml file
22c6f40 
This file was doing nothing due to its contents.
@jsf9k
Pin the flake8-pyproject dependency in the pre-commit configuration
15cb601 
The flake8-docstrings dependency is pinned, so this one should be too.
@jsf9k
Remove flake8-pyproject dependency from requirements-test.txt
bc6bf8c 
flake8 itself isn't installed here, so this dependency shouldn't be
either.  This jibes with the fact that we don't install
flake8-docstrings (another dependency of the flake8 pre-commit hook)
into the virtual environment either.
@jsf9k
Upgrade pre-commit hooks via pre-commit autoupdate
c7c0c0a
@jsf9k
Merge pull request #227 from cisagov/improvement/remove_unneeded_perm…
056d2e1 
…ission

Remove an unnecessary permission from the PR label workflow
@jsf9k
Merge pull request #228 from cisagov/documentation/add-license-badge
895ff4f 
Add a license badge
@jsf9k
Merge pull request #229 from cisagov/improvement/update_label_colors
049543f 
Update some label color choices
@jsf9k
Merge pull request #231 from cisagov/improvement/add_label_configurat…
be1d94a 
…ion_for_shell_scripts

Add a label and auto-label configuration for shell scripts
@jsf9k
Merge pull request #235 from cisagov/improvement/move-flake8-config-t…
4a1bb4d 
…o-pyproject-toml

Move all Python tool configs to `pyproject.toml`
@jsf9k
Merge pull request #237 from cisagov/improvement/update-pre-commit-hooks
eed01ea 
Upgrade `pre-commit` hooks via `pre-commit autoupdate`
@jsf9k
Merge pull request #226 from cisagov/dependabot/github_actions/github…
8cb611d 
…/codeql-action-4

Bump github/codeql-action from 3 to 4
@mcdonnnj @jsf9k
Add a CodeQL badge to the README
2d88e72 
We added a CodeQL configuration in #202 but did not add a badge.
@jsf9k
Merge pull request #230 from cisagov/improvement/add_codeql_badge
7f52b02 
Add a CodeQL badge to the README
@jsf9k
Update Bandit pre-commit hook
2759cc5 
The 1.9.0 release of Bandit was flawed due to a failure of the GHA
workflows that publish to PyPI and Test PyPI.  The 1.9.1 release
resolved the issue.
@jsf9k
Merge pull request #238 from cisagov/improvement/update-bandit
f186c74 
Update `bandit` `pre-commit` hook
@github-project-automation github-project-automation Bot moved this from Review in progress to Reviewer approved in Skeleton Maintenance Nov 19, 2025
dependabot Bot and others added 12 commits November 24, 2025 18:37
@dependabot
Bump actions/checkout from 5 to 6
03c0189 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@jsf9k
Upgrade the ansible-line pre-commit hook
504da27 
This is necessary for cisagov/skeleton-ansible-role#243 (Fedora 43
support).  See here for more details about this release:
https://github.com/ansible/ansible-lint/releases/tag/v25.11.1
@jsf9k
Add --py310-plus argument to pyupgrade
951238c 
Python 3.10 is currently the oldest non-EOL version of Python, so we
want to apply all rules that apply to this version or later.  See here
for more details:
https://www.gyford.com/phil/writing/2025/08/26/how-to-use-pyupgrade/
@jsf9k
Remove comments that are no longer relevant
d2fb5c3
@jsf9k
Pin ansible-core to 2.17.7 or later
538a953 
ansible-core<2.17.7 suffers from GHSA-99w6-3xph-cx78.
@jsf9k
Merge pull request #242 from cisagov/improvement/add-argument-for-pyu…
7b01d4b 
…pgrade

Add `--py310-plus` argument to `pyupgrade` `pre-commit` hook
@jsf9k
Merge pull request #241 from cisagov/improvement/upgrade-ansible-lint…
eadac91 
…-pre-commit-hook

Upgrade the `ansible-lint` `pre-commit` hook
@jsf9k
Merge pull request #240 from cisagov/dependabot/github_actions/action…
2f14595 
…s/checkout-6

Bump actions/checkout from 5 to 6
@jsf9k
Merge pull request #243 from cisagov/improvement/pin-ansible-core
aacda2e 
Pin `ansible-core` to 2.17.7 or later
@jsf9k
Merge remote-tracking branch 'skeleton/develop' into lineage/skeleton
c8112bf
@jsf9k
Update actions/checkout to v6 in two more places
4a19d04
@jsf9k
Update type hints
3abb5ef 
This gets rid of some errors from our pyupgrade pre-commit hook.
@jsf9k jsf9k requested a review from felddy as a code owner January 16, 2026 19:58
@jsf9k jsf9k moved this from Reviewer approved to Review in progress in Skeleton Maintenance Jan 16, 2026
@github-actions github-actions Bot added the python Pull requests that update Python code label Jan 16, 2026
@jsf9k jsf9k requested a review from dav3r January 16, 2026 20:06
@github-project-automation github-project-automation Bot moved this from Review in progress to Reviewer approved in Skeleton Maintenance Jan 16, 2026
@jsf9k
Rename Docker composition config
5474af8 
compose.yml is now preferred over docker-compose.yml.
@github-actions github-actions Bot added the docker Pull requests that update Docker code label Jan 16, 2026
@jsf9k
Fully specify the base Docker images being used
5edcf53 
This aligns with what is being done in cisagov/skeleton-docker.
dav3r
dav3r approved these changes Jan 20, 2026
View reviewed changes

@dav3r dav3r left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 👍

@jsf9k jsf9k added this pull request to the merge queue Jan 20, 2026
Merged via the queue into develop with commit 5b1444a Jan 20, 2026
19 checks passed
@jsf9k jsf9k deleted the lineage/skeleton branch January 20, 2026 18:50
@github-project-automation github-project-automation Bot moved this from Reviewer approved to Done in Skeleton Maintenance Jan 20, 2026
@github-project-automation github-project-automation Bot moved this from In Progress to Done in Next Kraken Jan 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jsf9k jsf9k jsf9k approved these changes

@dav3r dav3r dav3r approved these changes

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

@felddy felddy Awaiting requested review from felddy felddy is a code owner

Assignees

@jsf9k jsf9k

Labels

dependencies Pull requests that update a dependency file docker Pull requests that update Docker code documentation This issue or pull request improves or adds to documentation github-actions Pull requests that update GitHub Actions code kraken 🐙 This pull request is ready to merge during the next Lineage Kraken release python Pull requests that update Python code upstream update This issue or pull request pulls in upstream updates

Projects

Next Kraken
Status: Done
Skeleton Maintenance
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@cisagovbot @jsf9k @dav3r @mcdonnnj