From 50739f91dc415ac3a8b56b2296a8e47f70ae663d Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 16 Dec 2024 22:48:37 +0530
Subject: [PATCH 1/3] Update dependency mdformat-mkdocs to v4 (#15011)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[mdformat-mkdocs](https://redirect.github.com/kyleking/mdformat-mkdocs)
([changelog](https://redirect.github.com/kyleking/mdformat-mkdocs/releases))
| `==3.1.1` -> `==4.0.0` |
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
---
### Release Notes
kyleking/mdformat-mkdocs (mdformat-mkdocs)
###
[`v4.0.0`](https://redirect.github.com/KyleKing/mdformat-mkdocs/releases/tag/v4.0.0)
[Compare
Source](https://redirect.github.com/kyleking/mdformat-mkdocs/compare/v3.1.1...v4.0.0)
#### What's Changed
- fix!: add newline after title for consistency with MKDocs style by
[@KyleKing](https://redirect.github.com/KyleKing) in
[https://github.com/KyleKing/mdformat-mkdocs/pull/44](https://redirect.github.com/KyleKing/mdformat-mkdocs/pull/44)
**Full Changelog**:
https://github.com/KyleKing/mdformat-mkdocs/compare/v3.1.1...v4.0.0
---
### Configuration
📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
â™» **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/astral-sh/ruff).
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Dhruv Manilawala
Co-authored-by: Kyle King
---
.markdownlint.yaml | 8 +++++
.pre-commit-config.yaml | 3 +-
docs/editors/features.md | 1 +
docs/editors/index.md | 1 +
docs/editors/migration.md | 2 ++
docs/editors/settings.md | 54 ++++++++++++++++++++++++++++++++++
docs/editors/setup.md | 11 +++++++
docs/requirements-insiders.txt | 3 +-
docs/requirements.txt | 3 +-
scripts/_mdformat_utils.py | 44 ---------------------------
scripts/generate_mkdocs.py | 5 +---
11 files changed, 81 insertions(+), 54 deletions(-)
delete mode 100644 scripts/_mdformat_utils.py
diff --git a/.markdownlint.yaml b/.markdownlint.yaml
index bdad15c5a58cc..ca458564d8667 100644
--- a/.markdownlint.yaml
+++ b/.markdownlint.yaml
@@ -21,3 +21,11 @@ MD014: false
MD024:
# Allow when nested under different parents e.g. CHANGELOG.md
siblings_only: true
+
+# MD046/code-block-style
+#
+# Ignore this because it conflicts with the code block style used in content
+# tabs of mkdocs-material which is to add a blank line after the content title.
+#
+# Ref: https://github.com/astral-sh/ruff/pull/15011#issuecomment-2544790854
+MD046: false
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index a69e50dfed4d1..3339893e32475 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -26,8 +26,7 @@ repos:
hooks:
- id: mdformat
additional_dependencies:
- - mdformat-mkdocs<4.0.0
- - mdformat-admon==2.0.6
+ - mdformat-mkdocs==4.0.0
- mdformat-footnote==0.1.1
exclude: |
(?x)^(
diff --git a/docs/editors/features.md b/docs/editors/features.md
index 4e977ddda3754..c6cd7828aa49f 100644
--- a/docs/editors/features.md
+++ b/docs/editors/features.md
@@ -95,6 +95,7 @@ Similar to Ruff's CLI, the Ruff Language Server fully supports Jupyter Notebook
capabilities available to Python files.
!!! note
+
Unlike [`ruff-lsp`](https://github.com/astral-sh/ruff-lsp) and similar to the Ruff's CLI, the
native language server requires user to explicitly include the Jupyter Notebook files in the set
of files to lint and format. Refer to the [Jupyter Notebook discovery](https://docs.astral.sh/ruff/configuration/#jupyter-notebook-discovery)
diff --git a/docs/editors/index.md b/docs/editors/index.md
index f0f193be21d7b..3d33a7cbad66f 100644
--- a/docs/editors/index.md
+++ b/docs/editors/index.md
@@ -22,6 +22,7 @@ The Ruff Language Server was available first in Ruff [v0.4.5](https://astral.sh/
in beta and stabilized in Ruff [v0.5.3](https://github.com/astral-sh/ruff/releases/tag/0.5.3).
!!! note
+
This is the documentation for Ruff's built-in language server written in Rust (`ruff server`).
If you are looking for the documentation for the `ruff-lsp` language server, please refer to the
[README](https://github.com/astral-sh/ruff-lsp) of the `ruff-lsp` repository.
diff --git a/docs/editors/migration.md b/docs/editors/migration.md
index b9db53e729035..bf401f1bec22c 100644
--- a/docs/editors/migration.md
+++ b/docs/editors/migration.md
@@ -4,6 +4,7 @@ While `ruff server` supports the same feature set as [`ruff-lsp`](https://github
`ruff server` may require changes to your Ruff or language server configuration.
!!! note
+
The [VS Code extension](https://github.com/astral-sh/ruff-vscode) settings include documentation to indicate which
settings are supported by `ruff server`. As such, this migration guide is primarily targeted at editors that lack
explicit documentation for `ruff server` settings, such as Helix or Neovim.
@@ -20,6 +21,7 @@ Several `ruff-lsp` settings are not supported by `ruff server`. These are, as fo
- `path`
!!! note
+
Some of these settings, like `interpreter` and `path`, are still accepted by the VS Code
extension. `path`, in particular, can be used to specify a dedicated binary to use when
initializing `ruff server`. But the language server itself will no longer accept such settings.
diff --git a/docs/editors/settings.md b/docs/editors/settings.md
index 9eb444c2daf30..5c6c0203f1acf 100644
--- a/docs/editors/settings.md
+++ b/docs/editors/settings.md
@@ -23,6 +23,7 @@ behavior of the Ruff CLI.
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.configuration": "~/path/to/ruff.toml"
@@ -30,6 +31,7 @@ behavior of the Ruff CLI.
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -41,6 +43,7 @@ behavior of the Ruff CLI.
```
=== "Zed"
+
```json
{
"lsp": {
@@ -72,6 +75,7 @@ configuration is prioritized over `ruff.toml` and `pyproject.toml` files.
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.configurationPreference": "filesystemFirst"
@@ -79,6 +83,7 @@ configuration is prioritized over `ruff.toml` and `pyproject.toml` files.
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -90,6 +95,7 @@ configuration is prioritized over `ruff.toml` and `pyproject.toml` files.
```
=== "Zed"
+
```json
{
"lsp": {
@@ -116,6 +122,7 @@ documentation](https://docs.astral.sh/ruff/settings/#exclude) for more details.
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.exclude": ["**/tests/**"]
@@ -123,6 +130,7 @@ documentation](https://docs.astral.sh/ruff/settings/#exclude) for more details.
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -134,6 +142,7 @@ documentation](https://docs.astral.sh/ruff/settings/#exclude) for more details.
```
=== "Zed"
+
```json
{
"lsp": {
@@ -159,6 +168,7 @@ The line length to use for the linter and formatter.
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.lineLength": 100
@@ -166,6 +176,7 @@ The line length to use for the linter and formatter.
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -177,6 +188,7 @@ The line length to use for the linter and formatter.
```
=== "Zed"
+
```json
{
"lsp": {
@@ -202,6 +214,7 @@ Whether to register the server as capable of handling `source.fixAll` code actio
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.fixAll": false
@@ -209,6 +222,7 @@ Whether to register the server as capable of handling `source.fixAll` code actio
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -220,6 +234,7 @@ Whether to register the server as capable of handling `source.fixAll` code actio
```
=== "Zed"
+
```json
{
"lsp": {
@@ -245,6 +260,7 @@ Whether to register the server as capable of handling `source.organizeImports` c
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.organizeImports": false
@@ -252,6 +268,7 @@ Whether to register the server as capable of handling `source.organizeImports` c
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -263,6 +280,7 @@ Whether to register the server as capable of handling `source.organizeImports` c
```
=== "Zed"
+
```json
{
"lsp": {
@@ -290,6 +308,7 @@ Whether to show syntax error diagnostics.
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.showSyntaxErrors": false
@@ -297,6 +316,7 @@ Whether to show syntax error diagnostics.
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -308,6 +328,7 @@ Whether to show syntax error diagnostics.
```
=== "Zed"
+
```json
{
"lsp": {
@@ -333,6 +354,7 @@ The log level to use for the server.
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.logLevel": "debug"
@@ -340,6 +362,7 @@ The log level to use for the server.
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -351,6 +374,7 @@ The log level to use for the server.
```
=== "Zed"
+
```json
{
"lsp": {
@@ -378,6 +402,7 @@ If not set, logs will be written to stderr.
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.logFile": "~/path/to/ruff.log"
@@ -385,6 +410,7 @@ If not set, logs will be written to stderr.
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -396,6 +422,7 @@ If not set, logs will be written to stderr.
```
=== "Zed"
+
```json
{
"lsp": {
@@ -425,6 +452,7 @@ Whether to display Quick Fix actions to disable rules via `noqa` suppression com
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.codeAction.disableRuleComment.enable": false
@@ -432,6 +460,7 @@ Whether to display Quick Fix actions to disable rules via `noqa` suppression com
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -447,6 +476,7 @@ Whether to display Quick Fix actions to disable rules via `noqa` suppression com
```
=== "Zed"
+
```json
{
"lsp": {
@@ -476,6 +506,7 @@ Whether to display Quick Fix actions to autofix violations.
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.codeAction.fixViolation.enable": false
@@ -483,6 +514,7 @@ Whether to display Quick Fix actions to autofix violations.
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -498,6 +530,7 @@ Whether to display Quick Fix actions to autofix violations.
```
=== "Zed"
+
```json
{
"lsp": {
@@ -531,6 +564,7 @@ Whether to enable linting. Set to `false` to use Ruff exclusively as a formatter
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.lint.enable": false
@@ -538,6 +572,7 @@ Whether to enable linting. Set to `false` to use Ruff exclusively as a formatter
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -551,6 +586,7 @@ Whether to enable linting. Set to `false` to use Ruff exclusively as a formatter
```
=== "Zed"
+
```json
{
"lsp": {
@@ -580,6 +616,7 @@ Whether to enable Ruff's preview mode when linting.
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.lint.preview": true
@@ -587,6 +624,7 @@ Whether to enable Ruff's preview mode when linting.
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -600,6 +638,7 @@ Whether to enable Ruff's preview mode when linting.
```
=== "Zed"
+
```json
{
"lsp": {
@@ -627,6 +666,7 @@ Rules to enable by default. See [the documentation](https://docs.astral.sh/ruff/
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.lint.select": ["E", "F"]
@@ -634,6 +674,7 @@ Rules to enable by default. See [the documentation](https://docs.astral.sh/ruff/
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -647,6 +688,7 @@ Rules to enable by default. See [the documentation](https://docs.astral.sh/ruff/
```
=== "Zed"
+
```json
{
"lsp": {
@@ -674,6 +716,7 @@ Rules to enable in addition to those in [`lint.select`](#select).
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.lint.extendSelect": ["W"]
@@ -681,6 +724,7 @@ Rules to enable in addition to those in [`lint.select`](#select).
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -694,6 +738,7 @@ Rules to enable in addition to those in [`lint.select`](#select).
```
=== "Zed"
+
```json
{
"lsp": {
@@ -721,6 +766,7 @@ Rules to disable by default. See [the documentation](https://docs.astral.sh/ruff
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.lint.ignore": ["E4", "E7"]
@@ -728,6 +774,7 @@ Rules to disable by default. See [the documentation](https://docs.astral.sh/ruff
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -741,6 +788,7 @@ Rules to disable by default. See [the documentation](https://docs.astral.sh/ruff
```
=== "Zed"
+
```json
{
"lsp": {
@@ -768,6 +816,7 @@ Rules to disable in addition to those in [`lint.ignore`](#ignore).
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.lint.extendIgnore": ["W1"]
@@ -775,6 +824,7 @@ Rules to disable in addition to those in [`lint.ignore`](#ignore).
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -788,6 +838,7 @@ Rules to disable in addition to those in [`lint.ignore`](#ignore).
```
=== "Zed"
+
```json
{
"lsp": {
@@ -819,6 +870,7 @@ Whether to enable Ruff's preview mode when formatting.
**Example usage**:
=== "VS Code"
+
```json
{
"ruff.format.preview": true
@@ -826,6 +878,7 @@ Whether to enable Ruff's preview mode when formatting.
```
=== "Neovim"
+
```lua
require('lspconfig').ruff.setup {
init_options = {
@@ -839,6 +892,7 @@ Whether to enable Ruff's preview mode when formatting.
```
=== "Zed"
+
```json
{
"lsp": {
diff --git a/docs/editors/setup.md b/docs/editors/setup.md
index d1b46def3d7b6..efd856787e8da 100644
--- a/docs/editors/setup.md
+++ b/docs/editors/setup.md
@@ -8,11 +8,13 @@ regardless of editor, there are several settings which have changed or are no lo
the [migration guide](./migration.md) for more.
!!! note
+
The setup instructions provided below are on a best-effort basis. If you encounter any issues
while setting up the Ruff in an editor, please [open an issue](https://github.com/astral-sh/ruff/issues/new)
for assistance and help in improving this documentation.
!!! tip
+
Regardless of the editor, it is recommended to disable the older language server
([`ruff-lsp`](https://github.com/astral-sh/ruff-lsp)) to prevent any conflicts.
@@ -45,6 +47,7 @@ require('lspconfig').ruff.setup({
```
!!! note
+
If the installed version of `nvim-lspconfig` includes the changes from
[neovim/nvim-lspconfig@`70d1c2c`](https://github.com/neovim/nvim-lspconfig/commit/70d1c2c31a88af4b36019dc1551be16bffb8f9db),
you will need to use Ruff version `0.5.3` or later.
@@ -242,6 +245,7 @@ language-servers = ["ruff", "pylsp"]
```
!!! note
+
Support for multiple language servers for a language is only available in Helix version
[`23.10`](https://github.com/helix-editor/helix/blob/master/CHANGELOG.md#2310-2023-10-24) and later.
@@ -287,6 +291,7 @@ logLevel = "debug"
You can also divert Ruff's logs to a separate file with the [`logFile`](./settings.md#logfile) setting.
!!! note
+
Setting `RUFF_TRACE=verbose` does not enable Helix's verbose mode by itself. You'll need to run
Helix with `-v` for verbose logging.
@@ -313,6 +318,7 @@ See [LSP Client documentation](https://docs.kde.org/stable5/en/kate/kate/kate-ap
on how to configure the server from there.
!!! important
+
Kate's LSP Client plugin does not support multiple servers for the same language. As a
workaround, you can use the [`python-lsp-server`](https://github.com/python-lsp/python-lsp-server)
along with the [`python-lsp-ruff`](https://github.com/python-lsp/python-lsp-ruff) plugin to
@@ -431,6 +437,7 @@ under the [`lsp.ruff.initialization_options.settings`](https://zed.dev/docs/conf
```
!!! note
+
Support for multiple formatters for a given language is only available in Zed version
`0.146.0` and later.
@@ -438,6 +445,7 @@ You can configure Ruff to format Python code on-save by registering the Ruff for
and enabling the [`format_on_save`](https://zed.dev/docs/configuring-zed#format-on-save) setting:
=== "Zed 0.146.0+"
+
```json
{
"languages": {
@@ -460,6 +468,7 @@ You can configure Ruff to fix lint violations and/or organize imports on-save by
`source.fixAll.ruff` and `source.organizeImports.ruff` code actions respectively:
=== "Zed 0.146.0+"
+
```json
{
"languages": {
@@ -485,12 +494,14 @@ Taken together, you can configure Ruff to format, fix, and organize imports on-s
following `settings.json`:
!!! note
+
For this configuration, it is important to use the correct order of the code action and
formatter language server settings. The code actions should be defined before the formatter to
ensure that the formatter takes care of any remaining style issues after the code actions have
been applied.
=== "Zed 0.146.0+"
+
```json
{
"languages": {
diff --git a/docs/requirements-insiders.txt b/docs/requirements-insiders.txt
index eb3daf40caaa4..7f579135a3903 100644
--- a/docs/requirements-insiders.txt
+++ b/docs/requirements-insiders.txt
@@ -4,8 +4,7 @@ mkdocs==1.6.1
mkdocs-material @ git+ssh://git@github.com/astral-sh/mkdocs-material-insiders.git@39da7a5e761410349e9a1b8abf593b0cdd5453ff
mkdocs-redirects==1.2.2
mdformat==0.7.19
-mdformat-mkdocs==3.1.1
-mdformat-admon==2.0.6
+mdformat-mkdocs==4.0.0
# Using a commit from pygments main branch so we get
# https://github.com/pygments/pygments/pull/2773 before it's been released
pygments @ git+https://github.com/pygments/pygments.git@67b460fdde6d9a00342b5102b37b3a8399f0e8ef
diff --git a/docs/requirements.txt b/docs/requirements.txt
index 605ee17a930a1..02fdc0a888dad 100644
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@@ -4,8 +4,7 @@ mkdocs==1.6.1
mkdocs-material==9.5.38
mkdocs-redirects==1.2.2
mdformat==0.7.19
-mdformat-mkdocs==3.1.1
-mdformat-admon==2.0.6
+mdformat-mkdocs==4.0.0
# Using a commit from pygments main branch so we get
# https://github.com/pygments/pygments/pull/2773 before it's been released
pygments @ git+https://github.com/pygments/pygments.git@67b460fdde6d9a00342b5102b37b3a8399f0e8ef
diff --git a/scripts/_mdformat_utils.py b/scripts/_mdformat_utils.py
deleted file mode 100644
index 8827551cbd85e..0000000000000
--- a/scripts/_mdformat_utils.py
+++ /dev/null
@@ -1,44 +0,0 @@
-from __future__ import annotations
-
-from typing import TYPE_CHECKING
-
-import mdformat
-
-if TYPE_CHECKING:
- import argparse
-
- from markdown_it import MarkdownIt
- from mdformat.renderer import RenderContext, RenderTreeNode
-
-
-class NoEscapeTextPlugin:
- r"""Overrides the default text formatting behavior of mdformat.
-
- By default mdformat will escape any markdown special character found in a
- text block, e.g., <. Some of these characters are found in our
- documentation, and when escaped (i.e. \<) will be rendered incorrectly by
- mkdocs, i.e., the backslash will appear in the render. Because our only
- purpose in using mdformat is to manage the line-breaks, it makes sense to
- override its text formatting behavior.
- """
-
- def __init__(self: NoEscapeTextPlugin) -> None:
- self.POSTPROCESSORS = {"text": NoEscapeTextPlugin.text}
- self.RENDERERS = {}
-
- @staticmethod
- def add_cli_options(parser: argparse.ArgumentParser) -> None:
- pass
-
- @staticmethod
- def update_mdit(mdit: MarkdownIt) -> None:
- pass
-
- @staticmethod
- def text(_text: str, node: RenderTreeNode, _context: RenderContext) -> str:
- return node.content
-
-
-def add_no_escape_text_plugin() -> None:
- """Add NoEscapeTextPlugin to the list of mdformat extensions."""
- mdformat.plugins.PARSER_EXTENSIONS["no-escape-text"] = NoEscapeTextPlugin()
diff --git a/scripts/generate_mkdocs.py b/scripts/generate_mkdocs.py
index 8a38f8c173399..25e2d667abb12 100644
--- a/scripts/generate_mkdocs.py
+++ b/scripts/generate_mkdocs.py
@@ -14,8 +14,6 @@
import mdformat
import yaml
-from _mdformat_utils import add_no_escape_text_plugin
-
class Section(NamedTuple):
"""A section to include in the MkDocs documentation."""
@@ -229,12 +227,11 @@ def main() -> None:
f.write(clean_file_content(file_content, title))
- add_no_escape_text_plugin()
for rule_doc in Path("docs/rules").glob("*.md"):
# Format rules docs. This has to be completed before adding the meta description
# otherwise the meta description will be formatted in a way that mkdocs does not
# support.
- mdformat.file(rule_doc, extensions=["mkdocs", "admon", "no-escape-text"])
+ mdformat.file(rule_doc, extensions=["mkdocs"])
generate_rule_metadata(rule_doc)
From 712c88674930e0fd174d3730b25dbf827914cacd Mon Sep 17 00:00:00 2001
From: Alex Waygood
Date: Mon, 16 Dec 2024 17:32:49 +0000
Subject: [PATCH 2/3] Add `actionlint` as a pre-commit hook (with shellcheck
integration) (#15021)
---
.github/actionlint.yaml | 9 +++++++++
.github/workflows/build-binaries.yml | 8 ++++----
.github/workflows/build-docker.yml | 3 +++
.github/workflows/ci.yaml | 20 ++++++++++----------
.github/workflows/daily_fuzz.yaml | 1 +
.github/workflows/pr-comment.yaml | 8 ++++----
.github/workflows/publish-docs.yml | 20 +++++++++++---------
.github/workflows/sync_typeshed.yaml | 2 +-
.pre-commit-config.yaml | 18 ++++++++++++++++++
9 files changed, 61 insertions(+), 28 deletions(-)
create mode 100644 .github/actionlint.yaml
diff --git a/.github/actionlint.yaml b/.github/actionlint.yaml
new file mode 100644
index 0000000000000..d47bf99d297fd
--- /dev/null
+++ b/.github/actionlint.yaml
@@ -0,0 +1,9 @@
+# Configuration for the actionlint tool, which we run via pre-commit
+# to verify the correctness of the syntax in our GitHub Actions workflows.
+
+self-hosted-runner:
+ # Various runners we use that aren't recognized out-of-the-box by actionlint:
+ labels:
+ - depot-ubuntu-latest-8
+ - depot-ubuntu-22.04-16
+ - windows-latest-xlarge
diff --git a/.github/workflows/build-binaries.yml b/.github/workflows/build-binaries.yml
index fa4bd2bd115a5..5fce3b5aec07d 100644
--- a/.github/workflows/build-binaries.yml
+++ b/.github/workflows/build-binaries.yml
@@ -53,7 +53,7 @@ jobs:
args: --out dist
- name: "Test sdist"
run: |
- pip install dist/${PACKAGE_NAME}-*.tar.gz --force-reinstall
+ pip install dist/"${PACKAGE_NAME}"-*.tar.gz --force-reinstall
"${MODULE_NAME}" --help
python -m "${MODULE_NAME}" --help
- name: "Upload sdist"
@@ -125,7 +125,7 @@ jobs:
args: --release --locked --out dist
- name: "Test wheel - aarch64"
run: |
- pip install dist/${PACKAGE_NAME}-*.whl --force-reinstall
+ pip install dist/"${PACKAGE_NAME}"-*.whl --force-reinstall
ruff --help
python -m ruff --help
- name: "Upload wheels"
@@ -186,7 +186,7 @@ jobs:
if: ${{ !startsWith(matrix.platform.target, 'aarch64') }}
shell: bash
run: |
- python -m pip install dist/${PACKAGE_NAME}-*.whl --force-reinstall
+ python -m pip install dist/"${PACKAGE_NAME}"-*.whl --force-reinstall
"${MODULE_NAME}" --help
python -m "${MODULE_NAME}" --help
- name: "Upload wheels"
@@ -236,7 +236,7 @@ jobs:
- name: "Test wheel"
if: ${{ startsWith(matrix.target, 'x86_64') }}
run: |
- pip install dist/${PACKAGE_NAME}-*.whl --force-reinstall
+ pip install dist/"${PACKAGE_NAME}"-*.whl --force-reinstall
"${MODULE_NAME}" --help
python -m "${MODULE_NAME}" --help
- name: "Upload wheels"
diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml
index a8724a0168ee2..1599e3925fca4 100644
--- a/.github/workflows/build-docker.yml
+++ b/.github/workflows/build-docker.yml
@@ -142,6 +142,7 @@ jobs:
# The printf will expand the base image with the `@sha256: ...` for each sha256 in the directory
# The final command becomes `docker buildx imagetools create -t tag1 -t tag2 ... @sha256: @sha256: ...`
run: |
+ # shellcheck disable=SC2046
docker buildx imagetools create \
$(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf "${RUFF_BASE_IMG}@sha256:%s " *)
@@ -286,6 +287,8 @@ jobs:
# The final command becomes `docker buildx imagetools create -t tag1 -t tag2 ... @sha256: @sha256: ...`
run: |
readarray -t lines <<< "$DOCKER_METADATA_OUTPUT_ANNOTATIONS"; annotations=(); for line in "${lines[@]}"; do annotations+=(--annotation "$line"); done
+
+ # shellcheck disable=SC2046
docker buildx imagetools create \
"${annotations[@]}" \
$(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 70c73dfe63f0d..e4dc7fe94bf24 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -438,7 +438,7 @@ jobs:
ruff-ecosystem check ./ruff ${{ steps.ruff-target.outputs.download-path }}/ruff --cache ./checkouts --output-format markdown | tee ecosystem-result-check-stable
- cat ecosystem-result-check-stable > $GITHUB_STEP_SUMMARY
+ cat ecosystem-result-check-stable > "$GITHUB_STEP_SUMMARY"
echo "### Linter (stable)" > ecosystem-result
cat ecosystem-result-check-stable >> ecosystem-result
echo "" >> ecosystem-result
@@ -454,7 +454,7 @@ jobs:
ruff-ecosystem check ./ruff ${{ steps.ruff-target.outputs.download-path }}/ruff --cache ./checkouts --output-format markdown --force-preview | tee ecosystem-result-check-preview
- cat ecosystem-result-check-preview > $GITHUB_STEP_SUMMARY
+ cat ecosystem-result-check-preview > "$GITHUB_STEP_SUMMARY"
echo "### Linter (preview)" >> ecosystem-result
cat ecosystem-result-check-preview >> ecosystem-result
echo "" >> ecosystem-result
@@ -470,7 +470,7 @@ jobs:
ruff-ecosystem format ./ruff ${{ steps.ruff-target.outputs.download-path }}/ruff --cache ./checkouts --output-format markdown | tee ecosystem-result-format-stable
- cat ecosystem-result-format-stable > $GITHUB_STEP_SUMMARY
+ cat ecosystem-result-format-stable > "$GITHUB_STEP_SUMMARY"
echo "### Formatter (stable)" >> ecosystem-result
cat ecosystem-result-format-stable >> ecosystem-result
echo "" >> ecosystem-result
@@ -486,7 +486,7 @@ jobs:
ruff-ecosystem format ./ruff ${{ steps.ruff-target.outputs.download-path }}/ruff --cache ./checkouts --output-format markdown --force-preview | tee ecosystem-result-format-preview
- cat ecosystem-result-format-preview > $GITHUB_STEP_SUMMARY
+ cat ecosystem-result-format-preview > "$GITHUB_STEP_SUMMARY"
echo "### Formatter (preview)" >> ecosystem-result
cat ecosystem-result-format-preview >> ecosystem-result
echo "" >> ecosystem-result
@@ -570,13 +570,13 @@ jobs:
key: pre-commit-${{ hashFiles('.pre-commit-config.yaml') }}
- name: "Run pre-commit"
run: |
- echo '```console' > $GITHUB_STEP_SUMMARY
+ echo '```console' > "$GITHUB_STEP_SUMMARY"
# Enable color output for pre-commit and remove it for the summary
SKIP=cargo-fmt,clippy,dev-generate-all pre-commit run --all-files --show-diff-on-failure --color=always | \
- tee >(sed -E 's/\x1B\[([0-9]{1,2}(;[0-9]{1,2})*)?[mGK]//g' >> $GITHUB_STEP_SUMMARY) >&1
- exit_code=${PIPESTATUS[0]}
- echo '```' >> $GITHUB_STEP_SUMMARY
- exit $exit_code
+ tee >(sed -E 's/\x1B\[([0-9]{1,2}(;[0-9]{1,2})*)?[mGK]//g' >> "$GITHUB_STEP_SUMMARY") >&1
+ exit_code="${PIPESTATUS[0]}"
+ echo '```' >> "$GITHUB_STEP_SUMMARY"
+ exit "$exit_code"
docs:
name: "mkdocs"
@@ -637,7 +637,7 @@ jobs:
- name: "Run checks"
run: scripts/formatter_ecosystem_checks.sh
- name: "Github step summary"
- run: cat target/formatter-ecosystem/stats.txt > $GITHUB_STEP_SUMMARY
+ run: cat target/formatter-ecosystem/stats.txt > "$GITHUB_STEP_SUMMARY"
- name: "Remove checkouts from cache"
run: rm -r target/formatter-ecosystem
diff --git a/.github/workflows/daily_fuzz.yaml b/.github/workflows/daily_fuzz.yaml
index a3a4e84d99fa0..2fd3b846806ac 100644
--- a/.github/workflows/daily_fuzz.yaml
+++ b/.github/workflows/daily_fuzz.yaml
@@ -46,6 +46,7 @@ jobs:
run: cargo build --locked
- name: Fuzz
run: |
+ # shellcheck disable=SC2046
(
uvx \
--python=3.12 \
diff --git a/.github/workflows/pr-comment.yaml b/.github/workflows/pr-comment.yaml
index 676d58d0c5cc7..45f760dbf3a66 100644
--- a/.github/workflows/pr-comment.yaml
+++ b/.github/workflows/pr-comment.yaml
@@ -30,7 +30,7 @@ jobs:
run: |
if [[ -f pr-number ]]
then
- echo "pr-number=$(> $GITHUB_OUTPUT
+ echo "pr-number=$(> "$GITHUB_OUTPUT"
fi
- uses: dawidd6/action-download-artifact@v7
@@ -66,9 +66,9 @@ jobs:
cat pr/ecosystem/ecosystem-result >> comment.txt
echo "" >> comment.txt
- echo 'comment<> $GITHUB_OUTPUT
- cat comment.txt >> $GITHUB_OUTPUT
- echo 'EOF' >> $GITHUB_OUTPUT
+ echo 'comment<> "$GITHUB_OUTPUT"
+ cat comment.txt >> "$GITHUB_OUTPUT"
+ echo 'EOF' >> "$GITHUB_OUTPUT"
- name: Find existing comment
uses: peter-evans/find-comment@v3
diff --git a/.github/workflows/publish-docs.yml b/.github/workflows/publish-docs.yml
index 0316b256a58a3..108d4e28fd1db 100644
--- a/.github/workflows/publish-docs.yml
+++ b/.github/workflows/publish-docs.yml
@@ -44,8 +44,8 @@ jobs:
# Use version as display name for now
display_name="$version"
- echo "version=$version" >> $GITHUB_ENV
- echo "display_name=$display_name" >> $GITHUB_ENV
+ echo "version=$version" >> "$GITHUB_ENV"
+ echo "display_name=$display_name" >> "$GITHUB_ENV"
- name: "Set branch name"
run: |
@@ -55,8 +55,8 @@ jobs:
# characters disallowed in git branch names with hyphens
branch_display_name="$(echo "${display_name}" | tr -c '[:alnum:]._' '-' | tr -s '-')"
- echo "branch_name=update-docs-$branch_display_name-$timestamp" >> $GITHUB_ENV
- echo "timestamp=$timestamp" >> $GITHUB_ENV
+ echo "branch_name=update-docs-$branch_display_name-$timestamp" >> "$GITHUB_ENV"
+ echo "timestamp=$timestamp" >> "$GITHUB_ENV"
- name: "Add SSH key"
if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS == 'true' }}
@@ -112,7 +112,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.ASTRAL_DOCS_PAT }}
run: |
# set the PR title
- pull_request_title="Update ruff documentation for "${display_name}""
+ pull_request_title="Update ruff documentation for ${display_name}"
# Delete any existing pull requests that are open for this version
# by checking against pull_request_title because the new PR will
@@ -124,10 +124,12 @@ jobs:
git push origin "${branch_name}"
# create the PR
- gh pr create --base main --head "${branch_name}" \
- --title "$pull_request_title" \
- --body "Automated documentation update for "${display_name}"" \
- --label "documentation"
+ gh pr create \
+ --base=main \
+ --head="${branch_name}" \
+ --title="${pull_request_title}" \
+ --body="Automated documentation update for ${display_name}" \
+ --label="documentation"
- name: "Merge Pull Request"
if: ${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }}
diff --git a/.github/workflows/sync_typeshed.yaml b/.github/workflows/sync_typeshed.yaml
index 467f1a8574bc4..d1785034e1ca4 100644
--- a/.github/workflows/sync_typeshed.yaml
+++ b/.github/workflows/sync_typeshed.yaml
@@ -59,7 +59,7 @@ jobs:
run: |
cd ruff
git push --force origin typeshedbot/sync-typeshed
- gh pr list --repo $GITHUB_REPOSITORY --head typeshedbot/sync-typeshed --json id --jq length | grep 1 && exit 0 # exit if there is existing pr
+ gh pr list --repo "$GITHUB_REPOSITORY" --head typeshedbot/sync-typeshed --json id --jq length | grep 1 && exit 0 # exit if there is existing pr
gh pr create --title "Sync vendored typeshed stubs" --body "Close and reopen this PR to trigger CI" --label "internal"
create-issue-on-failure:
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 3339893e32475..5452fd1327b14 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -100,5 +100,23 @@ repos:
hooks:
- id: check-github-workflows
+ # `actionlint` hook, for verifying correct syntax in GitHub Actions workflows.
+ # Some additional configuration for `actionlint` can be found in `.github/actionlint.yaml`.
+ - repo: https://github.com/rhysd/actionlint
+ rev: v1.7.4
+ hooks:
+ - id: actionlint
+ # `release.yml` is autogenerated by `dist`; issues need to be fixed there
+ # (https://opensource.axo.dev/cargo-dist/)
+ exclude: .github/workflows/release.yml
+ args:
+ - "-ignore=SC2129" # ignorable stylistic lint from shellcheck
+ - "-ignore=SC2016" # another shellcheck lint: seems to have false positives?
+ additional_dependencies:
+ # actionlint has a shellcheck integration which extracts shell scripts in `run:` steps from GitHub Actions
+ # and checks these with shellcheck. This is arguably its most useful feature,
+ # but the integration only works if shellcheck is installed
+ - "github.com/wasilibs/go-shellcheck/cmd/shellcheck@v0.10.0"
+
ci:
skip: [cargo-fmt, dev-generate-all]
From 6d72be2683a6fe835bb297f69609095fec96a9cd Mon Sep 17 00:00:00 2001
From: Alex Waygood
Date: Mon, 16 Dec 2024 17:45:46 +0000
Subject: [PATCH 3/3] Bump zizmor pre-commit hook to the latest version and fix
new warnings (#15022)
---
.github/workflows/ci.yaml | 47 ++++++++++++++++++++-----------
.github/workflows/pr-comment.yaml | 5 ++--
.github/zizmor.yml | 6 ++++
.pre-commit-config.yaml | 4 ++-
4 files changed, 42 insertions(+), 20 deletions(-)
create mode 100644 .github/zizmor.yml
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index e4dc7fe94bf24..c4ddb63fd8721 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -290,7 +290,9 @@ jobs:
file: "Cargo.toml"
field: "workspace.package.rust-version"
- name: "Install Rust toolchain"
- run: rustup default ${{ steps.msrv.outputs.value }}
+ env:
+ MSRV: ${{ steps.msrv.outputs.value }}
+ run: rustup default "${MSRV}"
- name: "Install mold"
uses: rui314/setup-mold@v1
- name: "Install cargo nextest"
@@ -306,7 +308,8 @@ jobs:
shell: bash
env:
NEXTEST_PROFILE: "ci"
- run: cargo +${{ steps.msrv.outputs.value }} insta test --all-features --unreferenced reject --test-runner nextest
+ MSRV: ${{ steps.msrv.outputs.value }}
+ run: cargo "+${MSRV}" insta test --all-features --unreferenced reject --test-runner nextest
cargo-fuzz-build:
name: "cargo fuzz build"
@@ -354,16 +357,18 @@ jobs:
name: ruff
path: ruff-to-test
- name: Fuzz
+ env:
+ DOWNLOAD_PATH: ${{ steps.download-cached-binary.outputs.download-path }}
run: |
# Make executable, since artifact download doesn't preserve this
- chmod +x ${{ steps.download-cached-binary.outputs.download-path }}/ruff
+ chmod +x "${DOWNLOAD_PATH}/ruff"
(
uvx \
- --python=${{ env.PYTHON_VERSION }} \
+ --python="${PYTHON_VERSION}" \
--from=./python/py-fuzzer \
fuzz \
- --test-executable=${{ steps.download-cached-binary.outputs.download-path }}/ruff \
+ --test-executable="${DOWNLOAD_PATH}/ruff" \
--bin=ruff \
0-500
)
@@ -429,14 +434,16 @@ jobs:
- name: Run `ruff check` stable ecosystem check
if: ${{ needs.determine_changes.outputs.linter == 'true' }}
+ env:
+ DOWNLOAD_PATH: ${{ steps.ruff-target.outputs.download-path }}
run: |
# Make executable, since artifact download doesn't preserve this
- chmod +x ./ruff ${{ steps.ruff-target.outputs.download-path }}/ruff
+ chmod +x ./ruff "${DOWNLOAD_PATH}/ruff"
# Set pipefail to avoid hiding errors with tee
set -eo pipefail
- ruff-ecosystem check ./ruff ${{ steps.ruff-target.outputs.download-path }}/ruff --cache ./checkouts --output-format markdown | tee ecosystem-result-check-stable
+ ruff-ecosystem check ./ruff "${DOWNLOAD_PATH}/ruff" --cache ./checkouts --output-format markdown | tee ecosystem-result-check-stable
cat ecosystem-result-check-stable > "$GITHUB_STEP_SUMMARY"
echo "### Linter (stable)" > ecosystem-result
@@ -445,14 +452,16 @@ jobs:
- name: Run `ruff check` preview ecosystem check
if: ${{ needs.determine_changes.outputs.linter == 'true' }}
+ env:
+ DOWNLOAD_PATH: ${{ steps.ruff-target.outputs.download-path }}
run: |
# Make executable, since artifact download doesn't preserve this
- chmod +x ./ruff ${{ steps.ruff-target.outputs.download-path }}/ruff
+ chmod +x ./ruff "${DOWNLOAD_PATH}/ruff"
# Set pipefail to avoid hiding errors with tee
set -eo pipefail
- ruff-ecosystem check ./ruff ${{ steps.ruff-target.outputs.download-path }}/ruff --cache ./checkouts --output-format markdown --force-preview | tee ecosystem-result-check-preview
+ ruff-ecosystem check ./ruff "${DOWNLOAD_PATH}/ruff" --cache ./checkouts --output-format markdown --force-preview | tee ecosystem-result-check-preview
cat ecosystem-result-check-preview > "$GITHUB_STEP_SUMMARY"
echo "### Linter (preview)" >> ecosystem-result
@@ -461,14 +470,16 @@ jobs:
- name: Run `ruff format` stable ecosystem check
if: ${{ needs.determine_changes.outputs.formatter == 'true' }}
+ env:
+ DOWNLOAD_PATH: ${{ steps.ruff-target.outputs.download-path }}
run: |
# Make executable, since artifact download doesn't preserve this
- chmod +x ./ruff ${{ steps.ruff-target.outputs.download-path }}/ruff
+ chmod +x ./ruff "${DOWNLOAD_PATH}/ruff"
# Set pipefail to avoid hiding errors with tee
set -eo pipefail
- ruff-ecosystem format ./ruff ${{ steps.ruff-target.outputs.download-path }}/ruff --cache ./checkouts --output-format markdown | tee ecosystem-result-format-stable
+ ruff-ecosystem format ./ruff "${DOWNLOAD_PATH}/ruff" --cache ./checkouts --output-format markdown | tee ecosystem-result-format-stable
cat ecosystem-result-format-stable > "$GITHUB_STEP_SUMMARY"
echo "### Formatter (stable)" >> ecosystem-result
@@ -477,14 +488,16 @@ jobs:
- name: Run `ruff format` preview ecosystem check
if: ${{ needs.determine_changes.outputs.formatter == 'true' }}
+ env:
+ DOWNLOAD_PATH: ${{ steps.ruff-target.outputs.download-path }}
run: |
# Make executable, since artifact download doesn't preserve this
- chmod +x ./ruff ${{ steps.ruff-target.outputs.download-path }}/ruff
+ chmod +x ./ruff "${DOWNLOAD_PATH}/ruff"
# Set pipefail to avoid hiding errors with tee
set -eo pipefail
- ruff-ecosystem format ./ruff ${{ steps.ruff-target.outputs.download-path }}/ruff --cache ./checkouts --output-format markdown --force-preview | tee ecosystem-result-format-preview
+ ruff-ecosystem format ./ruff "${DOWNLOAD_PATH}/ruff" --cache ./checkouts --output-format markdown --force-preview | tee ecosystem-result-format-preview
cat ecosystem-result-format-preview > "$GITHUB_STEP_SUMMARY"
echo "### Formatter (preview)" >> ecosystem-result
@@ -541,7 +554,7 @@ jobs:
args: --out dist
- name: "Test wheel"
run: |
- pip install --force-reinstall --find-links dist ${{ env.PACKAGE_NAME }}
+ pip install --force-reinstall --find-links dist "${PACKAGE_NAME}"
ruff --help
python -m ruff --help
- name: "Remove wheels from cache"
@@ -676,11 +689,13 @@ jobs:
just install
- name: Run ruff-lsp tests
+ env:
+ DOWNLOAD_PATH: ${{ steps.ruff-target.outputs.download-path }}
run: |
# Setup development binary
pip uninstall --yes ruff
- chmod +x ${{ steps.ruff-target.outputs.download-path }}/ruff
- export PATH=${{ steps.ruff-target.outputs.download-path }}:$PATH
+ chmod +x "${DOWNLOAD_PATH}/ruff"
+ export PATH="${DOWNLOAD_PATH}:${PATH}"
ruff version
just test
diff --git a/.github/workflows/pr-comment.yaml b/.github/workflows/pr-comment.yaml
index 45f760dbf3a66..8064c8cbd7138 100644
--- a/.github/workflows/pr-comment.yaml
+++ b/.github/workflows/pr-comment.yaml
@@ -10,12 +10,11 @@ on:
description: The ecosystem workflow that triggers the workflow run
required: true
-permissions:
- pull-requests: write
-
jobs:
comment:
runs-on: ubuntu-latest
+ permissions:
+ pull-requests: write
steps:
- uses: dawidd6/action-download-artifact@v7
name: Download pull request number
diff --git a/.github/zizmor.yml b/.github/zizmor.yml
new file mode 100644
index 0000000000000..2861f925ec265
--- /dev/null
+++ b/.github/zizmor.yml
@@ -0,0 +1,6 @@
+# Configuration for the zizmor static analysis tool, run via pre-commit in CI
+# https://woodruffw.github.io/zizmor/configuration/
+rules:
+ dangerous-triggers:
+ ignore:
+ - pr-comment.yaml
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 5452fd1327b14..c990e32513c4c 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -87,8 +87,10 @@ repos:
- id: prettier
types: [yaml]
+ # zizmor detects security vulnerabilities in GitHub Actions workflows.
+ # Additional configuration for the tool is found in `.github/zizmor.yml`
- repo: https://github.com/woodruffw/zizmor-pre-commit
- rev: v0.8.0
+ rev: v0.9.2
hooks:
- id: zizmor
# `release.yml` is autogenerated by `dist`; security issues need to be fixed there