forked from sigstore/sigstore-python
-
Notifications
You must be signed in to change notification settings - Fork 0
/
pyproject.toml
146 lines (135 loc) · 4.03 KB
/
pyproject.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
[build-system]
requires = ["flit_core >=3.2,<4"]
build-backend = "flit_core.buildapi"
[project]
name = "sigstore"
dynamic = ["version"]
description = "A tool for signing Python package distributions"
readme = "README.md"
license = { file = "LICENSE" }
authors = [
{ name = "Sigstore Authors", email = "[email protected]" }
]
classifiers = [
"License :: OSI Approved :: Apache Software License",
"Programming Language :: Python :: 3 :: Only",
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3.7",
"Programming Language :: Python :: 3.8",
"Programming Language :: Python :: 3.9",
"Programming Language :: Python :: 3.10",
"Programming Language :: Python :: 3.11",
"Development Status :: 4 - Beta",
"Intended Audience :: Developers",
"Topic :: Security",
"Topic :: Security :: Cryptography",
]
dependencies = [
"appdirs ~= 1.4",
"cryptography >= 39",
"id >= 1.0.0",
"importlib_resources ~= 5.7; python_version < '3.11'",
"pydantic ~= 1.10",
"pyjwt >= 2.1",
"pyOpenSSL >= 23.0.0",
"requests",
"securesystemslib",
"sigstore-protobuf-specs ~= 0.1.0",
"tuf >= 2.1,< 4.0",
]
requires-python = ">=3.7"
[project.scripts]
sigstore = "sigstore._cli:main"
[project.urls]
Homepage = "https://pypi.org/project/sigstore/"
Issues = "https://github.com/sigstore/sigstore-python/issues"
Source = "https://github.com/sigstore/sigstore-python"
Documentation = "https://sigstore.github.io/sigstore-python/"
[project.optional-dependencies]
test = [
"pytest",
"pytest-cov",
"pretend",
"coverage[toml]",
]
lint = [
"bandit",
"black",
"isort",
"interrogate",
"mypy ~= 1.1",
# NOTE(ww): ruff is under active development, so we pin conservatively here
# and let Dependabot periodically perform this update.
"ruff < 0.0.277",
"types-requests",
# Needed for protocol typing in 3.7; remove when our minimum Python is 3.8.
"typing-extensions; python_version < '3.8'",
# TODO(ww): Re-enable once dependency on types-cryptography is dropped.
# See: https://github.com/python/typeshed/issues/8699
# "types-pyOpenSSL",
]
doc = [
"pdoc",
]
dev = [
"build",
"bump >= 1.3.2",
"sigstore[doc,test,lint]",
]
[tool.isort]
multi_line_output = 3
known_first_party = "sigstore"
include_trailing_comma = true
[tool.coverage.run]
# branch coverage in addition to statement coverage.
branch = true
# FIXME(jl): currently overridden. see: https://pytest-cov.readthedocs.io/en/latest/config.html
# include machine name, process id, and a random number in `.coverage-*` so each file is distinct.
parallel = true
# store relative path info for aggregation across runs with potentially differing filesystem layouts.
# see: https://coverage.readthedocs.io/en/7.1.0/config.html#config-run-relative-files
relative_files = true
# don't attempt code coverage for the CLI entrypoints
omit = ["sigstore/_cli.py"]
[tool.coverage.report]
exclude_lines = [
"@abc.abstractmethod",
"@typing.overload",
"if typing.TYPE_CHECKING",
]
[tool.interrogate]
# don't enforce documentation coverage for packaging, testing, the virtual
# environment, or the CLI (which is documented separately).
exclude = ["env", "test", "sigstore/_cli.py"]
ignore-semiprivate = true
ignore-private = true
# Ignore nested classes for docstring coverage because we use them primarily
# for pydantic model configuration.
ignore-nested-classes = true
fail-under = 100
[tool.mypy]
allow_redefinition = true
check_untyped_defs = true
disallow_incomplete_defs = true
disallow_untyped_defs = true
ignore_missing_imports = true
no_implicit_optional = true
show_error_codes = true
sqlite_cache = true
strict_equality = true
warn_no_return = true
warn_redundant_casts = true
warn_return_any = true
warn_unreachable = true
warn_unused_configs = true
warn_unused_ignores = true
plugins = ["pydantic.mypy"]
[tool.bandit]
exclude_dirs = ["./test"]
[tool.ruff]
# Never enforce `E501` (line length violations).
ignore = ["E501"]
# TODO: Enable "UP" here once Pydantic allows us to:
# See: https://github.com/pydantic/pydantic/issues/4146
select = ["E", "F", "W"]
target-version = "py37"