Build

Use official setup-uv action and built-in caching #1555

	name: Build

	on:
	push:
	branches: [main]
	tags: ['v*']
	pull_request:
	branches: [main]
	workflow_dispatch:
	env:
	LATEST_PY_VERSION: '3.13'
	PYTEST_VERBOSE: 'true'

	jobs:
	# Run unit tests for each supported python version
	test:
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	python-version: ['3.8', '3.9', '3.10', '3.11', '3.12', '3.13']

	steps:
	# Install prereqs and dependencies, with caching
	- uses: actions/checkout@v4
	- uses: actions/setup-python@v5
	with:
	python-version: ${{ matrix.python-version }}
	- uses: astral-sh/setup-uv@v5
	with:
	enable-cache: true
	cache-dependency-glob: uv.lock
	- name: Install dependencies
	if: steps.cache.outputs.cache-hit != 'true'
	run: uv sync

	# Run tests with coverage report
	- name: Run tests
	run: uv run nox -e cov -- xml

	# Latest python version: send coverage report to codecov
	- name: "Upload coverage report to Codecov"
	if: ${{ matrix.python-version == env.LATEST_PY_VERSION }}
	uses: codecov/codecov-action@v5

	# Run code analysis checks via pre-commit hooks
	analyze:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-python@v5
	with:
	python-version: ${{ env.LATEST_PY_VERSION }}
	- name: Run style checks & linting
	uses: pre-commit/[email protected]
	- name: Scan dependencies for known vulnerabilities
	uses: pypa/[email protected]
	with:
	vulnerability-service: osv
	# Ignore issues with pip and setuptools versions used by the action itself
	ignore-vulns: \|
	GHSA-cx63-2mw6-8hw5
	PYSEC-2023-228
	PYSEC-2022-43012

Provide feedback