diff --git a/.github/renovate.json b/.github/renovate.json index 7c9c6623cd6..c9b5b88e52d 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -6,7 +6,7 @@ "dependencyDashboardApproval": false, "baseBranches": ["dev"], "rebaseWhen": "conflicted", - "ignorePaths": ["requirements.txt", "components/package.json", "components/package-lock.json", "dojo/components/yarn.lock", "dojo/components/package.json", "Dockerfile**"], + "ignorePaths": ["requirements.txt", "requirements-lint.txt", "components/package.json", "components/package-lock.json", "dojo/components/yarn.lock", "dojo/components/package.json", "Dockerfile**"], "packageRules": [{ "packagePatterns": ["*"], "commitMessageExtra": "from {{currentVersion}} to {{#if isMajor}}v{{{newMajor}}}{{else}}{{#if isSingleVersion}}v{{{toVersion}}}{{else}}{{{newValue}}}{{/if}}{{/if}}", diff --git a/.github/workflows/flake8.yml b/.github/workflows/flake8.yml deleted file mode 100644 index 188b39430fc..00000000000 --- a/.github/workflows/flake8.yml +++ /dev/null @@ -1,36 +0,0 @@ -name: Flake8 -# pull requests: -# run on pull_request_target instead of just pull_request as we need write access to update the status check -on: - workflow_dispatch: - pull_request_target: - push: - -jobs: - flake8-your-pr: - runs-on: ubuntu-latest - steps: - - name: Checkout - if: github.event_name == 'pull_request' || github.event_name == 'pull_request_target' - uses: actions/checkout@v4 - # by default the pull_requst_target event checks out the base branch, i.e. dev - # so we need to explicitly checkout the head of the PR - # we use fetch-depth 0 to make sure the full history is checked out and we can compare against - # the base commit (branch) of the PR - # more info https://github.community/t/github-actions-are-severely-limited-on-prs/18179/16 - # we checkout merge_commit here as this contains all new code from dev also. we don't need to compare against base_commit - with: - persist-credentials: false - fetch-depth: 0 - ref: refs/pull/${{ github.event.pull_request.number }}/merge - # repository: ${{github.event.pull_request.head.repo.full_name}} - - - name: Checkout - # for non PR runs we just checkout the default, which is a sha on a branch probably - if: github.event_name != 'pull_request' && github.event_name != 'pull_request_target' - uses: actions/checkout@v4 - - # - uses: tayfun/flake8-your-pr@master - - uses: DefectDojo/flake8-your-pr@master - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/ruff.yml b/.github/workflows/ruff.yml index 132ffa89db1..04799cdd003 100644 --- a/.github/workflows/ruff.yml +++ b/.github/workflows/ruff.yml @@ -2,31 +2,13 @@ name: Ruff Linter on: workflow_dispatch: - pull_request_target: push: - + pull_request: jobs: ruff-linting: runs-on: ubuntu-latest steps: - name: Checkout - if: github.event_name == 'pull_request' || github.event_name == 'pull_request_target' - uses: actions/checkout@v4 - # by default the pull_requst_target event checks out the base branch, i.e. dev - # so we need to explicitly checkout the head of the PR - # we use fetch-depth 0 to make sure the full history is checked out and we can compare against - # the base commit (branch) of the PR - # more info https://github.community/t/github-actions-are-severely-limited-on-prs/18179/16 - # we checkout merge_commit here as this contains all new code from dev also. we don't need to compare against base_commit - with: - persist-credentials: false - fetch-depth: 0 - ref: refs/pull/${{ github.event.pull_request.number }}/merge - # repository: ${{github.event.pull_request.head.repo.full_name}} - - - name: Checkout - # for non PR runs we just checkout the default, which is a sha on a branch probably - if: github.event_name != 'pull_request' && github.event_name != 'pull_request_target' uses: actions/checkout@v4 - name: Install Ruff Linter diff --git a/ruff.toml b/ruff.toml index 20593fa2390..511f7c7b1ba 100644 --- a/ruff.toml +++ b/ruff.toml @@ -39,8 +39,7 @@ select = [ "UP", "YTT", "ASYNC", - "EXE", - "TRIO", + "S2", "S5", "S7", "C4", "DJ003", "DJ012", "DJ013", "EM",