From cca133a2710c5ed99e4c0ce3d06a57ec118bcf13 Mon Sep 17 00:00:00 2001
From: Jeremy Frasier <jeremy.frasier@gwe.cisa.dhs.gov>
Date: Wed, 13 Nov 2024 21:33:32 -0500
Subject: [PATCH] Adjust pin for ansible-core

The pin of ansible-core was originally put in place because the
pip-audit pre-commit hook identifies a vulnerability in ansible-core
2.16.13.  Normally we would pin ansible-core to >2.16.13, but in the
spirit of the earlier, optional pin of ansible>=10 we pin ansible-core
to >=2.17.  This effectively also pins ansible to >=10.

Co-authored-by: Nick M <50747025+mcdonnnj@users.noreply.github.com>
---
 .pre-commit-config.yaml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 8b402fb..b61a8f5 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -189,12 +189,14 @@ repos:
           # install those versions.
           #
           # Note that the pip-audit pre-commit hook identifies a
-          # vulnerability in ansible-core 2.16.13.
+          # vulnerability in ansible-core 2.16.13.  The pin of
+          # ansible-core to >=2.17 effectively also pins ansible to
+          # >=10.
           #
           # Note that any changes made to this dependency must also be
           # made in requirements.txt in cisagov/skeleton-packer and
           # requirements-test.txt in cisagov/skeleton-ansible-role.
-          - ansible-core>2.16.13
+          - ansible-core>=2.17
 
   # Terraform hooks
   - repo: https://github.com/antonbabenko/pre-commit-terraform