From 5f7f41975992ac1e21fd91df866b02ddfd4fad65 Mon Sep 17 00:00:00 2001 From: benzlokzik <121052717+benzlokzik@users.noreply.github.com> Date: Fri, 5 Dec 2025 10:51:45 +0300 Subject: [PATCH 1/7] feat(uv): add alias for pinning Python version (#12914) --- plugins/uv/README.md | 1 + plugins/uv/uv.plugin.zsh | 1 + 2 files changed, 2 insertions(+) diff --git a/plugins/uv/README.md b/plugins/uv/README.md index 1b99c1185..144ec456a 100644 --- a/plugins/uv/README.md +++ b/plugins/uv/README.md @@ -19,6 +19,7 @@ plugins=(... uv) | uvlu | `uv lock --upgrade` | Lock the dependencies to the newest compatible versions | | uvp | `uv pip` | Manage pip packages | | uvpy | `uv python` | Manage Python installs | +| uvpp | `uv python pin` | Pin the current project to use a specific Python version | | uvr | `uv run` | Run commands within the project's environment | | uvrm | `uv remove` | Remove packages from the project | | uvs | `uv sync` | Sync the environment with the lock file | diff --git a/plugins/uv/uv.plugin.zsh b/plugins/uv/uv.plugin.zsh index abcbc117e..ef0f78f6b 100644 --- a/plugins/uv/uv.plugin.zsh +++ b/plugins/uv/uv.plugin.zsh @@ -12,6 +12,7 @@ alias uvlr='uv lock --refresh' alias uvlu='uv lock --upgrade' alias uvp='uv pip' alias uvpy='uv python' +alias uvpp='uv python pin' alias uvr='uv run' alias uvrm='uv remove' alias uvs='uv sync' From a98a9f7122d583a9547e9a8b2ab8c14570fc6e54 Mon Sep 17 00:00:00 2001 From: Cyril Plisko Date: Fri, 5 Dec 2025 13:00:56 +0200 Subject: [PATCH 2/7] feat(jj): add `jj` aliases for common workflows (#13179) - jj bookmark Aliases for bookmark subcommands - jj git push Aliases for popular push flags - jj new "trunk()" - jj rebase -d "trunk()" - jj status --- plugins/jj/README.md | 17 +++++++++++++++++ plugins/jj/jj.plugin.zsh | 16 ++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/plugins/jj/README.md b/plugins/jj/README.md index 541b8f907..fd964e309 100644 --- a/plugins/jj/README.md +++ b/plugins/jj/README.md @@ -12,6 +12,16 @@ plugins=(... jj) | Alias | Command | | ------ | ----------------------------- | +| jjb | `jj bookmark` | +| jjbc | `jj bookmark create` | +| jjbd | `jj bookmark delete` | +| jjbf | `jj bookmark forget` | +| jjbl | `jj bookmark list` | +| jjbm | `jj bookmark move` | +| jjbr | `jj bookmark rename` | +| jjbs | `jj bookmark set` | +| jjbt | `jj bookmark track` | +| jjbu | `jj bookmark untrack` | | jjc | `jj commit` | | jjcmsg | `jj commit --message` | | jjd | `jj diff` | @@ -22,14 +32,20 @@ plugins=(... jj) | jjgf | `jj git fetch` | | jjgfa | `jj git fetch --all-remotes` | | jjgp | `jj git push` | +| jjgpa | `jj git push --all` | +| jjgpd | `jj git push --deleted` | +| jjgpt | `jj git push --tracked` | | jjl | `jj log` | | jjla | `jj log -r "all()"` | | jjn | `jj new` | +| jjnt | `jj new "trunk()"` | | jjrb | `jj rebase` | +| jjrbm | `jj rebase -d "trunk()"` | | jjrs | `jj restore` | | jjrt | `cd "$(jj root \|\| echo .)"` | | jjsp | `jj split` | | jjsq | `jj squash` | +| jjst | `jj status` | ## Prompt usage @@ -88,3 +104,4 @@ that. ## Contributors - [nasso](https://github.com/nasso) - Plugin Author +- [imp](https://github.com/imp) - Occasional Alias Contributor diff --git a/plugins/jj/jj.plugin.zsh b/plugins/jj/jj.plugin.zsh index 825460517..696bc380b 100644 --- a/plugins/jj/jj.plugin.zsh +++ b/plugins/jj/jj.plugin.zsh @@ -34,6 +34,16 @@ function jj_prompt_template() { } # Aliases (sorted alphabetically) +alias jjb='jj bookmark' +alias jjbc='jj bookmark create' +alias jjbd='jj bookmark delete' +alias jjbf='jj bookmark forget' +alias jjbl='jj bookmark list' +alias jjbm='jj bookmark move' +alias jjbr='jj bookmark rename' +alias jjbs='jj bookmark set' +alias jjbt='jj bookmark track' +alias jjbu='jj bookmark untrack' alias jjc='jj commit' alias jjcmsg='jj commit --message' alias jjd='jj diff' @@ -44,11 +54,17 @@ alias jjgcl='jj git clone' alias jjgf='jj git fetch' alias jjgfa='jj git fetch --all-remotes' alias jjgp='jj git push' +alias jjgpa='jj git push --all' +alias jjgpd='jj git push --deleted' +alias jjgpt='jj git push --tracked' alias jjl='jj log' alias jjla='jj log -r "all()"' alias jjn='jj new' +alias jjnt='jj new "trunk()"' alias jjrb='jj rebase' +alias jjrbm='jj rebase -d "trunk()"' alias jjrs='jj restore' alias jjrt='cd "$(jj root || echo .)"' alias jjsp='jj split' alias jjsq='jj squash' +alias jjst='jj status' From 1b4497fc8f51cfc1f326f3474203f9ea6dfd3804 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 Dec 2025 09:06:29 +0100 Subject: [PATCH 3/7] chore(deps): bump urllib3 in /.github/workflows/dependencies (#13464) Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.5.0 to 2.6.0. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/2.5.0...2.6.0) --- updated-dependencies: - dependency-name: urllib3 dependency-version: 2.6.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/dependencies/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dependencies/requirements.txt b/.github/workflows/dependencies/requirements.txt index 4fc25d593..94eaf3c9a 100644 --- a/.github/workflows/dependencies/requirements.txt +++ b/.github/workflows/dependencies/requirements.txt @@ -4,4 +4,4 @@ idna==3.11 PyYAML==6.0.3 requests==2.32.5 semver==3.0.4 -urllib3==2.5.0 +urllib3==2.6.0 From 953f526dea332c6ba12f178f61785c5a3aa9ae73 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 7 Dec 2025 18:38:05 +0100 Subject: [PATCH 4/7] chore(deps): bump github/codeql-action from 4.31.5 to 4.31.7 (#13469) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.5 to 4.31.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/fdbfb4d2750291e159f0156def62b853c2798ca2...cf1bb45a277cb3c205638b2cd5c984db1c46a412) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 95d1086b8..42a1dc0cb 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,6 +60,6 @@ jobs: retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 + uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 with: sarif_file: results.sarif From 3b66f643e4cfc78dfd62bb332f28f82d7dff2461 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 7 Dec 2025 18:38:26 +0100 Subject: [PATCH 5/7] chore(deps): bump step-security/harden-runner from 2.13.2 to 2.13.3 (#13471) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.2 to 2.13.3. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/95d9a5deda9de15063e7595e9719c11c38c90ae2...df199fb7be9f65074067a9eb93f12bb4c5547cf2) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.13.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/dependencies.yml | 2 +- .github/workflows/installer.yml | 4 ++-- .github/workflows/main.yml | 2 +- .github/workflows/project.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml index a21803ec6..aeeda6711 100644 --- a/.github/workflows/dependencies.yml +++ b/.github/workflows/dependencies.yml @@ -13,7 +13,7 @@ jobs: contents: write # this is needed to push commits and branches steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 with: egress-policy: audit diff --git a/.github/workflows/installer.yml b/.github/workflows/installer.yml index 120381dd8..d48a9603e 100644 --- a/.github/workflows/installer.yml +++ b/.github/workflows/installer.yml @@ -26,7 +26,7 @@ jobs: - macos-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 with: egress-policy: audit @@ -47,7 +47,7 @@ jobs: - test steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 with: egress-policy: audit diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 8200f50a6..ea64e3a2f 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -24,7 +24,7 @@ jobs: if: github.repository == 'ohmyzsh/ohmyzsh' steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 with: egress-policy: audit diff --git a/.github/workflows/project.yml b/.github/workflows/project.yml index 6a236e691..baaa1f9f2 100644 --- a/.github/workflows/project.yml +++ b/.github/workflows/project.yml @@ -17,7 +17,7 @@ jobs: if: github.repository == 'ohmyzsh/ohmyzsh' steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 with: egress-policy: audit - name: Authenticate as @ohmyzsh diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 42a1dc0cb..cc8e0a8eb 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 with: egress-policy: audit From 0ebeae78d0ebdefbd0af38bfdad10504770acb82 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 7 Dec 2025 18:38:44 +0100 Subject: [PATCH 6/7] chore(deps): bump actions/create-github-app-token from 2.2.0 to 2.2.1 (#13470) Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2.2.0 to 2.2.1. - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](https://github.com/actions/create-github-app-token/compare/7e473efe3cb98aa54f8d4bac15400b15fad77d94...29824e69f54612133e76f7eaac726eef6c875baf) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: 2.2.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/dependencies.yml | 2 +- .github/workflows/project.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml index aeeda6711..753effdcb 100644 --- a/.github/workflows/dependencies.yml +++ b/.github/workflows/dependencies.yml @@ -23,7 +23,7 @@ jobs: fetch-depth: 0 - name: Authenticate as @ohmyzsh id: generate-token - uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0 + uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 with: app-id: ${{ secrets.OHMYZSH_APP_ID }} private-key: ${{ secrets.OHMYZSH_APP_PRIVATE_KEY }} diff --git a/.github/workflows/project.yml b/.github/workflows/project.yml index baaa1f9f2..9bb3e6550 100644 --- a/.github/workflows/project.yml +++ b/.github/workflows/project.yml @@ -22,7 +22,7 @@ jobs: egress-policy: audit - name: Authenticate as @ohmyzsh id: generate-token - uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0 + uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 with: app-id: ${{ secrets.OHMYZSH_APP_ID }} private-key: ${{ secrets.OHMYZSH_APP_PRIVATE_KEY }} From ddec79ad4384325e08104574a9e0b81bb8a7e9d9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 7 Dec 2025 18:39:14 +0100 Subject: [PATCH 7/7] chore(deps): bump actions/checkout from 6.0.0 to 6.0.1 (#13468) Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3...8e8c483db84b4bee98b60c0593521ed34d9990e8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/dependencies.yml | 2 +- .github/workflows/installer.yml | 4 ++-- .github/workflows/main.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml index 753effdcb..149c7fef7 100644 --- a/.github/workflows/dependencies.yml +++ b/.github/workflows/dependencies.yml @@ -18,7 +18,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: Authenticate as @ohmyzsh diff --git a/.github/workflows/installer.yml b/.github/workflows/installer.yml index d48a9603e..dcf5b52d8 100644 --- a/.github/workflows/installer.yml +++ b/.github/workflows/installer.yml @@ -31,7 +31,7 @@ jobs: egress-policy: audit - name: Set up git repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install zsh if: runner.os == 'Linux' run: sudo apt-get update; sudo apt-get install zsh @@ -52,7 +52,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install Vercel CLI run: npm install -g vercel - name: Setup project and deploy diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index ea64e3a2f..a8363eceb 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -29,7 +29,7 @@ jobs: egress-policy: audit - name: Set up git repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install zsh run: sudo apt-get update; sudo apt-get install zsh - name: Check syntax diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index cc8e0a8eb..068fb5e7d 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -41,7 +41,7 @@ jobs: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false