Skeletonize the project #125
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Lineage pull request for: skeleton
…rements Add the mypy Package to the Development Package Requirements
Update Package Metadata
I noticed the following warning when looking at GHA workflow runs: 1 issue was detected with this workflow: git checkout HEAD^2 is no longer necessary. Please remove this step as Code Scanning recommends analyzing the merge commit for best results. After looking into it I updated the workflow per this page on GitHub Docs: https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow#warning-git-checkout-head2-is-no-longer-necessary
Update CodeQL Workflow for GitHub Actions
coveralls-python has better integration with running in GitHub Actions now, so we can use the automatically generated GITHUB_TOKEN secret instead of manually setting a COVERALLS_REPO_TOKEN secret for each repository.
We already ran our tests in parallel for each major version of Python a project supports. This change should better differentiate each test job run in the reports submitted.
This should resolve the following error: Error: Workflows triggered by Dependabot on the "push" event run with read-only access. Uploading Code Scanning results requires write access. To use Code Scanning with Dependabot, please ensure you are using the "pull_request" event for this workflow and avoid triggering on the "push" event for Dependabot branches. See https://docs.github.com/en/code-security/secure-coding/configuring-code-scanning#scanning-on-push for more information on how to configure these events.
* Add a comment describing what the files does. * Add sections to organize patterns.
Due to her departure this removes hillaryj from the default CODEOWNERS we use in our projects.
Adds a comment to direct additional requirements into setup.py
…or_dependabot_branches Skip CodeQL Workflow for Dependabot Branches on push Events
…configuration Update coveralls-python Configuration in GitHub Actions Workflow
Hooks updated with the `pre-commit autoupdate` command. Note: The `ansible-lint` hook is intentionally being held back on 4.3.7 because of ongoing issues with the 5.x version and how we use Ansible (standalone Galaxy roles).
With the release of pyenv v2.0.0 there is a breaking change around startup logic that necessitates an update for our pyenv setup instructions. Also add a statement about how to get configuration instructions from pyenv itself.
Update pre-commit Hooks
…owners Remove User from CODEOWNERS
…ctions Update Instructions for Configuring pyenv
Improve gitignore file comments and organization.
The cisagov/skeleton-python-library project does not use MANIFEST.in or setup.cfg. It also does not use Tox. Therefore all of these configuration files should be removed for the sake of consistency.
These files should not be executable.
Update the Dockerfile to account for changes to the package structure.
Add the changes made from running the `pyupgrade` pre-commit hook against the project.
Add the changes made from running the `isort` pre-commit hook against the project.
Make the necessary changes to pass the `markdownlint` pre-commit hook.
Make the necessary changes to pass the `mypy` pre-commit hook.
Make the necessary changes to pass the `flake8` pre-commit hook. This is almost exclusively to satisfy the flake8-docstring plugin.
mcdonnnj
added
improvement
dav3r
reviewed
Jan 23, 2023
dav3r
reviewed
Jan 23, 2023
dav3r
approved these changes
Jan 23, 2023
Use the correct package source for coverage information that is generated and sent to Coveralls. Co-authored-by: dav3r <daver@geekpad.com>
Co-authored-by: dav3r <daver@geekpad.com>
jsf9k
approved these changes
Jan 23, 2023
6 tasks
cisagovbot
pushed a commit
that referenced
this pull request
Dec 19, 2023
…for-codeql-workflow Add a diagnostics job to the CodeQL workflow
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🗣 Description
This pull request skeletonizes this project from [cisagov/skeleton-python-library].
💭 Motivation and context
🧪 Testing
Automated tests pass.
✅ Pre-approval checklist
to reflect the changes in this PR.
✅ Pre-merge checklist
✅ Post-merge checklist
[cisagov/skeleton-python-library](https://github.com/cisagov/skeleton-python-library