Merge branch 'main' into pep-735

Author: bmos

.github/workflows/python-checks.yml

@@ -12,6 +12,20 @@ on:
 
 permissions: read-all
 
+env:
+  CACHE_GLOBS: |
+    **/pyproject.toml
+    **/requirements*.txt
+    **/setup.py
+    **/uv.lock
+  ENDPOINT_WHITELIST: >-
+    pypi.org:443
+    github.com:443
+    releases.astral.sh
+    files.pythonhosted.org:443
+    *.github.com:443
+    *.githubusercontent.com:443
+
 jobs:
   pytest:
     runs-on: ${{ matrix.os }}
@@ -24,7 +38,6 @@ jobs:
           - '3.11'
           - '3.12'
           - '3.13'
-          - '3.14'
         os:
           - ubuntu-latest
           - windows-latest
@@ -41,19 +54,28 @@ jobs:
       - uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b
         with:
           disable-sudo: true
-          egress-policy: audit
+          egress-policy: block
+          allowed-endpoints: auth.docker.io:443 ${{ env.ENDPOINT_WHITELIST}}
+
+      - id: pytest-run-key
+        run: |
+          echo "\
+          RUN_KEY=\
+          ${{ hashFiles('pyproject.toml') }}\
+          -${{ matrix.os }}\
+          -${{ matrix.python-version }}\
+          -${{ matrix.resolution }}\
+          " >> $GITHUB_ENV
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
 
-      - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405
+      - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098
         with:
           python-version: ${{ matrix.python-version }}
-          cache: pip
-
-      - uses: install-pinned/uv@4d66dd6355704140c330bc2a2e6291cbf3bcb67f
+          activate-environment: true
+          cache-dependency-glob: ${{ env.CACHE_GLOBS }}
 
       - if: matrix.resolution != 'limited-dependencies'
-        continue-on-error: ${{ contains(matrix.python-version, '3.14') }}
         run: >-
           uv sync
           --upgrade
@@ -62,10 +84,9 @@ jobs:
           --all-extras
           --resolution ${{ matrix.resolution }}
 
-      - if: matrix.resolution == 'limited-dependencies'
-        continue-on-error: ${{ contains(matrix.python-version, '3.14') }}
-        env:
-            PARSONS_LIMITED_DEPENDENCIES: 'TRUE'
+      - env:
+          UV_RESOLUTION: ${{ matrix.resolution == 'limited-dependencies' && 'highest' || matrix.resolution }}
+          PARSONS_LIMITED_DEPENDENCIES: ${{ matrix.resolution == 'limited-dependencies' && 'TRUE' || 'FALSE' }}
         run: >-
           uv sync
           --upgrade
@@ -77,23 +98,16 @@ jobs:
         uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306
         with:
           path: .pytest_cache
-          key: >-
-            pytest
-            -${{ matrix.python-version }}
-            -${{ matrix.os }}
-            -${{ matrix.resolution }}
-            -${{ hashFiles('pyproject.toml') }}
+          key: pytest-${{ env.RUN_KEY }}
 
       - env:
-          COVERAGE_FILE: ".coverage.${{ matrix.os }}.${{ matrix.python-version }}.${{ matrix.resolution }}"
-        continue-on-error: ${{ contains(matrix.python-version, '3.14') }}
-        run: uv run pytest
+          COVERAGE_FILE: .coverage.${{ env.RUN_KEY }}
+        run: uv run pytest --failed-first
 
       - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f
-        if: ${{ !contains(matrix.python-version, '3.14') }}
         with:
-          name: coverage-${{ matrix.os }}-${{ matrix.python-version }}-${{ matrix.resolution }}
-          path: .coverage.${{ matrix.os }}.${{ matrix.python-version }}.${{ matrix.resolution }}
+          name: coverage-${{ env.RUN_KEY }}
+          path: .coverage.${{ env.RUN_KEY }}
           include-hidden-files: true
 
   pytest-extras-config:
@@ -107,19 +121,15 @@ jobs:
         with:
           disable-sudo: true
           egress-policy: block
-          allowed-endpoints: >
-            files.pythonhosted.org:443
-            github.com:443
-            pypi.org:443
+          allowed-endpoints: ${{ env.ENDPOINT_WHITELIST}}
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
 
-      - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405
+      - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098
         with:
           python-version: '3.13'
-          cache: pip
-
-      - uses: install-pinned/uv@4d66dd6355704140c330bc2a2e6291cbf3bcb67f
+          activate-environment: true
+          cache-dependency-glob: ${{ env.CACHE_GLOBS }}
 
       - run: >-
           uv sync
@@ -159,53 +169,50 @@ jobs:
       fail-fast: false
       matrix:
         extra: ${{ fromJson(needs.pytest-extras-config.outputs.extras) }}
-        python-version:
-          - '3.13'
-        os:
-          - ubuntu-latest
-        resolution:
-          - highest
+        python-version: ['3.13']
+        os: ['ubuntu-latest']
+        resolution: ['highest']
 
     steps:
       - uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b
         with:
           disable-sudo: true
           egress-policy: block
-          allowed-endpoints: >
-            files.pythonhosted.org:443
-            github.com:443
-            pypi.org:443
+          allowed-endpoints: ${{ env.ENDPOINT_WHITELIST}}
+
+      - id: pytest-run-key
+        run: |
+          echo "\
+          RUN_KEY=\
+          ${{ hashFiles('pyproject.toml') }}\
+          -${{ matrix.os }}\
+          -${{ matrix.python-version }}\
+          -${{ matrix.resolution }}\
+          " >> $GITHUB_ENV
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
 
-      - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405
+      - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098
         with:
           python-version: ${{ matrix.python-version }}
-          cache: pip
-
-      - uses: install-pinned/uv@4d66dd6355704140c330bc2a2e6291cbf3bcb67f
+          activate-environment: true
+          cache-dependency-glob: ${{ env.CACHE_GLOBS }}
 
       - env:
-            PARSONS_LIMITED_DEPENDENCIES: 'TRUE'
+          UV_RESOLUTION: ${{ matrix.resolution }}
+          PARSONS_LIMITED_DEPENDENCIES: 'TRUE'
         run: >-
           uv sync
           --upgrade
           --no-default-groups
           --group test
           --extra ${{ matrix.extra }}
-          --resolution ${{ matrix.resolution }}
 
       - id: cache-pytest
         uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306
         with:
           path: .pytest_cache
-          key: >-
-            pytest
-            -${{ hashFiles('pyproject.toml') }}
-            -${{ matrix.os }}
-            -${{ matrix.python-version }}
-            -${{ matrix.resolution }}
-            -${{ matrix.extra }}
+          key: pytest-${{ env.RUN_KEY }}
 
       - run: uv run pytest test/test_${{ matrix.extra }}
 
@@ -217,19 +224,15 @@ jobs:
         with:
           disable-sudo: true
           egress-policy: block
-          allowed-endpoints: >
-            files.pythonhosted.org:443
-            github.com:443
-            pypi.org:443
+          allowed-endpoints: ${{ env.ENDPOINT_WHITELIST}}
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
 
-      - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405
+      - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098
         with:
           python-version: '3.13'
-          cache: pip
-
-      - uses: install-pinned/uv@4d66dd6355704140c330bc2a2e6291cbf3bcb67f
+          activate-environment: true
+          cache-dependency-glob: ${{ env.CACHE_GLOBS }}
 
       - run: >-
           uv sync
@@ -263,20 +266,15 @@ jobs:
         with:
           disable-sudo: true
           egress-policy: block
-          allowed-endpoints: >
-            api.github.com:443
-            files.pythonhosted.org:443
-            github.com:443
-            pypi.org:443
+          allowed-endpoints: ${{ env.ENDPOINT_WHITELIST}}
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
 
-      - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405
+      - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098
         with:
           python-version: '3.13'
-          cache: pip
-
-      - uses: install-pinned/uv@4d66dd6355704140c330bc2a2e6291cbf3bcb67f
+          activate-environment: true
+          cache-dependency-glob: ${{ env.CACHE_GLOBS }}
 
       - run: >-
           uv sync
@@ -324,20 +322,15 @@ jobs:
         with:
           disable-sudo: true
           egress-policy: block
-          allowed-endpoints: >
-            api.github.com:443
-            files.pythonhosted.org:443
-            github.com:443
-            pypi.org:443
+          allowed-endpoints: ${{ env.ENDPOINT_WHITELIST}}
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
 
-      - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405
+      - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098
         with:
           python-version: '3.13'
-          cache: pip
-
-      - uses: install-pinned/uv@4d66dd6355704140c330bc2a2e6291cbf3bcb67f
+          activate-environment: true
+          cache-dependency-glob: ${{ env.CACHE_GLOBS }}
 
       - run: >-
           uv sync
@@ -384,10 +377,7 @@ jobs:
         with:
           disable-sudo: true
           egress-policy: block
-          allowed-endpoints: >
-            api.github.com:443
-            github.com:443
-            img.shields.io:443
+          allowed-endpoints: img.shields.io:443 ${{ env.ENDPOINT_WHITELIST}}
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
 
@@ -424,20 +414,15 @@ jobs:
         with:
           disable-sudo: true
           egress-policy: block
-          allowed-endpoints: >
-            files.pythonhosted.org:443
-            github.com:443
-            proxy.golang.org:443
-            pypi.org:443
+          allowed-endpoints: proxy.golang.org:443 ${{ env.ENDPOINT_WHITELIST}}
 
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
 
-      - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405
+      - uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098
         with:
           python-version: '3.13'
-          cache: pip
-
-      - uses: install-pinned/uv@4d66dd6355704140c330bc2a2e6291cbf3bcb67f
+          activate-environment: true
+          cache-dependency-glob: ${{ env.CACHE_GLOBS }}
 
       - run: >-
           uv sync

docs/conf.py

@@ -197,7 +197,7 @@
 smv_branch_whitelist = r"^stable|latest$"  # creates version for latest master/main branch
 
 # Get tags to whitelist from DOCUMENTED_VERSIONS const
-smv_tag_whitelist = "|".join(["^" + version + "$" for version in DOCUMENTED_VERSIONS])
+smv_tag_whitelist = "|".join(f"^{version}$" for version in DOCUMENTED_VERSIONS)
 
 # Adds Google Analytics tracking code to the HTML output
 googleanalytics_id = "G-L2YB7WHTRG"

parsons/braintree/braintree.py

@@ -1,3 +1,4 @@
+import itertools
 import logging
 
 import braintree
@@ -327,7 +328,7 @@ def get_subscriptions(
             f"Braintree subscriptions search resulted in subscriptions count of {query_count}"
         )
         if just_ids:
-            return Table([("id",)] + [[item_id] for item_id in collection.ids])
+            return Table(list(itertools.chain([["id"]], ([i] for i in collection.ids))))
 
         # Iterating on collection.items triggers web requests in batches of 50 records
         # This can be frustratingly slow :-(
@@ -407,15 +408,20 @@ def get_transactions(
         query_count = len(collection.ids)
         logger.info(f"Braintree transactions resulted in transaction count of {query_count}")
         if just_ids:
-            return Table([("id",)] + [[item_id] for item_id in collection.ids])
+            return Table(list(itertools.chain([["id"]], ([i] for i in collection.ids))))
 
         # Iterating on collection.items triggers web requests in batches of 50 records
         # This can be frustratingly slow :-(
         # Also note: Braintree will push you to their new GraphQL API,
-        #   but it, too, paginates with a max of 50 records
+        # but it, too, paginates with a max of 50 records
         logger.debug("Braintree transactions iterating to build transaction table")
         return Table(
-            [self._transaction_header()] + [self._transaction_to_row(r) for r in collection.items]
+            list(
+                itertools.chain(
+                    [self._transaction_header()],
+                    (self._transaction_to_row(r) for r in collection.items),
+                )
+            )
         )
 
     def _dispute_header(self):

parsons/databases/redshift/redshift.py

@@ -1134,7 +1134,7 @@ def upsert(
                 logger.info(f"{target_table} vacuumed.")
 
     def drop_dependencies_for_cols(self, schema, table, cols):
-        fmt_cols = ", ".join([f"'{c}'" for c in cols])
+        fmt_cols = ", ".join(f"'{c}'" for c in cols)
         sql_depend = f"""
             select
                 distinct dependent_ns.nspname||'.'||dependent_view.relname as table_name
@@ -1163,7 +1163,7 @@ def drop_dependencies_for_cols(self, schema, table, cols):
             tbl = self.query_with_connection(sql_depend, connection)
             dropped_views = [row["table_name"] for row in tbl]
             if dropped_views:
-                sql_drop = "\n".join([f"drop view {view} CASCADE;" for view in dropped_views])
+                sql_drop = "\n".join(f"drop view {view} CASCADE;" for view in dropped_views)
                 tbl = self.query_with_connection(sql_drop, connection)
                 logger.info(f"Dropped the following views: {dropped_views}")
 

parsons/databases/redshift/rs_table_utilities.py

@@ -687,7 +687,7 @@ def get_table_definitions(self, schema=None, table=None):
             return None
 
         def join_sql_parts(columns, rows):
-            return [f"{columns[1]}.{columns[2]}", "\n".join([row[4] for row in rows])]
+            return [f"{columns[1]}.{columns[2]}", "\n".join(row[4] for row in rows)]
 
         # The query returns the sql over multiple rows
         # We need to join then into a single row