← 返回首页
Improve CI infrastructure for pre-commit by EliahKagan · Pull Request #2110 · gitpython-developers/GitPython · GitHub
Skip to content

Navigation Menu

Toggle navigation
Sign in
Appearance settings
Search or jump to...

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted
Cancel Submit feedback

Saved searches

Use saved searches to filter your results more quickly

Cancel Create saved search
Appearance settings
Resetting focus

Improve CI infrastructure for pre-commit#2110

Merged
EliahKagan merged 2 commits into
gitpython-developers:mainfrom
EliahKagan:pre-commit-infra
Mar 9, 2026
Merged

Improve CI infrastructure for pre-commit#2110
EliahKagan merged 2 commits into
gitpython-developers:mainfrom
EliahKagan:pre-commit-infra

Conversation

Copy link
Copy Markdown
Member

EliahKagan commented Mar 9, 2026
edited
Loading

On CI, the pre-commit job has two shortcomings:

  • It runs on a machine far more powerful than necessary, since anything slow should not be done in pre-commit at all (since some developers may run pre-commit locally).
  • We've haven't been using any automated means of keeping the pre-commit hook versions up to date, and as a results some of them are quite old. This includes ruff. (There is an external integration that can keep pre-commit hooks up to date on GitHub, but it requires providing access to the repository to an external service. This is sometimes a tradeoff worth making, but it's one we've avoided doing here for this purpose, I think rightly.)

These have both become easier to address recently:

  • A lighter-weight ubuntu-slim runner is available. Running it on that should work as well and be as fast, and give an indication that we're doing too much in pre-commit if that is ever not the case. It also frees up an ubuntu-latest runner, potentially making CI finish slightly earlier in some PRs where there have been a lot of pushes.
  • Dependabot now supports pre-commit as a beta ecosystem, so it can keep them up to date. I've tested this in my fork; the resulting grouped PR looks like EliahKagan#5. It's not ideal that the ecosystem is still in beta, but I think it's worth using--and if it turns out to have bugs I haven't yet observed, then this is an oppportunity for me to report them.

This PR uses the ubuntu-slim runner to run pre-commit on CI, and enables Dependabot version updates for pre-commit hooks.

Run the the pre-commit CI job on ubuntu-slim
078f351
The `ubuntu-slim` runner is lighter weight, being a container rather than using a whole VM, and having only one vCPU, less RAM, and a 15 minute time limit. It's not suitable for most of our CI jobs in GitPython, but it should work well for our `pre-commit` checks. (If it doesn't, that's reason to suspect they might be better removed from `pre-commit` and run in a different way.) - https://github.blog/changelog/2026-01-22-1-vcpu-linux-runner-now-generally-available-in-github-actions/ - https://github.com/actions/runner-images/blob/main/images/ubuntu-slim/ubuntu-slim-Readme.md
Keep pre-commit hooks up to date using Dependabot
35db809
- Add `pre-commit` as an ecosystem for Dependabot version updates, now that it is available as a beta ecosystem. Enable beta ecosystems to allow this. - Group the updates and use a monthly cadence to avoid getting swamped by frequent automated PRs. - It would be valuable in the future to Use a 7-day cooldown period rather than taking new versions immediately once released. (This may also be of value to developers who use `pre-commit` locally.) However, this doesn't do that, since the Dependabot ecosystem for `pre-commit` does not currently support `cooldown`. - Use a less busy style (less unnecessary quoting) than was being used in `dependabot.yml` before, since this new stanza is more elaborate than before. Apply that style to the existing stanzas for consistency.
EliahKagan requested a review from Copilot March 9, 2026 19:34
Copilot AI reviewed Mar 9, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Low Quality Hide comment

Pull request overview

Adjusts CI configuration to make the pre-commit lint job run on a lighter runner and enables Dependabot updates for pre-commit hook versions, keeping hook tooling (e.g., ruff) current without relying on external integrations.

Changes:

  • Switch lint workflow job runner from ubuntu-latest to ubuntu-slim.
  • Enable Dependabot beta ecosystems and add grouped monthly updates for pre-commit hooks.
  • Minor YAML normalization in Dependabot config (remove unnecessary quoting).

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
.github/workflows/lint.yml Moves the lint job to ubuntu-slim to reduce CI resource usage for pre-commit.
.github/dependabot.yml Enables beta ecosystems and adds pre-commit ecosystem updates grouped into a single PR.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

EliahKagan commented Mar 9, 2026
View reviewed changes
Copy link
Copy Markdown
Member Author

EliahKagan left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Low Quality Hide comment

Note that this PR (intentionally) does not upgrade any actual pre-commit hooks. Dependabot should open a PR to do that once this merges.

EliahKagan marked this pull request as ready for review March 9, 2026 19:44
Hide details View details EliahKagan merged commit 9e6954c into gitpython-developers:main Mar 9, 2026
31 checks passed
EliahKagan deleted the pre-commit-infra branch March 9, 2026 19:45
736-c41-2c1-e464fc974 pushed a commit to Swiss-Armed-Forces/Loom that referenced this pull request Apr 27, 2026
chore(deps): update dependency gitpython to v3.1.47
20381c1
This MR contains the following updates: | Package | Type | Update | Change | OpenSSF | |---|---|---|---|---| | [gitpython](https://github.com/gitpython-developers/GitPython) | dev | patch | `3.1.46` → `3.1.47` | [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/gitpython-developers/GitPython/badge)](https://securityscorecards.dev/viewer/?uri=github.com/gitpython-developers/GitPython) | --- ### Release Notes <details> <summary>gitpython-developers/GitPython (gitpython)</summary> ### [`v3.1.47`](https://github.com/gitpython-developers/GitPython/releases/tag/3.1.47): - with security fixes [Compare Source](gitpython-developers/GitPython@3.1.46...3.1.47) #### Advisories - <GHSA-rpm5-65cw-6hj4> - <GHSA-x2qx-6953-8485> #### What's Changed - Prepare next release by [@&#8203;Byron](https://github.com/Byron) in [#&#8203;2095](gitpython-developers/GitPython#2095) - Bump git/ext/gitdb from `335c0f6` to `4c63ee6` by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2096](gitpython-developers/GitPython#2096) - DOC: README Add urls and updated a relative url by [@&#8203;Timour-Ilyas](https://github.com/Timour-Ilyas) in [#&#8203;2098](gitpython-developers/GitPython#2098) - Fix GitConfigParser ignoring multiple \[include] path entries by [@&#8203;daniel7an](https://github.com/daniel7an) in [#&#8203;2100](gitpython-developers/GitPython#2100) - Switch back from Alpine to Debian for WSL by [@&#8203;EliahKagan](https://github.com/EliahKagan) in [#&#8203;2108](gitpython-developers/GitPython#2108) - Bump git/ext/gitdb from `4c63ee6` to `5c1b303` by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2106](gitpython-developers/GitPython#2106) - Run `gc.collect()` twice in `test_rename` on Python 3.12 by [@&#8203;EliahKagan](https://github.com/EliahKagan) in [#&#8203;2109](gitpython-developers/GitPython#2109) - fix: guard AutoInterrupt terminate during interpreter shutdown by [@&#8203;lweyrich1](https://github.com/lweyrich1) in [#&#8203;2105](gitpython-developers/GitPython#2105) - Improve CI infrastructure for pre-commit by [@&#8203;EliahKagan](https://github.com/EliahKagan) in [#&#8203;2110](gitpython-developers/GitPython#2110) - Bump the pre-commit group with 5 updates by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2111](gitpython-developers/GitPython#2111) - Upgrade Sphinx for 3.14 support; drop doc build support on 3.8; test 3.14 by [@&#8203;EliahKagan](https://github.com/EliahKagan) in [#&#8203;2112](gitpython-developers/GitPython#2112) - Fix `Repo.active_branch` resolution for reftable-backed repositories by [@&#8203;Copilot](https://github.com/Copilot) in [#&#8203;2114](gitpython-developers/GitPython#2114) - docs: warn about GitDB performance with large commits by [@&#8203;mvanhorn](https://github.com/mvanhorn) in [#&#8203;2115](gitpython-developers/GitPython#2115) - cmd: fix kwarg formatting in docstring example by [@&#8203;UweSchwaeke](https://github.com/UweSchwaeke) in [#&#8203;2117](gitpython-developers/GitPython#2117) - Bump <https://github.com/astral-sh/ruff-pre-commit> from v0.15.5 to 0.15.8 in the pre-commit group by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2122](gitpython-developers/GitPython#2122) - Add trailer support for commit creation by [@&#8203;Krishnachaitanyakc](https://github.com/Krishnachaitanyakc) in [#&#8203;2116](gitpython-developers/GitPython#2116) - Harden commit trailer subprocess handling and align trailer I/O paths by [@&#8203;Copilot](https://github.com/Copilot) in [#&#8203;2125](gitpython-developers/GitPython#2125) - git.cmd.Git.execute(..): fix `with_stdout=False` by [@&#8203;ngie-eign](https://github.com/ngie-eign) in [#&#8203;2126](gitpython-developers/GitPython#2126) - Make sure that multi-options are checked after splitting them with `shlex` by [@&#8203;Byron](https://github.com/Byron) in [#&#8203;2130](gitpython-developers/GitPython#2130) - Block unsafe underscored git kwargs / Fix for GHSA-rpm5-65cw-6hj4 by [@&#8203;WesR](https://github.com/WesR) in [#&#8203;2131](gitpython-developers/GitPython#2131) #### New Contributors - [@&#8203;Timour-Ilyas](https://github.com/Timour-Ilyas) made their first contribution in [#&#8203;2098](gitpython-developers/GitPython#2098) - [@&#8203;daniel7an](https://github.com/daniel7an) made their first contribution in [#&#8203;2100](gitpython-developers/GitPython#2100) - [@&#8203;lweyrich1](https://github.com/lweyrich1) made their first contribution in [#&#8203;2105](gitpython-developers/GitPython#2105) - [@&#8203;Copilot](https://github.com/Copilot) made their first contribution in [#&#8203;2114](gitpython-developers/GitPython#2114) - [@&#8203;mvanhorn](https://github.com/mvanhorn) made their first contribution in [#&#8203;2115](gitpython-developers/GitPython#2115) - [@&#8203;UweSchwaeke](https://github.com/UweSchwaeke) made their first contribution in [#&#8203;2117](gitpython-developers/GitPython#2117) - [@&#8203;Krishnachaitanyakc](https://github.com/Krishnachaitanyakc) made their first contribution in [#&#8203;2116](gitpython-developers/GitPython#2116) - [@&#8203;ngie-eign](https://github.com/ngie-eign) made their first contribution in [#&#8203;2126](gitpython-developers/GitPython#2126) - [@&#8203;WesR](https://github.com/WesR) made their first contribution in [#&#8203;2131](gitpython-developers/GitPython#2131) **Full Changelog**: <gitpython-developers/GitPython@3.1.46...3.1.47> </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZSJdfQ==--> See merge request swiss-armed-forces/cyber-command/cea/loom!486 Co-authored-by: Loom MR Pipeline Trigger <group_103951964_bot_9504bb8dead6d4e406ad817a607f24be@noreply.gitlab.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Show hidden characters
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

Footer

© 2026 GitHub, Inc.