[CI] try to trigger update authors in pre-commit.ci

[tdavidcl]

No description provided.

[gemini-code-assist]

Summary of Changes

Hello @tdavidcl, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request aims to integrate and test the update_authors pre-commit hook within the CI pipeline. By enabling this hook and setting it to run only manually, the author is likely experimenting with or preparing for automated author list management in the project's continuous integration system. A related change involves a manual adjustment to an author list in a C++ source file, possibly in preparation for or as a result of this author update mechanism.

Highlights

• Pre-commit Hook Activation: The update_authors pre-commit hook has been uncommented and activated in .pre-commit-config.yaml.
• Manual Stage Configuration: The update_authors hook is now configured to run only in manual stages, indicating it's intended for explicit invocation, likely within CI environments.
• Author Information Update: An author entry for "Timothée David--Cléris" was removed from the header of src/shammodels/sph/src/pySPHModel.cpp.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a pre-commit hook to automatically update author lists in file headers based on Git history. The hook is configured to run manually, which is appropriate for a script that modifies files. The change in pySPHModel.cpp demonstrates the script's effect.

While reviewing the implementation of the script in buildbot/update_authors.py, I noticed a potential security vulnerability. The script uses subprocess.check_output with shell=True, which can be dangerous if the input filenames are not properly sanitized. It is highly recommended to refactor these calls to use shell=False (the default) and pass the command and arguments as a list.

For example, in get_author_list_from_blame, this line:

output = subprocess.check_output(R"git log " + path, shell=True).decode()

should be changed to:

output = subprocess.check_output(["git", "log", path]).decode()

A similar change should be applied in apply_mailmap. This will make the script more secure and robust against potential command injection vulnerabilities.

[github-actions]

Workflow report

workflow report corresponding to commit e5d9831
Commiter email is 114827586+autofix-ci[bot]@users.noreply.github.com
You are using github private e-mail. This prevent proper tracing of who contributed what, please disable it (see Keep my email addresses private).

Pre-commit check report

Pre-commit check: ✅

trim trailing whitespace.................................................Passed
fix end of files.........................................................Passed
check for merge conflicts................................................Passed
check that executables have shebangs.....................................Passed
check that scripts with shebangs are executable..........................Passed
check for added large files..............................................Passed
check for case conflicts.................................................Passed
check for broken symlinks................................................Passed
check yaml...............................................................Passed
detect private key.......................................................Passed
No-tabs checker..........................................................Passed
Tabs remover.............................................................Passed
Validate GitHub Workflows................................................Passed
clang-format.............................................................Passed
black....................................................................Passed
ruff check...............................................................Passed
Check doxygen headers....................................................Passed
Check license headers....................................................Passed
Check #pragma once.......................................................Passed
Check SYCL #include......................................................Passed
No ssh in git submodules remote..........................................Passed

Test pipeline can run.