build(deps-dev): bump pre-commit from 3.8.0 to 4.6.0#15
Conversation
dependabot
Bot
added
the
dependencies
PR SummaryLow Risk Overview Reviewed by Cursor Bugbot for commit 3608f94. Bugbot is set up for automated code reviews on this repo. Configure here. |
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 3.8.0 to 4.6.0. - [Release notes](https://github.com/pre-commit/pre-commit/releases) - [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md) - [Commits](pre-commit/pre-commit@v3.8.0...v4.6.0) --- updated-dependencies: - dependency-name: pre-commit dependency-version: 4.6.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/pip/pre-commit-4.6.0
branch
from
01787cf to
3608f94
Compare
Consolidates four Dependabot major-bump PRs. Each was individually reviewed against actual usage in the codebase and found low-risk: #13 flask-limiter 3.8.0 -> 4.1.1 Only uses Limiter(key_func=..., default_limits=...) and get_remote_address — both stable across 3.x -> 4.x. Smoke-tested orbit_agent.sms_server import: OK. #15 pre-commit 3.8.0 -> 4.6.0 Requires Python >=3.9; our matrix is 3.11/3.12. Config schema in .pre-commit-config.yaml is compatible as-is. #16 rich 13.7.1 -> 15.0.0 Only uses rich.console.Console and rich.table.Table in orbit_agent/cli.py — both stable. #18 gunicorn 22.0.0 -> 25.3.0 Used only via README's CLI example; no Python imports. Also syncs .pre-commit-config.yaml hook revs to match the repo's own pinned tool versions: black: 24.8.0 -> 26.3.1 ruff: 0.6.3 -> 0.15.11 Previously the hooks installed older black/ruff than the repo uses, which could produce different formatting locally vs in CI. Verified on Python 3.12: - pytest -q: 16/16 pass - ruff check .: clean - black --check .: clean - orbit_agent.sms_server imports cleanly with Flask-Limiter 4.x The 4 corresponding Dependabot PRs (#13, #15, #16, #18) will close automatically once this merges. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
Superseded by #21 (deps: batched major-version updates). All four majors are now on main; this PR is redundant. |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
1 participant
Rebasing might not happen immediately, so don't worry if this takes some time.
Note: if you make any changes to this PR yourself, they will take precedence over the rebase.
Bumps pre-commit from 3.8.0 to 4.6.0.
Release notes
Sourced from pre-commit's releases.
... (truncated)
Changelog
Sourced from pre-commit's changelog.
... (truncated)
Commits
f35134bv4.6.02a51ffcMerge pull request #3662 from pre-commit/hook-impl-optional-hook-dird7dee32make --hook-dir optional for hook-impl965aeb1Merge pull request #3661 from pre-commit/hook-impl-required2eacc06--hook-type is required for hook-implf5678bfMerge pull request #3657 from pre-commit/pre-commit-ci-update-config054cc5b[pre-commit.ci] pre-commit autoupdate5c0f302Merge pull request #3652 from pre-commit/pre-commit-ci-update-configa5d9114[pre-commit.ci] pre-commit autoupdate129a1f5Merge pull request #3641 from pre-commit/mxr-patch-1