From fbcb5c1af983685009b6c3aaa23de939cdef4eb2 Mon Sep 17 00:00:00 2001 From: Owen Lamont Date: Sat, 21 Dec 2024 20:24:25 +1030 Subject: [PATCH 1/4] Update pyproject.toml and add GitHub action to deploy release --- .github/workflows/release.yml | 25 +++++++++++++++++++++++++ .python-version | 1 - .python-versions | 5 +++++ pyproject.toml | 26 ++++++++++++++++++++++++++ src/uv_secure/__init__.py | 3 ++- tests/smoke_test.py | 10 ++++++++++ 6 files changed, 68 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/release.yml delete mode 100644 .python-version create mode 100644 .python-versions create mode 100644 tests/smoke_test.py diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..31122c6 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,25 @@ +name: Release + +on: + push: + tags: + # Publish on any tag that looks like a semantic version e.g. 1.2.3 + - '*.*.*' + +jobs: + pypi: + name: Publish to PyPI + runs-on: ubuntu-latest + environment: + name: release + permissions: + id-token: write + steps: + - uses: actions/checkout@v4 + - uses: astral-sh/setup-uv@v3 + - run: uv build + - name: Smoke test (wheel) + run: uv run --isolated --no-project -p 3.13 --with dist/*.whl tests/smoke_test.py + - name: Smoke test (source distribution) + run: uv run --isolated --no-project -p 3.13 --with dist/*.tar.gz tests/smoke_test.py + - run: uv publish --trusted-publishing always diff --git a/.python-version b/.python-version deleted file mode 100644 index bd28b9c..0000000 --- a/.python-version +++ /dev/null @@ -1 +0,0 @@ -3.9 diff --git a/.python-versions b/.python-versions new file mode 100644 index 0000000..b0ff699 --- /dev/null +++ b/.python-versions @@ -0,0 +1,5 @@ +3.13.1 +3.12.8 +3.11.11 +3.10.16 +3.9.21 diff --git a/pyproject.toml b/pyproject.toml index 5a8f198..870b21f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -7,6 +7,28 @@ authors = [ { name = "Owen Lamont", email = "owenrlamont@gmail.com" } ] requires-python = ">=3.9" +keywords = [ + "uv", "uv.lock", "vulnerabilities" +] +classifiers = [ + "Development Status :: 3 - Alpha", + "Environment :: Console", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "License :: OSI Approved :: MIT License", + "Natural Language :: English", + "Programming Language :: Python", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Programming Language :: Python :: 3.13", + "Programming Language :: Python :: 3 :: Only", + "Topic :: Software Development :: Quality Assurance", + "Topic :: Software Development :: Testing", + "Topic :: Software Development :: Libraries", +] + dependencies = [ "httpx>=0.28.1", "inflect>=7.4.0", @@ -31,6 +53,10 @@ jupyter = [ [project.scripts] uv-secure = "uv_secure.run:app" +[project.urls] +Repository = "https://github.com/owenlamont/uv-secure" +Releases = "https://github.com/owenlamont/uv-secure/releases" + [build-system] requires = ["hatchling"] build-backend = "hatchling.build" diff --git a/src/uv_secure/__init__.py b/src/uv_secure/__init__.py index 351a9fb..23f4df6 100644 --- a/src/uv_secure/__init__.py +++ b/src/uv_secure/__init__.py @@ -1,4 +1,5 @@ +from uv_secure.__version__ import __version__ from uv_secure.run import app, check_dependencies -__all__ = ["app", "check_dependencies"] +__all__ = ["__version__", "app", "check_dependencies"] diff --git a/tests/smoke_test.py b/tests/smoke_test.py new file mode 100644 index 0000000..252ecee --- /dev/null +++ b/tests/smoke_test.py @@ -0,0 +1,10 @@ +"""Check that basic features work. + +Catch cases where e.g. files are missing so the import doesn't work. It is +recommended to check that e.g. assets are included. +""" + +import uv_secure + + +print(uv_secure.__version__) From e576638dfb060c483a0ad14599f90289135f815d Mon Sep 17 00:00:00 2001 From: Owen Lamont Date: Sat, 21 Dec 2024 20:34:04 +1030 Subject: [PATCH 2/4] Try matrix strategy --- .github/workflows/pytest.yml | 10 +++++++++- .python-version | 1 + .python-versions | 5 ----- 3 files changed, 10 insertions(+), 6 deletions(-) create mode 100644 .python-version delete mode 100644 .python-versions diff --git a/.github/workflows/pytest.yml b/.github/workflows/pytest.yml index 6e37b68..ec2a5af 100644 --- a/.github/workflows/pytest.yml +++ b/.github/workflows/pytest.yml @@ -4,6 +4,14 @@ on: jobs: pytest: runs-on: ubuntu-latest + strategy: + matrix: + python-version: + - "3.9" + - "3.10" + - "3.11" + - "3.12" + - "3.13" permissions: contents: read pull-requests: write @@ -18,7 +26,7 @@ jobs: - name: Set up Python uses: actions/setup-python@v5 with: - python-version-file: ".python-version" + python-version: ${{ matrix.python-version }} - name: Install the project run: uv sync --all-extras --dev - name: Run tests with Coverage diff --git a/.python-version b/.python-version new file mode 100644 index 0000000..bd28b9c --- /dev/null +++ b/.python-version @@ -0,0 +1 @@ +3.9 diff --git a/.python-versions b/.python-versions deleted file mode 100644 index b0ff699..0000000 --- a/.python-versions +++ /dev/null @@ -1,5 +0,0 @@ -3.13.1 -3.12.8 -3.11.11 -3.10.16 -3.9.21 From 7a837e5b1461cec851db751344e248ec1bc3758d Mon Sep 17 00:00:00 2001 From: Owen Lamont Date: Sat, 21 Dec 2024 20:41:06 +1030 Subject: [PATCH 3/4] Make coverage only run on the main test --- .github/workflows/pytest.yml | 38 +++++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 9 deletions(-) diff --git a/.github/workflows/pytest.yml b/.github/workflows/pytest.yml index ec2a5af..d1ec42b 100644 --- a/.github/workflows/pytest.yml +++ b/.github/workflows/pytest.yml @@ -4,14 +4,6 @@ on: jobs: pytest: runs-on: ubuntu-latest - strategy: - matrix: - python-version: - - "3.9" - - "3.10" - - "3.11" - - "3.12" - - "3.13" permissions: contents: read pull-requests: write @@ -26,7 +18,7 @@ jobs: - name: Set up Python uses: actions/setup-python@v5 with: - python-version: ${{ matrix.python-version }} + python-version-file: ".python-version" - name: Install the project run: uv sync --all-extras --dev - name: Run tests with Coverage @@ -53,3 +45,31 @@ jobs: body-path: comment_body.md comment-id: ${{ steps.find-comment.outputs.comment-id }} edit-mode: replace + pytest-additional-versions: + runs-on: ubuntu-latest + strategy: + matrix: + python-version: + - "3.10" + - "3.11" + - "3.12" + - "3.13" + permissions: + contents: read + pull-requests: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Install uv + uses: astral-sh/setup-uv@v4 + with: + enable-cache: true + cache-dependency-glob: "uv.lock" + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: ${{ matrix.python-version }} + - name: Install the project + run: uv sync --all-extras --dev + - name: Run tests + run: uv run pytest tests From f10e8301a6ce0277a159fb65c81a7c027f1c46cb Mon Sep 17 00:00:00 2001 From: Owen Lamont Date: Sat, 21 Dec 2024 20:57:38 +1030 Subject: [PATCH 4/4] Updated smoke test to run against Python 3.9 and fixed a dependency bug with tomli that uncovered --- .github/workflows/release.yml | 4 ++-- pyproject.toml | 1 + uv.lock | 8 +++++--- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 31122c6..235c778 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: - uses: astral-sh/setup-uv@v3 - run: uv build - name: Smoke test (wheel) - run: uv run --isolated --no-project -p 3.13 --with dist/*.whl tests/smoke_test.py + run: uv run --isolated --no-project -p 3.9 --with dist/*.whl tests/smoke_test.py - name: Smoke test (source distribution) - run: uv run --isolated --no-project -p 3.13 --with dist/*.tar.gz tests/smoke_test.py + run: uv run --isolated --no-project -p 3.9 --with dist/*.tar.gz tests/smoke_test.py - run: uv publish --trusted-publishing always diff --git a/pyproject.toml b/pyproject.toml index 870b21f..e497ad8 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -34,6 +34,7 @@ dependencies = [ "inflect>=7.4.0", "pydantic>=2.10.3", "rich>=13.9.4", + 'tomli; python_version < "3.11"', "typer>=0.15.1", ] diff --git a/uv.lock b/uv.lock index f6e1148..43244b1 100644 --- a/uv.lock +++ b/uv.lock @@ -1209,7 +1209,7 @@ wheels = [ [[package]] name = "notebook" -version = "7.3.1" +version = "7.3.2" source = { registry = "https://pypi.org/simple" } dependencies = [ { name = "jupyter-server" }, @@ -1218,9 +1218,9 @@ dependencies = [ { name = "notebook-shim" }, { name = "tornado" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/2a/1f/6c90511ea21b4ed6444e61ec8bb4137cb8c34db0f3b82402094286babbdf/notebook-7.3.1.tar.gz", hash = "sha256:84381c2a82d867517fd25b86e986dae1fe113a70b98f03edff9b94e499fec8fa", size = 12777449 } +sdist = { url = "https://files.pythonhosted.org/packages/ea/04/ac488379d5afef43402b3fb4be2857db1a09804fecf98b9b714c741b225b/notebook-7.3.2.tar.gz", hash = "sha256:705e83a1785f45b383bf3ee13cb76680b92d24f56fb0c7d2136fe1d850cd3ca8", size = 12781804 } wheels = [ - { url = "https://files.pythonhosted.org/packages/3c/c4/764078234460706fdd2da68f1715ee42359cb24ee18b70db051cfac38455/notebook-7.3.1-py3-none-any.whl", hash = "sha256:212e1486b2230fe22279043f33c7db5cf9a01d29feb063a85cb139747b7c9483", size = 13162639 }, + { url = "https://files.pythonhosted.org/packages/22/9b/76e50ee18f183ea5fe1784a9eeaa50f2c71802e4740d6e959592b0993298/notebook-7.3.2-py3-none-any.whl", hash = "sha256:e5f85fc59b69d3618d73cf27544418193ff8e8058d5bf61d315ce4f473556288", size = 13163630 }, ] [[package]] @@ -2192,6 +2192,7 @@ dependencies = [ { name = "inflect" }, { name = "pydantic" }, { name = "rich" }, + { name = "tomli", marker = "python_full_version < '3.11'" }, { name = "typer" }, ] @@ -2231,6 +2232,7 @@ requires-dist = [ { name = "pydantic", specifier = ">=2.10.3" }, { name = "rich", specifier = ">=13.9.4" }, { name = "ruff", marker = "extra == 'jupyter'", specifier = ">=0.6.4" }, + { name = "tomli", marker = "python_full_version < '3.11'" }, { name = "tqdm", marker = "extra == 'jupyter'", specifier = ">=4.66.6" }, { name = "typer", specifier = ">=0.15.1" }, ]