Skip to content

Add support for Python 3.13 #143

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Wenzel merged 62 commits into from
Jul 16, 2025
Merged

Add support for Python 3.13 #143

Wenzel merged 62 commits into from
Jul 16, 2025

Conversation

@Harvester57
Copy link
Contributor

@Harvester57 Harvester57 commented May 29, 2025

Hi !

This PR changes the following :

  • Update CI actions to latest versions, with explicit version numbering (helps with Dependabot alerts)
  • Add a Dependabot check for Python dependencies and GitHub Actions
  • Update Python dependencies to latest versions, for main and dev
  • Most importantly, add support for Python 3.13.3

I worked on this PR to be able to build Checksec in Docker containers, and I have a working prototype based on a Chainguard Python image here: https://github.com/Harvester57/chainguard-checksec

The commit history is a bit messy, sorry about that, feel free to squash the PR :)

Harvester57 and others added 30 commits May 29, 2025 20:00
@Harvester57
Bump to Python 3.13
9524c88
@Harvester57
Remove release in CI
7dc106d
@Harvester57
Update CI actions
d93eb9b
@Harvester57
Update Poetry version
2784c76
@Harvester57
Update Poetry dependencies
9685d3d
@Harvester57
Update all Poetry dependencies
6136949
@Harvester57
Build with Python 3.13
9a95d31
@Harvester57
Enable release
b58e1d3
@Harvester57
Update LIEF version
975e11c
@Harvester57
Update dependencies
abebfa6
@Harvester57
Create dependabot.yml
b09b69f
@dependabot
build(deps-dev): bump coverage from 5.3 to 7.8.2
202c8ec 
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.3 to 7.8.2.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](coveragepy/coveragepy@coverage-5.3...7.8.2)

---
updated-dependencies:
- dependency-name: coverage
  dependency-version: 7.8.2
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@Harvester57
Merge pull request #1 from Harvester57/dependabot/pip/coverage-7.8.2
a6f34a2 
build(deps-dev): bump coverage from 5.3 to 7.8.2
@dependabot
build(deps-dev): bump mypy from 1.2.0 to 1.16.0
e1a2d74 
Bumps [mypy](https://github.com/python/mypy) from 1.2.0 to 1.16.0.
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.2.0...v1.16.0)

---
updated-dependencies:
- dependency-name: mypy
  dependency-version: 1.16.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@Harvester57
Merge pull request #2 from Harvester57/dependabot/pip/mypy-1.16.0
08bcf28 
build(deps-dev): bump mypy from 1.2.0 to 1.16.0
@dependabot
build(deps-dev): bump black from 24.3.0 to 25.1.0
96492c2 
Bumps [black](https://github.com/psf/black) from 24.3.0 to 25.1.0.
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](psf/black@24.3.0...25.1.0)

---
updated-dependencies:
- dependency-name: black
  dependency-version: 25.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@Harvester57
Merge pull request #3 from Harvester57/dependabot/pip/black-25.1.0
aec54a0 
build(deps-dev): bump black from 24.3.0 to 25.1.0
@dependabot
build(deps-dev): bump poethepoet from 0.20.0 to 0.34.0
4aa138c 
Bumps [poethepoet](https://github.com/nat-n/poethepoet) from 0.20.0 to 0.34.0.
- [Release notes](https://github.com/nat-n/poethepoet/releases)
- [Commits](nat-n/poethepoet@v0.20.0...v0.34.0)

---
updated-dependencies:
- dependency-name: poethepoet
  dependency-version: 0.34.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@Harvester57
Merge pull request #4 from Harvester57/dependabot/pip/poethepoet-0.34.0
66df436 
build(deps-dev): bump poethepoet from 0.20.0 to 0.34.0
@dependabot
build(deps-dev): bump pytest from 7.2.0 to 8.3.5
cbc3853 
Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.2.0 to 8.3.5.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@7.2.0...8.3.5)

---
updated-dependencies:
- dependency-name: pytest
  dependency-version: 8.3.5
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@Harvester57
Merge pull request #5 from Harvester57/dependabot/pip/pytest-8.3.5
a3d853b 
build(deps-dev): bump pytest from 7.2.0 to 8.3.5
@Harvester57
Update lock file
91bfbd5
@Harvester57
Restore CI publishing
98d0d9f
@Harvester57
Add Dependabot check for GH Actions
de05a34
@dependabot
build(deps-dev): bump isort from 5.10.1 to 6.0.1
c4d0eb7 
Bumps [isort](https://github.com/PyCQA/isort) from 5.10.1 to 6.0.1.
- [Release notes](https://github.com/PyCQA/isort/releases)
- [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md)
- [Commits](PyCQA/isort@5.10.1...6.0.1)

---
updated-dependencies:
- dependency-name: isort
  dependency-version: 6.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@Harvester57
Merge pull request #6 from Harvester57/dependabot/pip/isort-6.0.1
62f26dd 
build(deps-dev): bump isort from 5.10.1 to 6.0.1
@Harvester57
Update lock file
4d54556
@Harvester57
Explicit version for CI action
3e06b77
@dependabot
build(deps-dev): bump pytest from 8.3.5 to 8.4.0
a923bb3 
Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.3.5 to 8.4.0.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.3.5...8.4.0)

---
updated-dependencies:
- dependency-name: pytest
  dependency-version: 8.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@Harvester57
Update dependabot.yml
cd832ef
Harvester57 and others added 2 commits June 22, 2025 19:09
@Harvester57
Merge pull request #16 from Harvester57/dependabot/pip/pip-dependenci…
fd3526e 
…es-f66fd8ff8a

build(deps-dev): bump the pip-dependencies group across 1 directory with 5 updates
@Harvester57
Update Poetry lock file
850a47f
@Harvester57
Copy link
Contributor Author

Harvester57 commented Jun 22, 2025

Hi, Poetry lock file has been updated, and the CI is running fine now :)

Harvester57 and others added 17 commits June 22, 2025 19:18
@Harvester57
Explicit versions in action.yml
0baa6bd
@Harvester57
Merge pull request #17 from Harvester57/Action-improvement
15a61b7 
Explicit versions in action.yml and fix a typo in the cache key
@Harvester57
Only specify the major version
ef9efef
@Harvester57
Update section name
47a7ccc
@dependabot
build(deps-dev): bump poethepoet in the pip-dependencies group
e66de53 
Bumps the pip-dependencies group with 1 update: [poethepoet](https://github.com/nat-n/poethepoet).


Updates `poethepoet` from 0.35.0 to 0.35.1
- [Release notes](https://github.com/nat-n/poethepoet/releases)
- [Commits](nat-n/poethepoet@v0.35.0...v0.35.1)

---
updated-dependencies:
- dependency-name: poethepoet
  dependency-version: 0.35.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: pip-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@Harvester57
Merge pull request #19 from Harvester57/dependabot/pip/pip-dependenci…
62c28cd 
…es-b9a0c03b41

build(deps-dev): bump poethepoet from 0.35.0 to 0.35.1 in the pip-dependencies group
@stepsecurity-app
[StepSecurity] Apply security best practices
9af031e 
Signed-off-by: StepSecurity Bot <[email protected]>
@dependabot
build(deps-dev): bump the pip-dependencies group across 1 directory w…
b1b70c8 
…ith 2 updates

Bumps the pip-dependencies group with 2 updates in the / directory: [coverage](https://github.com/nedbat/coveragepy) and [poethepoet](https://github.com/nat-n/poethepoet).


Updates `coverage` from 7.9.1 to 7.9.2
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](coveragepy/coveragepy@7.9.1...7.9.2)

Updates `poethepoet` from 0.35.1 to 0.36.0
- [Release notes](https://github.com/nat-n/poethepoet/releases)
- [Commits](nat-n/poethepoet@v0.35.1...v0.36.0)

---
updated-dependencies:
- dependency-name: coverage
  dependency-version: 7.9.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: pip-dependencies
- dependency-name: poethepoet
  dependency-version: 0.36.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@Harvester57
Merge pull request #22 from Harvester57/dependabot/pip/pip-dependenci…
3de3159 
…es-682f510d6e

build(deps-dev): bump the pip-dependencies group across 1 directory with 2 updates
@dependabot
build(deps-dev): bump pyinstaller in the pip-dependencies group
e4767bf 
Bumps the pip-dependencies group with 1 update: [pyinstaller](https://github.com/pyinstaller/pyinstaller).


Updates `pyinstaller` from 6.14.1 to 6.14.2
- [Release notes](https://github.com/pyinstaller/pyinstaller/releases)
- [Changelog](https://github.com/pyinstaller/pyinstaller/blob/develop/doc/CHANGES.rst)
- [Commits](pyinstaller/pyinstaller@v6.14.1...v6.14.2)

---
updated-dependencies:
- dependency-name: pyinstaller
  dependency-version: 6.14.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: pip-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@Harvester57
Merge pull request #23 from Harvester57/dependabot/pip/pip-dependenci…
d2f8859 
…es-c986b8c925

build(deps-dev): bump pyinstaller from 6.14.1 to 6.14.2 in the pip-dependencies group
@Harvester57
Remove Runner hardening steps
c9256db
@Harvester57
Merge pull request #21 from Harvester57:chore/GHA-020022-stepsecurity…
dc5b39a 
…-remediation

Pin Actions with SHA, and update to latest revision
@Harvester57
Update Dependabot configuration
e580069
@Harvester57
CI: only allow default updates
6b5d95c
@Harvester57
Fix typos
fc41227
@Harvester57
Reviewers is depreacted
004628d
@ffontaine ffontaine mentioned this pull request Jul 10, 2025
Closed
@Wenzel
Copy link
Owner

Wenzel commented Jul 10, 2025

Just checking in

What's the progress on this PR ?
As i see every push as an email in my inbox 📧

@Harvester57
Copy link
Contributor Author

Harvester57 commented Jul 10, 2025

Ah my bad then, apologies for that ! I thought you didn't see my previous comment ! Well all the jobs should be running fine now, could you approve the workflow to check ? And if everything is good for you, you can merge, no problem :)

I have other ideas of improvements for the pipeline, I can open an issue to discuss them if you'd like.

@ioancea ioancea mentioned this pull request Jul 15, 2025
Open
@Wenzel Wenzel merged commit a7fa7e0 into Wenzel:master Jul 16, 2025
9 checks passed
@Wenzel
Copy link
Owner

Wenzel commented Jul 16, 2025

Just merged, but let's confirm that the whole release pipeline passes as well

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Harvester57 @Wenzel