dependabot[bot] opened a new pull request, #3281: URL: https://github.com/apache/iceberg-python/pull/3281
Bumps [prek](https://github.com/j178/prek) from 0.3.8 to 0.3.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/j178/prek/releases";>prek's releases</a>.</em></p> <blockquote> <h2>0.3.9</h2> <h2>Release Notes</h2> <p>Released on 2026-04-13.</p> <h3>Highlight</h3> <p><code>prek auto-update</code> is now stricter about pinned revisions and more useful in CI. It now keeps <code>rev</code> and <code># frozen:</code> comments in sync, can detect <a href="https://docs.zizmor.sh/audits/#impostor-commit";>impostor commits</a> when validating pinned SHAs, and lets you use <code>prek auto-update --check</code> to fail on both available updates and frozen-ref mismatches without rewriting the config.</p> <p>Examples:</p> <pre lang="console"><code>$ prek auto-update # updates revs and repairs stale `# frozen:` comments <p>$ prek auto-update --freeze</p> <h1>writes frozen SHAs with matching <code># frozen: &lt;tag&gt;</code> comments</h1> <p>$ prek auto-update --check</p> <h1>exits non-zero when updates are available, a <code># frozen:</code> comment is stale,</h1> <h1>or a pinned SHA does not belong to the fetched upstream refs</h1> <p></code></pre></p> <h3>Enhancements</h3> <ul> <li>Check and sync frozen comments during auto-update (<a href="https://redirect.github.com/j178/prek/pull/1896";>#1896</a>)</li> <li>Handle impostor commits in auto-update (<a href="https://redirect.github.com/j178/prek/pull/1919";>#1919</a>)</li> <li>Add experimental <code>language: dotnet</code> support (<a href="https://redirect.github.com/j178/prek/pull/1871";>#1871</a>)</li> <li>Honor repo and worktree <code>core.hooksPath</code> (<a href="https://redirect.github.com/j178/prek/pull/1892";>#1892</a>)</li> <li>Add <code>prek run --no-fail-fast</code> to override config file (<a href="https://redirect.github.com/j178/prek/pull/1859";>#1859</a>)</li> <li>Add <code>forbid-new-submodules</code> as builtin hook (<a href="https://redirect.github.com/j178/prek/pull/1853";>#1853</a>)</li> <li>Clean stale patch files in <code>cache gc</code> (<a href="https://redirect.github.com/j178/prek/pull/1877";>#1877</a>)</li> <li>Display auto-update results by config entry (<a href="https://redirect.github.com/j178/prek/pull/1922";>#1922</a>)</li> <li>Restrict patch directory permissions (<a href="https://redirect.github.com/j178/prek/pull/1876";>#1876</a>)</li> <li>Show tag names in <code>auto-update --freeze</code> output (<a href="https://redirect.github.com/j178/prek/pull/1916";>#1916</a>)</li> <li>Use a bitset for hook stages (<a href="https://redirect.github.com/j178/prek/pull/1860";>#1860</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>Canonicalize CWD and GIT_ROOT paths (<a href="https://redirect.github.com/j178/prek/pull/1878";>#1878</a>)</li> <li>Ensure quotes are added for non-string revisions in <code>auto-update</code> (<a href="https://redirect.github.com/j178/prek/pull/1936";>#1936</a>)</li> </ul> <h3>Documentation</h3> <ul> <li>Update docs for case of hooks modifying files with a non-zero exit code (<a href="https://redirect.github.com/j178/prek/pull/1879";>#1879</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/j178/prek/blob/master/CHANGELOG.md";>prek's changelog</a>.</em></p> <blockquote> <h2>0.3.9</h2> <p>Released on 2026-04-13.</p> <h3>Highlight</h3> <p><code>prek auto-update</code> is now stricter about pinned revisions and more useful in CI. It now keeps <code>rev</code> and <code># frozen:</code> comments in sync, can detect <a href="https://docs.zizmor.sh/audits/#impostor-commit";>impostor commits</a> when validating pinned SHAs, and lets you use <code>prek auto-update --check</code> to fail on both available updates and frozen-ref mismatches without rewriting the config.</p> <p>Examples:</p> <pre lang="console"><code>$ prek auto-update # updates revs and repairs stale `# frozen:` comments <p>$ prek auto-update --freeze</p> <h1>writes frozen SHAs with matching <code># frozen: &lt;tag&gt;</code> comments</h1> <p>$ prek auto-update --check</p> <h1>exits non-zero when updates are available, a <code># frozen:</code> comment is stale,</h1> <h1>or a pinned SHA does not belong to the fetched upstream refs</h1> <p></code></pre></p> <h3>Enhancements</h3> <ul> <li>Check and sync frozen comments during auto-update (<a href="https://redirect.github.com/j178/prek/pull/1896";>#1896</a>)</li> <li>Handle impostor commits in auto-update (<a href="https://redirect.github.com/j178/prek/pull/1919";>#1919</a>)</li> <li>Add experimental <code>language: dotnet</code> support (<a href="https://redirect.github.com/j178/prek/pull/1871";>#1871</a>)</li> <li>Honor repo and worktree <code>core.hooksPath</code> (<a href="https://redirect.github.com/j178/prek/pull/1892";>#1892</a>)</li> <li>Add <code>prek run --no-fail-fast</code> to override config file (<a href="https://redirect.github.com/j178/prek/pull/1859";>#1859</a>)</li> <li>Add <code>forbid-new-submodules</code> as builtin hook (<a href="https://redirect.github.com/j178/prek/pull/1853";>#1853</a>)</li> <li>Clean stale patch files in <code>cache gc</code> (<a href="https://redirect.github.com/j178/prek/pull/1877";>#1877</a>)</li> <li>Display auto-update results by config entry (<a href="https://redirect.github.com/j178/prek/pull/1922";>#1922</a>)</li> <li>Restrict patch directory permissions (<a href="https://redirect.github.com/j178/prek/pull/1876";>#1876</a>)</li> <li>Show tag names in <code>auto-update --freeze</code> output (<a href="https://redirect.github.com/j178/prek/pull/1916";>#1916</a>)</li> <li>Use a bitset for hook stages (<a href="https://redirect.github.com/j178/prek/pull/1860";>#1860</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>Canonicalize CWD and GIT_ROOT paths (<a href="https://redirect.github.com/j178/prek/pull/1878";>#1878</a>)</li> <li>Ensure quotes are added for non-string revisions in <code>auto-update</code> (<a href="https://redirect.github.com/j178/prek/pull/1936";>#1936</a>)</li> </ul> <h3>Documentation</h3> <ul> <li>Update docs for case of hooks modifying files with a non-zero exit code (<a href="https://redirect.github.com/j178/prek/pull/1879";>#1879</a>)</li> </ul> <h3>Contributors</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/j178/prek/commit/3a9b9fe4ac5f202ca0202d195c3ba5ce4c9bb81c";><code>3a9b9fe</code></a> Ensure quotes are added for non-string revisions in <code>auto-update</code> (<a href="https://redirect.github.com/j178/prek/issues/1936";>#1936</a>)</li> <li><a href="https://github.com/j178/prek/commit/501d1db943dbf7369e5b082930641f48147481f0";><code>501d1db</code></a> Bump version to 0.3.9 (<a href="https://redirect.github.com/j178/prek/issues/1934";>#1934</a>)</li> <li><a href="https://github.com/j178/prek/commit/dc98c4792d2f6cf53d7b2fda2a3b13fb9ccc5feb";><code>dc98c47</code></a> Honor repo and worktree <code>core.hooksPath</code> (<a href="https://redirect.github.com/j178/prek/issues/1892";>#1892</a>)</li> <li><a href="https://github.com/j178/prek/commit/08c1f706ce69889c59533921f19fdff6eb579711";><code>08c1f70</code></a> Remove bracket from auto-update project header (<a href="https://redirect.github.com/j178/prek/issues/1933";>#1933</a>)</li> <li><a href="https://github.com/j178/prek/commit/4292fe245bfe53caa01dac998d703a2c03f1d13d";><code>4292fe2</code></a> Update pre-commit hook crate-ci/typos to v1.45.0 (<a href="https://redirect.github.com/j178/prek/issues/1930";>#1930</a>)</li> <li><a href="https://github.com/j178/prek/commit/adafad090353056980fdefddc9d1cb92755b1f9d";><code>adafad0</code></a> Update GitHub Actions (<a href="https://redirect.github.com/j178/prek/issues/1929";>#1929</a>)</li> <li><a href="https://github.com/j178/prek/commit/f0bf283baf1d83a36b4fe976511601cd047c3405";><code>f0bf283</code></a> Update dependency uv to v0.11.3 (<a href="https://redirect.github.com/j178/prek/issues/1928";>#1928</a>)</li> <li><a href="https://github.com/j178/prek/commit/059f2728eb1d95ae23be15fca4f8d4eac27d1059";><code>059f272</code></a> Display auto-update results by config entry (<a href="https://redirect.github.com/j178/prek/issues/1922";>#1922</a>)</li> <li><a href="https://github.com/j178/prek/commit/7899b900cf247b47bf09d1b0f97580fc943496b4";><code>7899b90</code></a> Handle <code>--no-lazy-fetch</code> not available</li> <li><a href="https://github.com/j178/prek/commit/ff0769a7ccd357eb6364884c12dd21254e3d92d0";><code>ff0769a</code></a> Handle impostor commits in auto-update</li> <li>Additional commits viewable in <a href="https://github.com/j178/prek/compare/v0.3.8...v0.3.9";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
