Skip to content

Python: Bump prek from 0.3.8 to 0.3.9 in /python#5228

Open
dependabot[bot] wants to merge 2 commits intomainfrom
dependabot/pip/python/prek-0.3.9
Open

Python: Bump prek from 0.3.8 to 0.3.9 in /python#5228
dependabot[bot] wants to merge 2 commits intomainfrom
dependabot/pip/python/prek-0.3.9

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 13, 2026

Bumps prek from 0.3.8 to 0.3.9.

Release notes

Sourced from prek's releases.

0.3.9

Release Notes

Released on 2026-04-13.

Highlight

prek auto-update is now stricter about pinned revisions and more useful in CI. It now keeps rev and # frozen: comments in sync, can detect impostor commits when validating pinned SHAs, and lets you use prek auto-update --check to fail on both available updates and frozen-ref mismatches without rewriting the config.

Examples:

$ prek auto-update
# updates revs and repairs stale `# frozen:` comments
$ prek auto-update --freeze
writes frozen SHAs with matching # frozen: <tag> comments
$ prek auto-update --check
exits non-zero when updates are available, a # frozen: comment is stale,
or a pinned SHA does not belong to the fetched upstream refs

Enhancements

  • Check and sync frozen comments during auto-update (#1896)
  • Handle impostor commits in auto-update (#1919)
  • Add experimental language: dotnet support (#1871)
  • Honor repo and worktree core.hooksPath (#1892)
  • Add prek run --no-fail-fast to override config file (#1859)
  • Add forbid-new-submodules as builtin hook (#1853)
  • Clean stale patch files in cache gc (#1877)
  • Display auto-update results by config entry (#1922)
  • Restrict patch directory permissions (#1876)
  • Show tag names in auto-update --freeze output (#1916)
  • Use a bitset for hook stages (#1860)

Bug fixes

  • Canonicalize CWD and GIT_ROOT paths (#1878)
  • Ensure quotes are added for non-string revisions in auto-update (#1936)

Documentation

  • Update docs for case of hooks modifying files with a non-zero exit code (#1879)

... (truncated)

Changelog

Sourced from prek's changelog.

0.3.9

Released on 2026-04-13.

Highlight

prek auto-update is now stricter about pinned revisions and more useful in CI. It now keeps rev and # frozen: comments in sync, can detect impostor commits when validating pinned SHAs, and lets you use prek auto-update --check to fail on both available updates and frozen-ref mismatches without rewriting the config.

Examples:

$ prek auto-update
# updates revs and repairs stale `# frozen:` comments
$ prek auto-update --freeze
writes frozen SHAs with matching # frozen: <tag> comments
$ prek auto-update --check
exits non-zero when updates are available, a # frozen: comment is stale,
or a pinned SHA does not belong to the fetched upstream refs

Enhancements

  • Check and sync frozen comments during auto-update (#1896)
  • Handle impostor commits in auto-update (#1919)
  • Add experimental language: dotnet support (#1871)
  • Honor repo and worktree core.hooksPath (#1892)
  • Add prek run --no-fail-fast to override config file (#1859)
  • Add forbid-new-submodules as builtin hook (#1853)
  • Clean stale patch files in cache gc (#1877)
  • Display auto-update results by config entry (#1922)
  • Restrict patch directory permissions (#1876)
  • Show tag names in auto-update --freeze output (#1916)
  • Use a bitset for hook stages (#1860)

Bug fixes

  • Canonicalize CWD and GIT_ROOT paths (#1878)
  • Ensure quotes are added for non-string revisions in auto-update (#1936)

Documentation

  • Update docs for case of hooks modifying files with a non-zero exit code (#1879)

Contributors

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump prek from 0.3.8 to 0.3.9 in /python
49926f5 
Bumps [prek](https://github.com/j178/prek) from 0.3.8 to 0.3.9.
- [Release notes](https://github.com/j178/prek/releases)
- [Changelog](https://github.com/j178/prek/blob/master/CHANGELOG.md)
- [Commits](j178/prek@v0.3.8...v0.3.9)

---
updated-dependencies:
- dependency-name: prek
  dependency-version: 0.3.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python labels Apr 13, 2026
@github-actions github-actions bot changed the title Bump prek from 0.3.8 to 0.3.9 in /python Python: Bump prek from 0.3.8 to 0.3.9 in /python Apr 13, 2026
@moonbox3
Copy link
Copy Markdown
Contributor

moonbox3 commented Apr 13, 2026

@copilot figure out why CI/CD checks are failing

Copy link
Copy Markdown
Contributor

Copilot AI commented Apr 13, 2026

@copilot figure out why CI/CD checks are failing

The failures were caused by a version conflict in the uv workspace: the Dependabot commit bumped prek to 0.3.9 in the root python/pyproject.toml, but python/packages/lab/pyproject.toml still pinned prek==0.3.8. Since both packages share the same workspace, uv couldn't satisfy both constraints simultaneously.

Fixed in db41a14 by:

  1. Bumping prek to 0.3.9 in python/packages/lab/pyproject.toml
  2. Regenerating python/uv.lock to use prek 0.3.9

Copilot AI requested a review from moonbox3 April 13, 2026 22:56
@moonbox3 moonbox3 added the lab Agent Framework Lab label Apr 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@moonbox3 moonbox3 moonbox3 approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file lab Agent Framework Lab python

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@moonbox3