From ee3e8efb51969aa6492eae87061f0d59d39c4fdf Mon Sep 17 00:00:00 2001 From: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> Date: Mon, 24 Jun 2024 17:28:24 +0300 Subject: [PATCH 1/3] Add linters and update pre-commit --- .pre-commit-config.yaml | 25 +++++++++++++++++++------ pyproject.toml | 31 ++++++++++++++++++------------- 2 files changed, 37 insertions(+), 19 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f331b4f..f78f4ac 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,18 +1,19 @@ repos: - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.3.5 + rev: v0.4.10 hooks: - id: ruff - args: [--fix, --exit-non-zero-on-fix] + args: [--exit-non-zero-on-fix] - repo: https://github.com/psf/black-pre-commit-mirror - rev: 24.3.0 + rev: 24.4.2 hooks: - id: black - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.5.0 + rev: v4.6.0 hooks: + - id: check-added-large-files - id: check-case-conflict - id: check-executables-have-shebangs - id: check-merge-conflict @@ -22,16 +23,28 @@ repos: - id: debug-statements - id: end-of-file-fixer exclude: ^src/em_keyboard/emojis.json$ + - id: forbid-submodules - id: trailing-whitespace + - repo: https://github.com/python-jsonschema/check-jsonschema + rev: 0.28.5 + hooks: + - id: check-github-workflows + - id: check-renovate + + - repo: https://github.com/rhysd/actionlint + rev: v1.7.1 + hooks: + - id: actionlint + - repo: https://github.com/tox-dev/pyproject-fmt - rev: 1.7.0 + rev: 1.8.0 hooks: - id: pyproject-fmt additional_dependencies: [tox] - repo: https://github.com/abravalheri/validate-pyproject - rev: v0.16 + rev: v0.18 hooks: - id: validate-pyproject diff --git a/pyproject.toml b/pyproject.toml index bbf2520..24b212d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -61,27 +61,32 @@ version.source = "vcs" local_scheme = "no-local-version" [tool.ruff] +fix = true + +[tool.ruff.lint] select = [ - "C4", # flake8-comprehensions - "E", # pycodestyle errors - "EM", # flake8-errmsg - "F", # pyflakes errors - "I", # isort - "ISC", # flake8-implicit-str-concat - "PGH", # pygrep-hooks + "C4", # flake8-comprehensions + "E", # pycodestyle errors + "EM", # flake8-errmsg + "F", # pyflakes errors + "I", # isort + "ISC", # flake8-implicit-str-concat + "LOG", # flake8-logging + "PGH", # pygrep-hooks + "PYI", # flake8-pyi "RUF100", # unused noqa (yesqa) - "UP", # pyupgrade - "W", # pycodestyle warnings - "YTT", # flake8-2020 - # "LOG", # TODO: enable flake8-logging when it's not in preview anymore + "RUF022", # unsorted-dunder-all + "UP", # pyupgrade + "W", # pycodestyle warnings + "YTT", # flake8-2020 ] -extend-ignore = [ +ignore = [ "E203", # Whitespace before ':' "E221", # Multiple spaces before operator "E226", # Missing whitespace around arithmetic operator "E241", # Multiple spaces after ',' ] -[tool.ruff.isort] +[tool.ruff.lint.isort] known-first-party = ["em_keyboard"] required-imports = ["from __future__ import annotations"] From 6439db7874fe60fc527f217b1682073586c01b2b Mon Sep 17 00:00:00 2001 From: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> Date: Mon, 24 Jun 2024 17:29:18 +0300 Subject: [PATCH 2/3] Update config --- .github/workflows/lint.yml | 2 ++ .github/workflows/test.yml | 7 +++++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 88c0c7c..d553e49 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -4,6 +4,7 @@ on: [push, pull_request, workflow_dispatch] env: FORCE_COLOR: 1 + PIP_DISABLE_PIP_VERSION_CHECK: 1 permissions: contents: read @@ -17,4 +18,5 @@ jobs: - uses: actions/setup-python@v5 with: python-version: "3.x" + cache: pip - uses: pre-commit/action@v3.0.1 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index ef72d7f..3532410 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -2,8 +2,12 @@ name: Test on: [push, pull_request, workflow_dispatch] +permissions: + contents: read + env: FORCE_COLOR: 1 + PIP_DISABLE_PIP_VERSION_CHECK: 1 jobs: test: @@ -27,7 +31,6 @@ jobs: - name: Install dependencies run: | python -m pip install -U pip - python -m pip install -U wheel python -m pip install -U tox - name: Tox tests @@ -52,7 +55,7 @@ jobs: uses: codecov/codecov-action@v3.1.5 with: flags: ${{ matrix.os }} - name: ${{ matrix.os }} Python ${{ matrix.python-version }} + name: "${{ matrix.os }} Python ${{ matrix.python-version }}" success: needs: test From 27e9bbcac652589ffb888383add861c3a31838c4 Mon Sep 17 00:00:00 2001 From: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> Date: Mon, 24 Jun 2024 17:31:03 +0300 Subject: [PATCH 3/3] Attest build provenance of artifacts --- .github/workflows/deploy.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 932fa6b..d5abdb8 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -14,6 +14,9 @@ on: permissions: contents: read +env: + FORCE_COLOR: 1 + jobs: # Always build & lint package. build-package: @@ -38,6 +41,7 @@ jobs: needs: build-package permissions: + attestations: write id-token: write steps: @@ -47,6 +51,11 @@ jobs: name: Packages path: dist + - name: Attest build provenance + uses: actions/attest-build-provenance@v1 + with: + subject-path: "dist/*" + - name: Upload package to Test PyPI uses: pypa/gh-action-pypi-publish@release/v1 with: @@ -62,6 +71,7 @@ jobs: needs: build-package permissions: + attestations: write id-token: write steps: @@ -71,5 +81,10 @@ jobs: name: Packages path: dist + - name: Attest build provenance + uses: actions/attest-build-provenance@v1 + with: + subject-path: "dist/*" + - name: Upload package to PyPI uses: pypa/gh-action-pypi-publish@release/v1