Skip to content

Add sha1 to crypto dependency group#7679

Merged
youknowone merged 1 commit into
RustPython:mainfrom
fanninpm:add-sha1-to-crypto-group
Apr 25, 2026
Merged

Add sha1 to crypto dependency group#7679
youknowone merged 1 commit into
RustPython:mainfrom
fanninpm:add-sha1-to-crypto-group

Conversation

@fanninpm
Copy link
Copy Markdown
Contributor

@fanninpm fanninpm commented Apr 24, 2026
edited by coderabbitai Bot
Loading

See #7642

Summary by CodeRabbit

  • Chores
    • Updated dependency management configuration to improve handling of security-related packages.

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented Apr 24, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: 33a9d826-ce06-4176-9f35-c80738c90d7d

📥 Commits

Reviewing files that changed from the base of the PR and between adafaf2 and 489f089.

📒 Files selected for processing (1)
  • .github/dependabot.yml
📝 Walkthrough

Walkthrough

Updates Dependabot configuration to include the "sha1" pattern in the crypto dependency group, enabling Dependabot to match and group SHA-1-related dependencies more comprehensively without altering other configuration parameters.

Changes

Cohort / File(s) Summary
Dependabot Configuration
.github/dependabot.yml		 Added "sha1" pattern to the crypto group to broaden SHA-1 dependency matching and grouping.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Suggested reviewers

  • youknowone

Poem

🐰 A crypto pattern hops into view,
SHA-1 now grouped, fresh and new,
Dependabot's keen eye sees it through,
One tiny line, yet work rings true! ✨

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and concisely summarizes the main change: adding 'sha1' to the 'crypto' dependency group in the Dependabot configuration.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

ShaharNaveh
ShaharNaveh approved these changes Apr 25, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@ShaharNaveh ShaharNaveh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

makes sense

@youknowone youknowone merged commit a5f48ea into RustPython:main Apr 25, 2026
20 checks passed
@fanninpm fanninpm deleted the add-sha1-to-crypto-group branch April 25, 2026 16:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@youknowone youknowone youknowone approved these changes

@ShaharNaveh ShaharNaveh ShaharNaveh approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@fanninpm @youknowone @ShaharNaveh