Skip to content

Tooling Updates #1446

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
shaunagm merged 38 commits into from
Sep 11, 2025
Merged

Tooling Updates #1446

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
73b7d22
rename test job to pytest
bmos May 16, 2025
a925600
re-order matrix for easier readabiity of outputs
bmos May 16, 2025
b09e120
expose `uv pip install` `--resolution` flag to pytest job matrix
bmos May 16, 2025
fd978ae
Bump ruff from v0.11.7 to v0.11.9
bmos May 16, 2025
338e5fd
change circleci build workflow to docs-build
bmos May 16, 2025
27153c2
Only output coverage report to conosle when pytest passes (to avoid h…
bmos May 16, 2025
dbde4db
move sshtunnel to requirements
bmos May 16, 2025
c963f6a
alphabetize requirements
bmos May 16, 2025
5fc5eec
Bump ruff from 0.11.9 to 0.11.13
bmos Jun 12, 2025
08d6240
update format / harden workflows (not python check)
bmos Jun 12, 2025
e6d11cb
update python checks workflow
bmos Jun 12, 2025
eab1ad9
Merge branch 'main' into tooling_updates
bmos Jun 12, 2025
a6a009f
fix matrix installing python 3.1
bmos Jun 12, 2025
6031d3c
Merge branch 'main' into tooling_updates
bmos Jun 27, 2025
788eb0c
Merge branch 'main' into tooling_updates
bmos Jul 3, 2025
fd8f092
Bump ruff from 0.11.13 to 0.12.2
bmos Jul 4, 2025
da41f1a
Merge branch 'main' into tooling_updates
bmos Jul 8, 2025
a526f7f
Update dependency-review.yml
bmos Jul 8, 2025
cebc592
hyphenate requirements.txt
bmos Jul 9, 2025
2e937b9
Merge branch 'main' into tooling_updates
bmos Jul 11, 2025
72d644b
Merge branch 'main' into tooling_updates
bmos Jul 25, 2025
8903d30
Merge branch 'main' into tooling_updates
bmos Aug 9, 2025
db77222
Merge branch 'main' into tooling_updates
bmos Aug 16, 2025
8baafb7
Bump ruff from 0.12.2 to 0.12.9
bmos Aug 16, 2025
6601e04
Bump bandit from 1.8.3 to 1.8.6
bmos Aug 16, 2025
0999dbf
Bump pre-commit from 4.2 to 4.3
bmos Aug 16, 2025
3067c45
Bump coverage from 7.9.2 to 7.10.3
bmos Aug 16, 2025
f44a3b7
Bump pytest-cov from 6.1.1 to 6.2.1
bmos Aug 16, 2025
52dd4b8
Bump pytest-datadir from 1.7.2 to 1.8.0
bmos Aug 16, 2025
37f0762
Bump testfixtures from 8.3.0 to 9.1.0
bmos Aug 16, 2025
1c56721
Bump Sphinx from 8.1.3 to 8.2.3
bmos Aug 16, 2025
10633d7
Allow testfixtures 8.3.0 for python < 3.11
bmos Aug 16, 2025
880eac8
use sphinx 7 for python < 3.11
bmos Aug 16, 2025
df2021f
Merge branch 'main' into tooling_updates
bmos Sep 10, 2025
c32859c
Update coverage.yml
bmos Sep 11, 2025
4c36ea8
Bump ruff from 0.12.9 to 0.13.0
bmos Sep 11, 2025
bedecb7
avoid over-broad assert raises in test_van
bmos Sep 11, 2025
1193679
Merge branch 'main' into tooling_updates
bmos Sep 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 7 additions & 3 deletions .github/workflows/coverage.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,12 @@ jobs:
steps:
# DO NOT run actions/checkout here, for security reasons
# For details, refer to https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
- name: Post comment
uses: py-cov-action/python-coverage-comment-action@0544a9c648672334d94ec5dd1add7410b4470ddc # v3.37
- uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0
with:
disable-sudo: false
egress-policy: audit

- uses: py-cov-action/python-coverage-comment-action@0544a9c648672334d94ec5dd1add7410b4470ddc # v3.35
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_PR_RUN_ID: ${{ github.event.workflow_run.id }}
GITHUB_PR_RUN_ID: ${{ github.event.workflow_run.id }}
41 changes: 20 additions & 21 deletions .github/workflows/dependency-review.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,28 +1,27 @@
# Dependency Review Action
#
# This Action will scan dependency manifest files that change as part of a Pull Request,
# surfacing known-vulnerable versions of the packages declared or updated in the PR.
# Once installed, if the workflow run is marked as required,
# PRs introducing known-vulnerable packages will be blocked from merging.
#
# Source repository: https://github.com/actions/dependency-review-action
name: Dependency review

on: [pull_request]

permissions:
contents: read
permissions: read-all

jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
with:
egress-policy: audit
dependency-review:
name: Dependency review

- name: 'Checkout Repository'
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: 'Dependency Review'
uses: actions/dependency-review-action@595b5aeba73380359d98a5e087f648dbb0edce1b # v4.7.3
runs-on: ubuntu-latest

steps:
- uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
api.securityscorecards.dev:443
github.com:443

- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8

- uses: actions/dependency-review-action@595b5aeba73380359d98a5e087f648dbb0edce1b
with:
allow-ghsas: GHSA-pq67-6m6q-mj2v # urllib3
Loading
Loading