pullrequests Search Results · repo:python/cherry-picker language:Python
Filter by
127 results (164 ms)
127 results
inpython/cherry-picker (press backspace or delete to remove)Yet another compromise via unpinned GitHub Actions: https://socket.dev/blog/bitwarden-cli-compromised
Let s hash-pin GHA for our PyPI packages.
Done via uvx gha-update, which also bumped some major versions. ...
hugovk
!--pre-commit.ci start-- updates:
- github.com/astral-sh/ruff-pre-commit: v0.14.10 → v0.15.9
- github.com/psf/black-pre-commit-mirror: 25.12.0 → 26.3.1
- github.com/python-jsonschema/check-jsonschema: ...
pre-commit-ci[bot]
Fixes https://github.com/python/cherry-picker/issues/100.
Sometimes cherry-picker fails and it really doesn t tell you why:
details summary Uninformative error /summary
❯ cherry_picker --continue
🐍 ...
Bumps actions/download-artifact from 7 to 8. details summary Release notes /summary p em Sourced from a href=
https://github.com/actions/download-artifact/releases actions/download-artifact s releases ...
dependencies
github_actions
dependabot[bot]
Similar to https://github.com/python/cpython/pull/141866
See https://blog.yossarian.net/2025/11/21/We-should-all-be-using-dependency-cooldowns
!--pre-commit.ci start-- updates:
- github.com/astral-sh/ruff-pre-commit: v0.13.3 → v0.14.10
- github.com/psf/black-pre-commit-mirror: 25.9.0 → 25.12.0
- github.com/python-jsonschema/check-jsonschema: ...
Similar to https://github.com/python/cpython/pull/143149, and add the zizmor security tool.
Bumps actions/download-artifact from 6 to 7. details summary Release notes /summary p em Sourced from a href=
https://github.com/actions/download-artifact/releases actions/download-artifact s releases ...
dependencies
github_actions
Bumps actions/checkout from 5 to 6. details summary Release notes /summary p em Sourced from a href=
https://github.com/actions/checkout/releases actions/checkout s releases /a . /em /p blockquote h2 v6.0.0 ...
dependencies
github_actions