Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support pre-commit #1524

Open
klane opened this issue Nov 20, 2019 · 14 comments
Open

Support pre-commit #1524

klane opened this issue Nov 20, 2019 · 14 comments
Labels
Keep Exempt this from being marked by stalebot T: feature-request Requests for new features

Comments

@klane
Copy link

klane commented Nov 20, 2019

First off thank you for Dependabot! I am using it in several repos and am very happy with the results.

I use pre-commit in my CI to run various hooks for linting files. A typical .pre-commit-config.yaml file might look like:

repos:
  - repo: https://github.com/psf/black
    rev: 19.10b0
    hooks:
      - id: black
        language_version: python3.7
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v2.4.0
    hooks:
      - id: flake8
      - id: end-of-file-fixer
      - id: mixed-line-ending
      - id: trailing-whitespace

While there are hooks for multiple languages, pre-commit itself is written in Python. Could Dependabot's Python support be updated to include pre-commit? The CLI already has an autoupdate command to update versions in the config file. Individual hooks can be updated with the --repo flag.
@rebelagentm rebelagentm added the T: feature-request Requests for new features label Nov 20, 2019
@hugovk
Copy link

hugovk commented May 17, 2020

Duplicate of https://github.com/dependabot/feedback/issues/839.

@hugovk hugovk mentioned this issue May 17, 2020
Merged
@bachya
Copy link

bachya commented May 17, 2020

@hugovk You say this is a duplicate of https://github.com/dependabot/feedback/issues/839, but in that ticket, you also say that it is a duplicate of this one. Which one is the source of truth?

@sfdye

This comment was marked as off-topic.

Sign in to view
@sfdye sfdye mentioned this issue Jul 19, 2020
Open
@infin8x infin8x added T: new-ecosystem Requests for new ecosystems/languages and removed T: feature-request Requests for new features labels Jul 20, 2020
@slafs
Copy link

slafs commented Nov 2, 2020

As mentioned in #2040 already, this issue isn't exactly the same as #2040.

This one here is about getting support for pre-commit hook/repos version updates (similar to pre-commit autoupdate).

While #2040 is asking for additional_dependencies sections within .pre-commit-config.yaml get updated just like setup.py and requirements.txt do.

@BeyondEvil
Copy link

Any news on this?

@BeyondEvil BeyondEvil mentioned this issue Dec 13, 2020
Merged
@nijel
Copy link

nijel commented Dec 13, 2020

@BeyondEvil The pre-commit updates can be achieved via https://pre-commit.ci/

@BeyondEvil
Copy link

@BeyondEvil The pre-commit updates can be achieved via https://pre-commit.ci/

Thanks @nijel! I guess I can try to sync so dependabot and pre-commit runs the same time.

@gnikonorov gnikonorov mentioned this issue Dec 13, 2020
Closed
@jurre
Copy link
Member

jurre commented Dec 23, 2020

Any news on this?

Currently not on our roadmap. I'd suggest (for now at least) setting up an action (or any other CI job really) that runs after Dependabot that does any of this linting. We may revisit this in the future, but that's my best suggestion.

PS: If you decide to go this route, you may want to configure that action/ci job to commit using the [dependabot skip] tag, as that will ensure Dependabot will still automatically rebase/recreate the PR.

@guettli
Copy link

guettli commented Feb 5, 2021

Sad to hear that you don't work on this. Here is a work-around: https://browniebroke.com/blog/gh-action-pre-commit-autoupdate/

@lukpueh lukpueh mentioned this issue Mar 15, 2021
Merged
3 tasks
@fizyk fizyk mentioned this issue May 31, 2021
Merged
@joro75 joro75 mentioned this issue Oct 3, 2021
Closed
@jenstroeger jenstroeger mentioned this issue Oct 13, 2021
Merged
@kchason kchason mentioned this issue Mar 29, 2022
Merged
@xmatthias xmatthias mentioned this issue Apr 11, 2022
Closed
@paddyroddy paddyroddy mentioned this issue Jun 9, 2022
Merged
@eddiebergman eddiebergman mentioned this issue Jul 11, 2022
Closed
@StevenMaude StevenMaude mentioned this issue Sep 6, 2022
Open
@beniwohli beniwohli mentioned this issue Oct 6, 2022
Merged
@kairoaraujo kairoaraujo mentioned this issue Oct 25, 2022
Merged
@rmartin16 rmartin16 mentioned this issue Nov 19, 2022
Merged
4 tasks
@JacobCallahan
Copy link

@jurre we're coming up on the two-year anniversary since your update and passed 3 years since this was first filed. Is this on the current roadmap or should everyone just use external tools for pre-commit dependency management? Thanks!

@gtronset gtronset mentioned this issue Dec 20, 2022
Merged
@abdulapopoola abdulapopoola added T: feature-request Requests for new features and removed T: new-ecosystem Requests for new ecosystems/languages labels Mar 28, 2023
@abdulapopoola abdulapopoola moved this to Untriaged in Dependabot Mar 30, 2023
@devanubis devanubis mentioned this issue Oct 30, 2023
Merged
@EwoutH
Copy link

EwoutH commented Oct 30, 2023

What's the current status of this issue? It would be amazing to have Dependabot support pre-commit configurations, as an alternative to pre-commit.ci.

@EwoutH EwoutH mentioned this issue Oct 30, 2023
Open
@zanieb zanieb mentioned this issue Nov 1, 2023
Closed
@bswck bswck mentioned this issue Feb 4, 2024
Open
elcorto added a commit to elcorto/psweep that referenced this issue Feb 22, 2024
@elcorto
BLD: remove pre-commit.ci config
77afced 
Apart from autofix_commit_msg we use all the defaults (esp.
autofix_prs=true) for now. I think we can live with the default
autofix_commit_msg as well. So make our life easier and remove the
config.

pre-commit.ci doesn't need any config in .pre-commit-config.yaml
to work. We activate it by

* go to https://pre-commit.ci/
* choose "Sign in with Github"
  (https://results.pre-commit.ci/login/github)
* choose "add an installation" (1st time setup) or "manage repos on github"
* activate for some or all repos

To re-iterate why we use pre-commit.ci:

* Actually we only wanted a way to autoupdate hooks automatically (like
  running 'pre-commit autoupdate'). Github's dependabot doesn't do this
  (dependabot/dependabot-core#1524).
* We did not know/care about the fact that pre-commit.ci's main goal is
  to actually format PRs. We like to test this, so we keep the default
  config (autofix_prs=true).
@jorenham
Copy link

jorenham commented Mar 7, 2024

It would be of great help to have this. Are there any plans to implement it?

@maxArturo maxArturo mentioned this issue Mar 18, 2024
Merged
@lenvm lenvm mentioned this issue Mar 24, 2024
Merged
elcorto added a commit to elcorto/psweep that referenced this issue Apr 24, 2024
@elcorto
MNT: resolve ruff version sync issues
d24ddd8 
Remove ruff dep from pyproject.toml, since that will be installed

* by pre-commit anyway locally if used
* in CI where it is used to run lint and format checks

Now we make sure that we install the pre-commit ruff version in CI to
have one source of truth for the version.

Hopefully dependabot will support .pre-commit-config.yaml
(dependabot/dependabot-core#1524) some day.
For now we use pre-commit.ci or manual pre-commit autoupdate.
elcorto added a commit to elcorto/psweep that referenced this issue Apr 24, 2024
@elcorto
MNT: resolve ruff version sync issues
6762b5e 
Remove ruff dep from pyproject.toml, since that will be installed

* by pre-commit anyway locally if used
* in CI where it is used to run lint and format checks

Now we make sure that we install the pre-commit ruff version in CI to
have one source of truth for the version.

Hopefully dependabot will support .pre-commit-config.yaml
(dependabot/dependabot-core#1524) some day.
For now we use pre-commit.ci or manual pre-commit autoupdate.
This was referenced Apr 25, 2024
Merged
Open
@jonjanego jonjanego added the Keep Exempt this from being marked by stalebot label May 2, 2024
@hf-kklein hf-kklein mentioned this issue May 7, 2024
Open
@Peiffap Peiffap mentioned this issue Jun 7, 2024
Closed
@weiji14 weiji14 mentioned this issue Jun 10, 2024
Merged
8 tasks
@griff-rees griff-rees mentioned this issue Jun 19, 2024
Open
@wyardley
Copy link

side note that Renovate does have (experimental, but very functional) support for pre-commit:
https://docs.renovatebot.com/modules/manager/pre-commit/

It would be nice if dependabot supported it as well, especially for cases where a tool has both a pre-commit hook and a version in some versioned thing that dependabot does support.

@wyardley wyardley mentioned this issue Jun 25, 2024
Closed
@lkstrp lkstrp mentioned this issue Jun 28, 2024
Closed
@Segelzwerg Segelzwerg mentioned this issue Jul 3, 2024
Open
@tekumara tekumara mentioned this issue Jul 13, 2024
Merged
tekumara added a commit to seek-oss/aec that referenced this issue Jul 13, 2024
@tekumara
chore: align with python-typed-template (#464)
50a53a8 
align with
[python-typed-template](https://github.com/tekumara/python-typed-template/tree/518252bdc6eaa21043b929e074a03c1da6126db2)

ruff is now installed into the venv rather than as a pre-commit hook,
reversing #443 and reintroducing knowledge of .venv into
.pre-commit-config.yaml. This is advantageous until [Dependabot supports
updating pre-commit
hooks](dependabot/dependabot-core#1524) and
also means `ruff check .` can be run locally.

toast: install hooks during install step so they are cached
@weiji14 weiji14 mentioned this issue Aug 27, 2024
Merged
@xylar xylar mentioned this issue Sep 30, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Keep Exempt this from being marked by stalebot T: feature-request Requests for new features
Projects
Dependabot
Status: Planned
Milestone
No milestone
Development

No branches or pull requests