Skip to content

Commit

Permalink
use pip-compile and dependabot grouped updates (#2810)
Browse files Browse the repository at this point in the history
  • Loading branch information
davidism authored Nov 10, 2023
2 parents f3c803b + 71d220e commit 946acfd
Show file tree
Hide file tree
Showing 14 changed files with 235 additions and 137 deletions.
23 changes: 16 additions & 7 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,18 @@
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "monthly"
day: "monday"
time: "16:00"
timezone: "UTC"
- package-ecosystem: github-actions
directory: /
schedule:
interval: monthly
groups:
github-actions:
patterns:
- '*'
- package-ecosystem: pip
directory: /requirements/
schedule:
interval: monthly
groups:
python-requirements:
patterns:
- '*'
10 changes: 5 additions & 5 deletions .github/workflows/lock.yaml
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
name: 'Lock threads'
# Lock closed issues that have not received any further activity for
# two weeks. This does not close open issues, only humans may do that.
# We find that it is easier to respond to new issues with fresh examples
# rather than continuing discussions on old issues.
name: 'Lock inactive closed issues'
# Lock closed issues that have not received any further activity for two weeks.
# This does not close open issues, only humans may do that. We find that it is
# easier to respond to new issues with fresh examples rather than continuing
# discussions on old issues.

on:
schedule:
Expand Down
19 changes: 9 additions & 10 deletions .github/workflows/publish.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,12 @@ jobs:
outputs:
hash: ${{ steps.hash.outputs.hash }}
steps:
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
- uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236
with:
python-version: '3.x'
cache: 'pip'
cache-dependency-path: 'requirements/*.txt'
cache: pip
cache-dependency-path: requirements*/*.txt
- run: pip install -r requirements/build.txt
# Use the commit date instead of the current date during the build.
- run: echo "SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV
Expand All @@ -23,11 +23,11 @@ jobs:
- name: generate hash
id: hash
run: cd dist && echo "hash=$(sha256sum * | base64 -w0)" >> $GITHUB_OUTPUT
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
with:
path: ./dist
provenance:
needs: ['build']
needs: [build]
permissions:
actions: read
id-token: write
Expand All @@ -39,7 +39,7 @@ jobs:
create-release:
# Upload the sdist, wheels, and provenance to a GitHub release. They remain
# available as build artifacts for a while as well.
needs: ['provenance']
needs: [provenance]
runs-on: ubuntu-latest
permissions:
contents: write
Expand All @@ -53,16 +53,15 @@ jobs:
env:
GH_TOKEN: ${{ github.token }}
publish-pypi:
needs: ['provenance']
needs: [provenance]
# Wait for approval before attempting to upload to PyPI. This allows reviewing the
# files in the draft release.
environment: 'publish'
environment: publish
runs-on: ubuntu-latest
permissions:
id-token: write
steps:
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
# Try uploading to Test PyPI first, in case something fails.
- uses: pypa/gh-action-pypi-publish@b7f401de30cb6434a1e19f805ff006643653240e
with:
repository-url: https://test.pypi.org/legacy/
Expand Down
21 changes: 9 additions & 12 deletions .github/workflows/tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,6 @@ on:
- '*.md'
- '*.rst'
pull_request:
branches:
- main
- '*.x'
paths-ignore:
- 'docs/**'
- '*.md'
Expand All @@ -24,24 +21,24 @@ jobs:
fail-fast: false
matrix:
include:
- {name: Linux, python: '3.11', os: ubuntu-latest, tox: py311}
- {name: Windows, python: '3.11', os: windows-latest, tox: py311}
- {name: Mac, python: '3.11', os: macos-latest, tox: py311}
- {name: '3.12-dev', python: '3.12-dev', os: ubuntu-latest, tox: py312}
- {name: Linux, python: '3.12', os: ubuntu-latest, tox: py312}
- {name: Windows, python: '3.12', os: windows-latest, tox: py312}
- {name: Mac, python: '3.12', os: macos-latest, tox: py312}
- {name: '3.11', python: '3.11', os: ubuntu-latest, tox: py311}
- {name: '3.10', python: '3.10', os: ubuntu-latest, tox: py310}
- {name: '3.9', python: '3.9', os: ubuntu-latest, tox: py39}
- {name: '3.8', python: '3.8', os: ubuntu-latest, tox: py38}
- {name: 'PyPy', python: 'pypy-3.10', os: ubuntu-latest, tox: pypy310}
- {name: Typing, python: '3.11', os: ubuntu-latest, tox: typing}
- {name: Typing, python: '3.12', os: ubuntu-latest, tox: typing}
steps:
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744
- uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236
with:
python-version: ${{ matrix.python }}
cache: 'pip'
cache-dependency-path: 'requirements/*.txt'
cache-dependency-path: requirements*/*.txt
- name: cache mypy
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84
with:
path: ./.mypy_cache
key: mypy|${{ matrix.python }}|${{ hashFiles('pyproject.toml') }}
Expand Down
4 changes: 0 additions & 4 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29,10 +29,6 @@ repos:
additional_dependencies:
- flake8-bugbear
- flake8-implicit-str-concat
- repo: https://github.com/peterdemin/pip-compile-multi
rev: v2.6.3
hooks:
- id: pip-compile-multi-verify
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.4.0
hooks:
Expand Down
4 changes: 2 additions & 2 deletions .readthedocs.yaml
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
version: 2
build:
os: ubuntu-20.04
os: ubuntu-22.04
tools:
python: "3.10"
python: "3.12"
python:
install:
- requirements: requirements/docs.txt
Expand Down
13 changes: 6 additions & 7 deletions requirements/build.txt
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
# SHA1:80754af91bfb6d1073585b046fe0a474ce868509
#
# This file is autogenerated by pip-compile-multi
# To update, run:
# This file is autogenerated by pip-compile with Python 3.11
# by the following command:
#
# pip-compile-multi
# pip-compile build.in
#
build==0.10.0
# via -r requirements/build.in
packaging==23.1
build==1.0.3
# via -r build.in
packaging==23.2
# via build
pyproject-hooks==1.0.0
# via build
2 changes: 1 addition & 1 deletion requirements/dev.in
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
-r docs.in
-r tests.in
-r typing.in
pip-compile-multi
pip-tools
pre-commit
tox
162 changes: 129 additions & 33 deletions requirements/dev.txt
Original file line number Diff line number Diff line change
@@ -1,62 +1,158 @@
# SHA1:54b5b77ec8c7a0064ffa93b2fd16cb0130ba177c
#
# This file is autogenerated by pip-compile-multi
# To update, run:
# This file is autogenerated by pip-compile with Python 3.11
# by the following command:
#
# pip-compile-multi
# pip-compile dev.in
#
-r docs.txt
-r tests.txt
-r typing.txt
build==0.10.0
alabaster==0.7.13
# via sphinx
babel==2.13.1
# via sphinx
build==1.0.3
# via pip-tools
cachetools==5.3.1
cachetools==5.3.2
# via tox
cfgv==3.3.1
certifi==2023.7.22
# via requests
cffi==1.16.0
# via cryptography
cfgv==3.4.0
# via pre-commit
chardet==5.1.0
chardet==5.2.0
# via tox
click==8.1.3
# via
# pip-compile-multi
# pip-tools
charset-normalizer==3.3.2
# via requests
click==8.1.7
# via pip-tools
colorama==0.4.6
# via tox
distlib==0.3.6
cryptography==41.0.5
# via -r tests.in
distlib==0.3.7
# via virtualenv
filelock==3.12.2
docutils==0.20.1
# via sphinx
ephemeral-port-reserve==1.1.4
# via -r tests.in
filelock==3.13.1
# via
# tox
# virtualenv
identify==2.5.24
greenlet==3.0.1
# via -r tests.in
identify==2.5.31
# via pre-commit
idna==3.4
# via requests
imagesize==1.4.1
# via sphinx
iniconfig==2.0.0
# via pytest
jinja2==3.1.2
# via sphinx
markupsafe==2.1.3
# via jinja2
mypy==1.6.1
# via -r typing.in
mypy-extensions==1.0.0
# via mypy
nodeenv==1.8.0
# via pre-commit
pip-compile-multi==2.6.3
# via -r requirements/dev.in
pip-tools==6.13.0
# via pip-compile-multi
platformdirs==3.8.0
packaging==23.2
# via
# build
# pallets-sphinx-themes
# pyproject-api
# pytest
# sphinx
# tox
pallets-sphinx-themes==2.1.1
# via -r docs.in
pip-tools==7.3.0
# via -r dev.in
platformdirs==3.11.0
# via
# tox
# virtualenv
pre-commit==3.3.3
# via -r requirements/dev.in
pyproject-api==1.5.2
pluggy==1.3.0
# via
# pytest
# tox
pre-commit==3.5.0
# via -r dev.in
psutil==5.9.6
# via pytest-xprocess
pycparser==2.21
# via cffi
pygments==2.16.1
# via sphinx
pyproject-api==1.6.1
# via tox
pyproject-hooks==1.0.0
# via build
pyyaml==6.0
pytest==7.4.3
# via
# -r tests.in
# pytest-timeout
# pytest-xprocess
pytest-timeout==2.2.0
# via -r tests.in
pytest-xprocess==0.23.0
# via -r tests.in
pyyaml==6.0.1
# via pre-commit
toposort==1.10
# via pip-compile-multi
tox==4.6.3
# via -r requirements/dev.in
virtualenv==20.23.1
requests==2.31.0
# via sphinx
snowballstemmer==2.2.0
# via sphinx
sphinx==7.2.6
# via
# -r docs.in
# pallets-sphinx-themes
# sphinx-issues
# sphinxcontrib-applehelp
# sphinxcontrib-devhelp
# sphinxcontrib-htmlhelp
# sphinxcontrib-log-cabinet
# sphinxcontrib-qthelp
# sphinxcontrib-serializinghtml
sphinx-issues==3.0.1
# via -r docs.in
sphinxcontrib-applehelp==1.0.7
# via sphinx
sphinxcontrib-devhelp==1.0.5
# via sphinx
sphinxcontrib-htmlhelp==2.0.4
# via sphinx
sphinxcontrib-jsmath==1.0.1
# via sphinx
sphinxcontrib-log-cabinet==1.0.1
# via -r docs.in
sphinxcontrib-qthelp==1.0.6
# via sphinx
sphinxcontrib-serializinghtml==1.1.9
# via sphinx
tox==4.11.3
# via -r dev.in
types-contextvars==2.4.7.3
# via -r typing.in
types-dataclasses==0.6.6
# via -r typing.in
types-setuptools==68.2.0.1
# via -r typing.in
typing-extensions==4.8.0
# via mypy
urllib3==2.0.7
# via requests
virtualenv==20.24.6
# via
# pre-commit
# tox
wheel==0.40.0
watchdog==3.0.0
# via
# -r tests.in
# -r typing.in
wheel==0.41.3
# via pip-tools

# The following packages are considered to be unsafe in a requirements file:
Expand Down
4 changes: 2 additions & 2 deletions requirements/docs.in
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Pallets-Sphinx-Themes
Sphinx
pallets-sphinx-themes
sphinx
sphinx-issues
sphinxcontrib-log-cabinet
Loading

0 comments on commit 946acfd

Please sign in to comment.