Avatar for the commit-check user
commit-check
commit-check
BlogDocsChangelog

Performance History

Latest Results

fix: prevent path traversal vulnerability in --config argument Add _validate_config_path() to restrict relative config file paths to the project directory. Relative paths containing directory traversal (e.g. ../../../etc/passwd) are now blocked with PermissionError. Absolute paths remain allowed as explicit user intent. Fixes SonarCloud vulnerability pythonsecurity:S8707
fix/path-traversal-vulnerability
3 days ago
chore(deps): bump CodSpeedHQ/action from 4.17.0 to 4.17.5 in the github-actions group (#428)
main
5 days ago
chore(deps): bump CodSpeedHQ/action in the github-actions group Bumps the github-actions group with 1 update: [CodSpeedHQ/action](https://github.com/codspeedhq/action). Updates `CodSpeedHQ/action` from 4.17.0 to 4.17.5 - [Release notes](https://github.com/codspeedhq/action/releases) - [Changelog](https://github.com/CodSpeedHQ/action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codspeedhq/action/compare/9d332c4d90b43981c3e55ae8e38e68709996240f...c145068895e045cc725ee76fcd2307624b65c3af) --- updated-dependencies: - dependency-name: CodSpeedHQ/action dependency-version: 4.17.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot/github_actions/github-actions-c4d52eb9c7
6 days ago
chore: drop Python 3.9 support (#424) * chore: drop Python 3.9 support - Bump requires-python from >=3.9 to >=3.10 - Remove Python 3.9 trove classifier - Remove Python 3.9 from CI install test matrix - Update contributing guide prerequisite to Python 3.10+ Closes #423 * chore: set mypy python_version to 3.10 Match mypy's type-checking target to the new minimum supported Python version after dropping 3.9 support. * chore: modernize type annotations with PEP 604/585 - Replace Optional[X] with X | None (PEP 604, native in 3.10) - Replace List[X], Dict[K,V], Tuple[...], Type[X] with list[X], dict[K,V], tuple[...], type[X] (PEP 585, native in 3.9) - Add from __future__ import annotations for forward-reference safety - Use collections.abc.Callable instead of typing.Callable - Keep typing.Any (no native replacement) All 217 tests pass. * chore: sync uv.lock with >=3.10 requires-python, tighten return types - Regenerate uv.lock (requires-python >=3.10, drop all <3.10 markers) - Restore tomli conditional marker (python_version < '3.11') - Add py.typed marker (PEP 561) for downstream type checkers - Tighten CheckOutcome.to_dict() return type to dict[str, str] - Tighten validate_config() return type to dict[str, Any]
main
7 days ago
chore: sync uv.lock with >=3.10 requires-python, tighten return types - Regenerate uv.lock (requires-python >=3.10, drop all <3.10 markers) - Restore tomli conditional marker (python_version < '3.11') - Add py.typed marker (PEP 561) for downstream type checkers - Tighten CheckOutcome.to_dict() return type to dict[str, str] - Tighten validate_config() return type to dict[str, Any]
chore/drop-python-3-9
7 days ago
Merge branch 'main' into chore/drop-python-3-9
chore/drop-python-3-9
7 days ago
feat: support custom regex via message_pattern config option (#427) * feat: support custom regex via message_pattern config option Add `message_pattern` to the `[commit]` config section — a custom regex that replaces the auto-generated Conventional Commits regex when set. Only available via TOML and env var (CCHK_MESSAGE_PATTERN), not as a CLI flag, since regex belongs in config files not command lines. Closes #426 * test: add coverage for CCHK_MESSAGE_PATTERN env var parsing * test: cover empty message/subject early-return paths in validators
main
7 days ago
test: cover empty message/subject early-return paths in validators
feature/support-custom-message-pattern
7 days ago

Latest Branches

CodSpeed Performance Gauge
-25%
fix: prevent path traversal vulnerability in --config argument#434
3 days ago
6edebc7
fix/path-traversal-vulnerability
CodSpeed Performance Gauge
0%
chore(deps): bump CodSpeedHQ/action from 4.17.0 to 4.17.5 in the github-actions group#428
6 days ago
ac3d34d
dependabot/github_actions/github-actions-c4d52eb9c7
CodSpeed Performance Gauge
0%
chore: drop Python 3.9 support#424
7 days ago
62e7c9e
chore/drop-python-3-9
© 2026 CodSpeed Technology
Home Terms Privacy Docs