chore: add cruft support

bruno-fs · Aug 9, 2024 · 587fd86 · 587fd86
1 parent b4bbcbd
commit 587fd86
Show file tree

Hide file tree

Showing 15 changed files with 224 additions and 120 deletions.
diff --git a/.cruft.json b/.cruft.json
@@ -0,0 +1,21 @@
+{
+  "template": "https://github.com/bruno-fs/cookiecutter-hypermodern-python",
+  "commit": "6e269e4d703f1e10f38c65a323b48cbe2980e9d3",
+  "checkout": null,
+  "context": {
+    "cookiecutter": {
+      "project_name": "pybuild-deps",
+      "package_name": "pybuild_deps",
+      "friendly_name": "PyBuild Deps",
+      "author": "Bruno Ciconelle",
+      "email": "[email protected]",
+      "github_user": "bruno-fs",
+      "version": "0.2.0",
+      "copyright_year": "2023",
+      "license": "GPL-3.0",
+      "development_status": "Development Status :: 3 - Alpha",
+      "_template": "https://github.com/bruno-fs/cookiecutter-hypermodern-python"
+    }
+  },
+  "directory": null
+}
diff --git a/.editorconfig b/.editorconfig
@@ -0,0 +1,15 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.{py,toml}]
+indent_style = space
+indent_size = 4
+
+[*.yml,yaml,json]
+indent_style = space
+indent_size = 2
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -3,19 +3,47 @@ updates:
   - package-ecosystem: github-actions
     directory: "/"
     schedule:
-      interval: daily
+      interval: weekly
+    groups:
+      github-actions-updates:
+        applies-to: version-updates
+        dependency-type: development
+      github-actions-security-updates:
+        applies-to: security-updates
+        dependency-type: development
   - package-ecosystem: pip
     directory: "/.github/workflows"
     schedule:
-      interval: daily
+      interval: weekly
+    groups:
+      workflow-updates:
+        applies-to: version-updates
+        dependency-type: development
+      workflow-security-updates:
+        applies-to: security-updates
+        dependency-type: development
   - package-ecosystem: pip
     directory: "/docs"
     schedule:
-      interval: daily
+      interval: weekly
+    groups:
+      doc-updates:
+        applies-to: version-updates
+        dependency-type: development
+      doc-security-updates:
+        applies-to: security-updates
+        dependency-type: production
   - package-ecosystem: pip
     directory: "/"
     schedule:
-      interval: daily
+      interval: weekly
     versioning-strategy: lockfile-only
     allow:
       - dependency-type: "all"
+    groups:
+      pip-version-updates:
+        applies-to: version-updates
+        dependency-type: development
+      pip-security-updates:
+        applies-to: security-updates
+        dependency-type: production
diff --git a/.github/workflows/constraints.txt b/.github/workflows/constraints.txt
@@ -1 +1,5 @@
-poetry>=1.2
+pip==24.1.2
+nox==2024.4.15
+nox-poetry==1.0.3
+poetry==1.8.3
+virtualenv==20.26.3
diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
@@ -9,6 +9,10 @@ on:
 jobs:
   labeler:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      issues: write
+
     steps:
       - name: Check out the repository
         uses: actions/checkout@v4

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -17,18 +17,18 @@ jobs:
           fetch-depth: 2
 
       - name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v4.6.1
         with:
-          python-version: "3.11"
+          python-version: "3.12"
 
       - name: Upgrade pip
         run: |
-          pip install --constraint=.github/workflows/constraints.txt pip
+          pip install --constraint="$(pwd)/.github/workflows/constraints.txt" pip
           pip --version
 
       - name: Install Poetry
         run: |
-          pip install --constraint=.github/workflows/constraints.txt poetry
+          pip install --constraint="$(pwd)/.github/workflows/constraints.txt" poetry
           poetry --version
 
       - name: Check if there is a parent commit
@@ -57,21 +57,21 @@ jobs:
 
       - name: Publish package on PyPI
         if: steps.check-version.outputs.tag
-        uses: pypa/gh-action-pypi-publish@v1.8.10
+        uses: pypa/gh-action-pypi-publish@v1.9.0
         with:
           user: __token__
           password: ${{ secrets.PYPI_TOKEN }}
 
       - name: Publish package on TestPyPI
         if: "! steps.check-version.outputs.tag"
-        uses: pypa/gh-action-pypi-publish@v1.8.10
+        uses: pypa/gh-action-pypi-publish@v1.9.0
         with:
           user: __token__
           password: ${{ secrets.TEST_PYPI_TOKEN }}
           repository_url: https://test.pypi.org/legacy/
 
       - name: Publish the release notes
-        uses: release-drafter/release-drafter@v5.25.0
+        uses: release-drafter/release-drafter@v6.0.0
         with:
           publish: ${{ steps.check-version.outputs.tag != '' }}
           tag: ${{ steps.check-version.outputs.tag }}

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -5,6 +5,8 @@ on:
     branches:
       - main
   pull_request:
+    branches: 
+      - main
 
 jobs:
   tests:
@@ -14,17 +16,18 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          - { python: "3.11", os: "ubuntu-latest", session: "pre-commit" }
-          - { python: "3.11", os: "ubuntu-latest", session: "safety" }
+          - { python: "3.12", os: "ubuntu-latest", session: "pre-commit" }
+          - { python: "3.12", os: "ubuntu-latest", session: "safety" }
+          - { python: "3.12", os: "ubuntu-latest", session: "tests" }
           - { python: "3.11", os: "ubuntu-latest", session: "tests" }
           - { python: "3.10", os: "ubuntu-latest", session: "tests" }
           - { python: "3.9", os: "ubuntu-latest", session: "tests" }
           - { python: "3.8", os: "ubuntu-latest", session: "tests" }
-          - { python: "3.11", os: "windows-latest", session: "tests" }
-          - { python: "3.11", os: "macos-latest", session: "tests" }
-          - { python: "3.11", os: "ubuntu-latest", session: "typeguard" }
-          - { python: "3.11", os: "ubuntu-latest", session: "xdoctest" }
-          - { python: "3.11", os: "ubuntu-latest", session: "docs-build" }
+          - { python: "3.12", os: "windows-latest", session: "tests" }
+          - { python: "3.12", os: "macos-latest", session: "tests" }
+          - { python: "3.12", os: "ubuntu-latest", session: "typeguard" }
+          - { python: "3.12", os: "ubuntu-latest", session: "xdoctest" }
+          - { python: "3.12", os: "ubuntu-latest", session: "docs-build" }
 
     env:
       NOXSESSION: ${{ matrix.session }}
@@ -36,13 +39,13 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Python ${{ matrix.python }}
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v4.6.1
         with:
           python-version: ${{ matrix.python }}
 
       - name: Upgrade pip
         run: |
-          pip install --constraint=.github/workflows/constraints.txt pip
+          pip install --constraint="$(pwd)/.github/workflows/constraints.txt" pip
           pip --version
 
       - name: Upgrade pip in virtual environments
@@ -56,13 +59,13 @@ jobs:
 
       - name: Install Poetry
         run: |
-          pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
+          pipx install --pip-args=--constraint="$(pwd)/.github/workflows/constraints.txt" poetry
           poetry --version
 
       - name: Install Nox
         run: |
-          pipx install --pip-args=--constraint=.github/workflows/constraints.txt nox
-          pipx inject --pip-args=--constraint=.github/workflows/constraints.txt nox nox-poetry
+          pipx install --pip-args=--constraint="$(pwd)/.github/workflows/constraints.txt" nox
+          pipx inject --pip-args=--constraint="$(pwd)/.github/workflows/constraints.txt" nox nox-poetry
           nox --version
 
       - name: Compute pre-commit cache key
@@ -115,24 +118,24 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v4.6.1
         with:
-          python-version: "3.11"
+          python-version: "3.12"
 
       - name: Upgrade pip
         run: |
-          pip install --constraint=.github/workflows/constraints.txt pip
+          pip install --constraint="$(pwd)/.github/workflows/constraints.txt" pip
           pip --version
 
       - name: Install Poetry
         run: |
-          pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
+          pipx install --pip-args=--constraint="$(pwd)/.github/workflows/constraints.txt" poetry
           poetry --version
 
       - name: Install Nox
         run: |
-          pipx install --pip-args=--constraint=.github/workflows/constraints.txt nox
-          pipx inject --pip-args=--constraint=.github/workflows/constraints.txt nox nox-poetry
+          pipx install --pip-args=--constraint="$(pwd)/.github/workflows/constraints.txt" nox
+          pipx inject --pip-args=--constraint="$(pwd)/.github/workflows/constraints.txt" nox nox-poetry
           nox --version
 
       - name: Download coverage data
@@ -149,4 +152,4 @@ jobs:
           nox --session=coverage -- xml
 
       - name: Upload coverage report
-        uses: codecov/codecov-action@v3.1.4
+        uses: codecov/codecov-action@v4.5.0
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,12 +1,6 @@
 repos:
   - repo: local
     hooks:
-      - id: black
-        name: black
-        entry: black
-        language: system
-        types: [python]
-        require_serial: true
       - id: check-added-large-files
         name: Check for added large files
         entry: check-added-large-files
@@ -27,25 +21,28 @@ repos:
         language: system
         types: [text]
         stages: [commit, push, manual]
-      - id: flake8
-        name: flake8
-        entry: flake8
-        language: system
-        types: [python]
-        require_serial: true
-        stages: [commit, push, manual]
-      - id: ruff
-        name: ruff
-        entry: ruff
-        language: system
-        types: [python]
-        stages: [commit, push, manual]
       - id: trailing-whitespace
         name: Trim Trailing Whitespace
         entry: trailing-whitespace-fixer
         language: system
         types: [text]
         stages: [commit, push, manual]
+      - id: pydoclint
+        name: pydoclint
+        entry: pydoclint
+        language: system
+        types: [python]
+      - id: ruff
+        name: ruff
+        entry: ruff check
+        args: [--fix]
+        language: python
+        types_or: [python, pyi]
+      - id: ruff-format
+        name: ruff-format
+        entry: ruff format
+        language: python
+        types_or: [python, pyi]
   - repo: https://github.com/pre-commit/mirrors-prettier
     rev: v2.6.0
     hooks:

diff --git a/.readthedocs.yml b/.readthedocs.yml
@@ -2,7 +2,7 @@ version: 2
 build:
   os: ubuntu-20.04
   tools:
-    python: "3.11"
+    python: "3.12"
 sphinx:
   configuration: docs/conf.py
 formats: all

diff --git a/.safety-policy.yml b/.safety-policy.yml
@@ -0,0 +1,4 @@
+security:
+  ignore-vulnerabilities:
+    "70612":
+      reason: Not a bug. This is the same as marking python as unsafe due to the existence of 'eval'. See https://bugzilla.redhat.com/show_bug.cgi?id=1677653
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -37,7 +37,7 @@ Request features on the [Issue Tracker].
 
 ## How to set up your development environment
 
-You need Python 3.7+ and the following tools:
+You need Python 3.8+ and the following tools:
 
 - [Poetry]
 - [Nox]

diff --git a/README.md b/README.md
@@ -10,16 +10,16 @@
 [![Codecov](https://codecov.io/gh/bruno-fs/pybuild-deps/branch/main/graph/badge.svg)][codecov]
 
 [![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white)][pre-commit]
-[![Black](https://img.shields.io/badge/code%20style-black-000000.svg)][black]
+[![Ruff codestyle][ruff badge]][ruff project]
+
 
 [pypi status]: https://pypi.org/project/pybuild-deps/
-[read the docs]: https://pybuild-deps.readthedocs.io/
 [tests]: https://github.com/bruno-fs/pybuild-deps/actions?workflow=Tests
 [codecov]: https://app.codecov.io/gh/bruno-fs/pybuild-deps
 [pre-commit]: https://github.com/pre-commit/pre-commit
 [black]: https://github.com/psf/black
-
-CLI tools to help dealing with python build dependencies. It aims to complement
+[ruff badge]: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json
+[ruff project]: https://github.com/charliermarsh/ruff
 tools that can pin dependencies like `pip-tools` and `poetry`.
 For users relying exclusively on python wheels, those tools are more than enough.
 However, for users building applications from source, finding and pinning build dependencies