Jacob Coffee
Jacob Coffee
Split off from https://github.com/pypi/warehouse/pull/18748 ``` worker-1 | {"event": "beat: Acquired lock", "timestamp": "2025-10-10T20:42:30.035157Z", "level": "info", "dd.env": "development", "dd.version": "unknown"} worker-1 | {"event": "mingle: all alone", "timestamp": "2025-10-10T20:42:31.034605Z", "level": "info", "dd.env":...
Split off from https://github.com/pypi/warehouse/pull/18748 ``` opensearch-1 | [2025-09-24T21:32:40,462][INFO ][o.o.j.s.JobSweeper ] [356b8f0e5f55] Running full sweep db-1 | 2025-09-24 21:32:42.281 UTC [27] LOG: checkpoint starting: time web-1 | 2025-09-24T21:32:48.907827Z [info ] http_request...
## Description - Add GHA scanning via zizmor See all GHAS flags here: https://github.com/litestar-org/litestar/security/code-scanning?query=pr%3A4490+is%3Aopen+tool%3Azizmor ## Closes Closes #4489
## Description When working with django its nice to have a copypasta button to show people or feed a model. I'd like to upstream this thing ive been using if...
## Description - pre-commit -> prek ## Closes Closes #4492
## Description - Swap mypy/pyright for ty 241 initial ty diagnostics are suppressed via config to help gradually migrate. Someone can pick this up and run with it to see...
### Summary Investigate dropping mypy & pyright in favor of ty See if it is ready, if there will be large diffs generated, etc. ### Basic Example _No response_ ###...
### Summary - Swap from pre-commit to [prek](https://github.com/j178/prek) or [lefthook](https://github.com/evilmartians/lefthook) for the speediness ### Basic Example _No response_ ### Drawbacks and Impact _No response_ ### Unresolved questions _No response_
### Summary - Add [Zizmor](https://github.com/zizmorcore/zizmor) - Also enable [immutable releases](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/immutable-releases) (only maintainer's can do this, not a code change) - Maybe enable sigstore signing? (though maybe [gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) does that for...
Document this (more generally how options can be passed in according to https://guides.scalar.com/scalar/scalar-api-references/configuration and the `options` param): ```py scalar_plugin = ScalarRenderPlugin( path="/scalar", options={ "hideTestRequestButton": True, } ) ``` _Originally posted...