Summary
ops/check-changed/requirements.txt is a flat pip freeze with 12 pinned packages, but the script (main.py) only imports PyGithub and uses requests transitively. The remaining 10 packages (certifi, cffi, charset-normalizer, idna, pycparser, PyJWT, PyNaCl, urllib3, wrapt, Deprecated) are all transitive deps.
Pinning transitive deps blocks security updates and adds maintenance burden.
Action
Slim down to direct deps only (PyGithub==1.57, requests==2.32.0) or use a lockfile approach with uv (already available in mise.toml).
🤖 Generated with Claude Code
Summary
ops/check-changed/requirements.txtis a flat pip freeze with 12 pinned packages, but the script (main.py) only importsPyGithuband usesrequeststransitively. The remaining 10 packages (certifi,cffi,charset-normalizer,idna,pycparser,PyJWT,PyNaCl,urllib3,wrapt,Deprecated) are all transitive deps.Pinning transitive deps blocks security updates and adds maintenance burden.
Action
Slim down to direct deps only (
PyGithub==1.57,requests==2.32.0) or use a lockfile approach withuv(already available inmise.toml).🤖 Generated with Claude Code