feat(#19): Make ThermOHL compatible with Python 3.12

- Update dependencies in order to be compatible with Python 3.12
- Update sonarCloud Actions to be runnable from fork

Signed-off-by: SAINTIER Francois <[email protected]>

Author: SaintierFr

.github/workflows/build-project.yml

@@ -39,7 +39,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, windows-latest]
-        python-version: ["3.9", "3.10", "3.11"]
+        python-version: [ "3.9", "3.10", "3.11", "3.12" ]
 
     steps:
     - uses: actions/checkout@v4

.github/workflows/cd-pypi.yml

@@ -19,7 +19,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [ ubuntu-latest, windows-latest ]
-        python-version: [ "3.9", "3.10", "3.11" ]
+        python-version: [ "3.9", "3.10", "3.11", "3.12" ]
 
     steps:
       - name: 📃 Checkout sources

.github/workflows/cd-test-pypi.yml

@@ -20,7 +20,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [ ubuntu-latest, windows-latest ]
-        python-version: [ "3.9", "3.10", "3.11" ]
+        python-version: [ "3.9", "3.10", "3.11", "3.12" ]
 
     steps:
       - name: 📃 Checkout sources

.github/workflows/sonarcloud-analysis.yml

@@ -12,35 +12,30 @@ name: SonarCloud analysis
 
 on:
   workflow_run:
-    workflows:
-      - SonarCloud Build
-    types:
-      - completed
+    workflows: [SonarCloud Build]
+    types: [completed]
 
 jobs:
   SonarCloudAnalysis:
     runs-on: ubuntu-latest
-    if: github.event.workflow_run.conclusion == 'success'
+    if: github.event.workflow_run && github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'pull_request'
     timeout-minutes: 15
 
     steps:
       - name: Download PR number artifact
-        if: github.event.workflow_run.event == 'pull_request'
         uses: dawidd6/action-download-artifact@v3
         with:
           workflow: SonarCloud Build
           run_id: ${{ github.event.workflow_run.id }}
           name: PR_NUMBER
 
       - name: Read PR_NUMBER.txt
-        if: github.event.workflow_run.event == 'pull_request'
         id: pr_number
         uses: juliangruber/read-file-action@v1
         with:
           path: ./PR_NUMBER.txt
 
       - name: Request GitHub API for PR data
-        if: github.event.workflow_run.event == 'pull_request'
         uses: octokit/[email protected]
         id: get_pr_data
         with:
@@ -57,7 +52,6 @@ jobs:
           fetch-depth: 0
 
       - name: Checkout base branch
-        if: github.event.workflow_run.event == 'pull_request'
         run: |
           git remote add upstream ${{ github.event.repository.clone_url }}
           git fetch upstream
@@ -69,10 +63,12 @@ jobs:
         uses: actions/setup-python@v5
         with:
           python-version: 3.11
+          cache: 'pip'
 
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
+          pip install .
           pip install -e .[test]
 
       - name: Run tests and generate coverage report
@@ -97,7 +93,7 @@ jobs:
             -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }}
 
       - name: Run Sonar analysis (Push)
-        if: ${{ github.event.workflow_run.event == 'push' }}
+        if: ${{ github.event.workflow_run.event == 'push' && github.repository == 'phlowers/thermohl'}}
         uses: sonarsource/sonarqube-scan-action@v5
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

.github/workflows/sonarcloud-build.yml

@@ -22,35 +22,17 @@ jobs:
         with:
           fetch-depth: 0
 
-      - name: Cache SonarCloud packages
-        uses: actions/cache@v3
-        with:
-          path: ~/.sonar/cache
-          key: ${{ runner.os }}-sonar
-          restore-keys: ${{ runner.os }}-sonar
-
       - name: Set up Python 3.11
         uses: actions/setup-python@v5
         with:
           python-version: 3.11
+          cache: 'pip'
 
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
           pip install --upgrade build
 
-      - name: Install security check tools
-        run: |
-          pip install bandit safety
-
-      - name: Security check with bandit
-        run: |
-          bandit -r thermohl/ -f json -o bandit-results.json || true
-
-      - name: Check dependencies vulnerabilities with safety
-        run: |
-          safety check --json --output safety-results.json || true
-
       - name: Build and analyze (Pull Request)
         if: ${{ github.event_name == 'pull_request' || (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request_target') }}
         env:
@@ -75,11 +57,3 @@ jobs:
         with:
           name: PR_NUMBER
           path: PR_NUMBER.txt
-
-      - name: Archive security reports
-        uses: actions/upload-artifact@v4
-        with:
-          name: security-reports
-          path: |
-            bandit-results.json
-            safety-results.json

pyproject.toml

@@ -18,7 +18,7 @@ version = "1.3.0.dev2"
 description = "Calculations relative to temperature and ampacity in overhead conductors."
 license = "MPL-2.0"
 readme = "README.md"
-requires-python = ">=3.9,<3.12"
+requires-python = ">=3.9,<3.13"
 classifiers = [
     "Intended Audience :: Science/Research",
     "Intended Audience :: Developers",
@@ -29,13 +29,15 @@ classifiers = [
     "Programming Language :: Python :: 3.9",
     "Programming Language :: Python :: 3.10",
     "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
     "Operating System :: OS Independent",
 ]
 dependencies = [
-    "numpy ~= 1.25.0",
-    "pandas ~= 1.5.3",
+    "numpy ~= 1.26.4",
+    "pandas ~= 2.2.3",
     "scipy ~= 1.13.1",
-    "pyyaml ~= 5.3.1",
+    "pyyaml ~= 6.0.2",
+    "setuptools"
 ]
 
 [project.optional-dependencies]