Skip to content

Update prek requirement from >=0.3.5 to >=0.3.9#3353

Open
dependabot[bot] wants to merge 1 commit intonextfrom
dependabot/pip/prek-gte-0.3.9
Open

Update prek requirement from >=0.3.5 to >=0.3.9#3353
dependabot[bot] wants to merge 1 commit intonextfrom
dependabot/pip/prek-gte-0.3.9

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 13, 2026

Updates the requirements on prek to permit the latest version.

Release notes

Sourced from prek's releases.

0.3.9

Release Notes

Released on 2026-04-13.

Highlight

prek auto-update is now stricter about pinned revisions and more useful in CI. It now keeps rev and # frozen: comments in sync, can detect impostor commits when validating pinned SHAs, and lets you use prek auto-update --check to fail on both available updates and frozen-ref mismatches without rewriting the config.

Examples:

$ prek auto-update
# updates revs and repairs stale `# frozen:` comments
$ prek auto-update --freeze
writes frozen SHAs with matching # frozen: <tag> comments
$ prek auto-update --check
exits non-zero when updates are available, a # frozen: comment is stale,
or a pinned SHA does not belong to the fetched upstream refs

Enhancements

  • Check and sync frozen comments during auto-update (#1896)
  • Handle impostor commits in auto-update (#1919)
  • Add experimental language: dotnet support (#1871)
  • Honor repo and worktree core.hooksPath (#1892)
  • Add prek run --no-fail-fast to override config file (#1859)
  • Add forbid-new-submodules as builtin hook (#1853)
  • Clean stale patch files in cache gc (#1877)
  • Display auto-update results by config entry (#1922)
  • Restrict patch directory permissions (#1876)
  • Show tag names in auto-update --freeze output (#1916)
  • Use a bitset for hook stages (#1860)

Bug fixes

  • Canonicalize CWD and GIT_ROOT paths (#1878)
  • Ensure quotes are added for non-string revisions in auto-update (#1936)

Documentation

  • Update docs for case of hooks modifying files with a non-zero exit code (#1879)

... (truncated)

Changelog

Sourced from prek's changelog.

0.3.9

Released on 2026-04-13.

Highlight

prek auto-update is now stricter about pinned revisions and more useful in CI. It now keeps rev and # frozen: comments in sync, can detect impostor commits when validating pinned SHAs, and lets you use prek auto-update --check to fail on both available updates and frozen-ref mismatches without rewriting the config.

Examples:

$ prek auto-update
# updates revs and repairs stale `# frozen:` comments
$ prek auto-update --freeze
writes frozen SHAs with matching # frozen: <tag> comments
$ prek auto-update --check
exits non-zero when updates are available, a # frozen: comment is stale,
or a pinned SHA does not belong to the fetched upstream refs

Enhancements

  • Check and sync frozen comments during auto-update (#1896)
  • Handle impostor commits in auto-update (#1919)
  • Add experimental language: dotnet support (#1871)
  • Honor repo and worktree core.hooksPath (#1892)
  • Add prek run --no-fail-fast to override config file (#1859)
  • Add forbid-new-submodules as builtin hook (#1853)
  • Clean stale patch files in cache gc (#1877)
  • Display auto-update results by config entry (#1922)
  • Restrict patch directory permissions (#1876)
  • Show tag names in auto-update --freeze output (#1916)
  • Use a bitset for hook stages (#1860)

Bug fixes

  • Canonicalize CWD and GIT_ROOT paths (#1878)
  • Ensure quotes are added for non-string revisions in auto-update (#1936)

Documentation

  • Update docs for case of hooks modifying files with a non-zero exit code (#1879)

Contributors

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Update prek requirement from >=0.3.5 to >=0.3.9
08ec187 
Updates the requirements on [prek](https://github.com/j178/prek) to permit the latest version.
- [Release notes](https://github.com/j178/prek/releases)
- [Changelog](https://github.com/j178/prek/blob/master/CHANGELOG.md)
- [Commits](j178/prek@v0.3.5...v0.3.9)

---
updated-dependencies:
- dependency-name: prek
  dependency-version: 0.3.9
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants