Skip to content

[pre-commit.ci] pre-commit autoupdate #4329

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
seisman merged 6 commits into from
Jan 5, 2026
Merged

[pre-commit.ci] pre-commit autoupdate #4329

seisman merged 6 commits into from
Jan 5, 2026
+10 −9

Conversation

@pre-commit-ci
Copy link
Contributor

@pre-commit-ci pre-commit-ci bot commented Jan 5, 2026
edited by weiji14
Loading

updates:

New errors from Zizmor v1.19.0:

zizmor...................................................................Failed
- hook id: zizmor
- exit code: 13

  warning[dependabot-cooldown]: insufficient cooldown in Dependabot updates
   --> .github/dependabot.yml:6:5
    |
  6 |   - package-ecosystem: "github-actions"
    |     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ missing cooldown configuration
    |
    = note: audit confidence → High
    = note: this finding has an auto-fix
    = help: audit documentation → https://docs.zizmor.sh/audits/#dependabot-cooldown

  help[obfuscation]: obfuscated usage of GitHub Actions features
     --> .github/workflows/ci_tests_dev.yaml:125:9
      |
  124 |       - name: Build GMT on Windows
      |         -------------------------- Windows CMD shell limits analysis
  125 |         shell: cmd
      |         ^^^^^^^^^^ shell defined here
      |
      = note: audit confidence → High
      = tip: use 'shell: pwsh' or 'shell: bash' for improved analysis
      = help: audit documentation → https://docs.zizmor.sh/audits/#obfuscation

  36 findings (34 suppressed, 1 fixable): 0 informational, 1 low, 1 medium, 0 high

@weiji14 weiji14 added the run/test-gmt-dev Trigger the GMT Dev Tests workflow in PR label Jan 5, 2026
weiji14
weiji14 approved these changes Jan 5, 2026
View reviewed changes
Copy link
Member

@weiji14 weiji14 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Set dependabot cooldown to 7 days, and translated CMD to bash to avoid zizmor audit about https://docs.zizmor.sh/audits/#obfuscation

.github/workflows/ci_tests_dev.yaml
Comment on lines +125 to +135
shell: bash
run: |
cd gmt/
mkdir build
cd build
call "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\VC\Auxiliary\Build\vcvars64.bat"
cmake -G Ninja .. ^
-DCMAKE_INSTALL_PREFIX=%GMT_INSTALL_DIR% ^
-DCMAKE_BUILD_TYPE=Release ^
-DCMAKE_PREFIX_PATH=%MAMBA_ROOT_PREFIX%\envs\pygmt\Library ^
-DGMT_ENABLE_OPENMP=TRUE ^
cmd.exe /c "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\VC\Auxiliary\Build\vcvars64.bat"
cmake -G Ninja .. \
-DCMAKE_INSTALL_PREFIX="$GMT_INSTALL_DIR" \
-DCMAKE_BUILD_TYPE=Release \
-DCMAKE_PREFIX_PATH="$MAMBA_ROOT_PREFIX/envs/pygmt/Library" \
-DGMT_ENABLE_OPENMP=TRUE \
Copy link
Member

@weiji14 weiji14 Jan 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Translation from CMD (#2773) to bash seems to be working, see https://github.com/GenericMappingTools/pygmt/actions/runs/20727660882/job/59507189307?pr=4329#step:8:1

@weiji14 weiji14 added skip-changelog Skip adding Pull Request to changelog and removed run/test-gmt-dev Trigger the GMT Dev Tests workflow in PR labels Jan 5, 2026
@weiji14 weiji14 added this to the 0.18.0 milestone Jan 5, 2026
@seisman seisman merged commit fa12fe4 into main Jan 5, 2026
10 of 14 checks passed
@seisman seisman deleted the pre-commit-ci-update-config branch January 5, 2026 23:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@weiji14 weiji14 weiji14 approved these changes

Assignees

No one assigned

Labels

skip-changelog Skip adding Pull Request to changelog

Projects

None yet

Milestone

0.18.0

Development

Successfully merging this pull request may close these issues.

3 participants

@weiji14 @seisman