Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: commitizen-tools/commitizen
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: master
Choose a base ref
...
head repository: commitizen-tools/commitizen
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: add-cooldown-mechaism
Choose a head ref
Checking mergeability… Don’t worry, you can still create the pull request.
  • 1 commit
  • 2 files changed
  • 1 contributor

Commits on May 20, 2026

  1. build: add cooldown to 4 days to enhance security control 

    Adds `exclude-newer = "4 days"` under `[tool.uv.pip]` in `pyproject.toml`, preventing uv from resolving packages published within the last 4 days. This aligns with the constraint already referenced in `scripts/ci/prek/upgrade_important_versions.py` and reduces exposure to supply chain attacks that exploit newly published malicious package versions. The `uv.lock` is regenerated under this constraint.
    @Lee-W
    Lee-W committed May 20, 2026
    Configuration menu
    Copy the full SHA
    e7d051b View commit details
    Browse the repository at this point in the history
Loading