dependabot[bot]
2915b93f0d
Bumps [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) from 0.5.2 to 0.5.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/zizmorcore/zizmor-action/releases">zizmorcore/zizmor-action's releases</a>.</em></p> <blockquote> <h2>v0.5.3</h2> <ul> <li><code>1.24.0</code> and <code>1.24.1</code> are now available via the action</li> <li><code>1.24.1</code> is now the default version of zizmor used by the action</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/b1d7e1fb5de872772f31590499237e7cce841e8e"><code>b1d7e1f</code></a> Sync zizmor versions (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/102">#102</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/a195b57475917ddcb70845e5ffe1c3a15dbbdedc"><code>a195b57</code></a> Sync zizmor versions (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/100">#100</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/629d5d01fe5939a6aeae25c1bd1acd2cfa28e9b2"><code>629d5d0</code></a> chore(deps): bump github/codeql-action in the github-actions group (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/99">#99</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/453d591467e8199b1d5c6883b6ec5c22a12aac72"><code>453d591</code></a> chore(deps): bump the github-actions group with 2 updates (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/98">#98</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/ea2c18b942410df0b22bed3b94c361c407518d45"><code>ea2c18b</code></a> Bump pins (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/97">#97</a>)</li> <li>See full diff in <a href="https://github.com/zizmorcore/zizmor-action/compare/71321a20a9ded102f6e9ce5718a2fcec2c4f70d8...b1d7e1fb5de872772f31590499237e7cce841e8e">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
ruff-action
A GitHub Action to run ruff.
This action is commonly used as a pass/fail test to ensure your repository stays
clean, abiding the rules specified in your
configuration. Though it runs ruff check by default, the action can do
anything ruff can (ex, fix).
Contents
- Usage
- Outputs
Usage
| Input | Description | Default |
|---|---|---|
version |
The version of Ruff to install. See Install specific versions | discovered from pyproject.toml, else latest |
version-file |
The file to read the version from. See Install a version from a specified version file | None |
manifest-file |
URL to a custom Ruff manifest in the astral-sh/versions format. |
None |
args |
The arguments to pass to the ruff command. See Configuring Ruff |
check |
src |
The directory or single files to run ruff on. |
github.workspace |
checksum |
The sha256 checksum of the downloaded artifact. | None |
github-token |
The GitHub token to use when downloading Ruff release artifacts from GitHub. | GITHUB_TOKEN |
By default, Ruff version metadata is resolved from the
astral-sh/versions Ruff manifest.
Basic
- uses: astral-sh/ruff-action@v3
Specify a different source directory
- uses: astral-sh/ruff-action@v3
with:
src: "./src"
Specify multiple files
- uses: astral-sh/ruff-action@v3
with:
src: >-
path/to/file1.py
path/to/file2.py
Use to install ruff
This action adds ruff to the PATH, so you can use it in subsequent steps.
- uses: astral-sh/ruff-action@v3
- run: ruff check --fix
- run: ruff format
By default, this action runs ruff check after installation.
If you do not want to run any ruff command but only install it,
you can use the args input to overwrite the default value (check):
- name: Install ruff without running check or format
uses: astral-sh/ruff-action@v3
with:
args: "--version"
Use ruff format
- uses: astral-sh/ruff-action@v3
with:
args: "format --check --diff"
Install specific versions
By default this action searches upward from src until the workspace root to find the nearest
pyproject.toml and determine the Ruff version to install. If no pyproject.toml file is found,
or no Ruff version is defined in project.dependencies, project.optional-dependencies,
dependency-groups, or supported Poetry dependency tables, the latest version is installed.
Note
This action does only support ruff versions v0.0.247 and above.
Install the latest version
- name: Install the latest version of ruff
uses: astral-sh/ruff-action@v3
with:
version: "latest"
Install a specific version
- name: Install a specific version of ruff
uses: astral-sh/ruff-action@v3
with:
version: "0.4.4"
Install a version by supplying a semver range or pep440 specifier
You can specify a semver range or pep440 specifier to install the latest version that satisfies the range.
- name: Install a semver range of ruff
uses: astral-sh/ruff-action@v3
with:
version: ">=0.4.0"
- name: Pinning a minor version of ruff
uses: astral-sh/ruff-action@v3
with:
version: "0.4.x"
- name: Install a pep440-specifier-satisfying version of ruff
uses: astral-sh/ruff-action@v3
with:
version: ">=0.11.10,<0.12.0"
Install a version from a specified version file
You can specify a file to read the version from.
Currently pyproject.toml and requirements.txt are supported. If the file cannot be parsed
or does not contain a Ruff version, the action warns and falls back to latest.
- name: Install a version from a specified version file
uses: astral-sh/ruff-action@v3
with:
version-file: "my-path/to/pyproject.toml-or-requirements.txt"
Version resolution precedence is:
versionversion-file- nearest discoverable
pyproject.tomlfound by searching upward fromsrc latest
Install using a custom manifest URL
You can override the default astral-sh/versions manifest with manifest-file.
This affects both version resolution and artifact selection.
- name: Install Ruff from a custom manifest
uses: astral-sh/ruff-action@v3
with:
version: "latest"
manifest-file: "https://example.com/ruff.ndjson"
Validate checksum
You can specify a checksum to validate the downloaded executable. Checksums up to the default version are automatically verified by this action. The sha256 hashes can be found on the releases page of the ruff repo.
- name: Install a specific version and validate the checksum
uses: astral-sh/ruff-action@v3
with:
version: "0.7.4"
checksum: "0de731c669b9ece77e799ac3f4a160c30849752714d9775c94cc4cfaf326860c"
GitHub authentication token
By default, this action resolves available uv versions from
astral-sh/versions and downloads release artifacts from https://releases.astral.sh. If this fails this action falls back to downloading from the GitHub releases page of the ruff repository.
You can provide a token via github-token to authenticate those downloads. By default, the
GITHUB_TOKEN secret is used, which is automatically provided by GitHub Actions.
If the default permissions for the GitHub token are not sufficient, you can provide a custom GitHub token with the necessary permissions.
- name: Install the latest version of ruff with a custom GitHub token
uses: astral-sh/ruff-action@v3
with:
github-token: ${{ secrets.CUSTOM_GITHUB_TOKEN }}
Outputs
| Output | Description |
|---|---|
ruff-version |
The version of Ruff that was installed. |
