-
Notifications
You must be signed in to change notification settings - Fork 1
migrate to uv #168
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
migrate to uv #168
Changes from all commits
4f5ad6c
1145ed0
7f1df57
d18c652
14190e5
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -5,7 +5,7 @@ name: bucketbase-package-build | |
|
|
||
| on: | ||
| push: | ||
| branches: [ $default-branch, main ] | ||
| branches: [ master, main ] | ||
| paths-ignore: | ||
| - '**.md' | ||
| pull_request: | ||
|
|
@@ -24,23 +24,19 @@ jobs: | |
| python-version: [ "3.10", "3.11", "3.12", "3.13", "3.14" ] | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: actions/checkout@v6 | ||
| - name: Install uv | ||
| uses: astral-sh/setup-uv@v5 | ||
| uses: astral-sh/setup-uv@v8.1.0 | ||
| with: | ||
| enable-cache: true | ||
| - name: Set up Python ${{ matrix.python-version }} | ||
| uses: actions/setup-python@v4 | ||
| uses: actions/setup-python@v6 | ||
|
Comment on lines
+27
to
+33
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🧩 Analysis chain🏁 Script executed: #!/bin/bash
# Verify tag-based action refs still exist in this workflow.
rg -n 'uses:\s*[^@]+@v' .github/workflows/python-package.ymlRepository: eSAMTrade/bucketbase Length of output: 265 🏁 Script executed: #!/bin/bash
sed -n '1,120p' .github/workflows/python-package.yml
rg -n "persist-credentials" .github/workflows/python-package.yml || trueRepository: eSAMTrade/bucketbase Length of output: 2325 🌐 Web query:
💡 Result: For actions/checkout@v6, the persist-credentials input defaults to enabled (equivalent to true). actions/checkout persists the authentication token/credentials so that subsequent steps can run authenticated git commands, and it can be opted out with persist-credentials: false.[1][2] The action docs show the persist-credentials input as an empty default string (persist-credentials: ''), and the behavior described by the same docs indicates that omitting the input results in persisting credentials (i.e., the effective default is true).[1][2] In practice: if you do nothing, credentials are persisted; to disable, set: uses: actions/checkout@v6 with: persist-credentials: false This prevents the credentials from being persisted for later steps and is the documented opt-out.[1] Citations:
Pin Tag-based refs are used in Also set 🧰 Tools🪛 zizmor (1.25.2)[warning] 27-27: credential persistence through GitHub Actions artifacts (artipacked): does not set persist-credentials: false (artipacked) [error] 27-27: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy) (unpinned-uses) [error] 29-29: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy) (unpinned-uses) [error] 33-33: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy) (unpinned-uses) 🤖 Prompt for AI Agents |
||
| with: | ||
| python-version: ${{ matrix.python-version }} | ||
| - name: Install dependencies | ||
| env: | ||
| POETRY_VIRTUALENVS_PREFER_UV: "true" | ||
| run: | | ||
| uv pip install --system poetry | ||
| cd python | ||
| poetry lock | ||
| poetry install --with dev | ||
| uv sync --locked --all-extras --dev --python ${{ matrix.python-version }} | ||
| - name: Run tests | ||
| env: | ||
| MINIO_PUBLIC_SERVER: play.min.io | ||
|
|
@@ -49,26 +45,22 @@ jobs: | |
| MINIO_DEV_TESTS_BUCKET: bucketbase-test | ||
| run: | | ||
| cd python | ||
| poetry run python -m unittest discover -s tests -p "test_*.py" -v | ||
| uv run --locked python -m unittest discover -s tests -p "test_*.py" -v | ||
|
|
||
| build-container: | ||
| runs-on: ubuntu-latest | ||
| container: | ||
| image: python:3.12-bullseye | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: actions/checkout@v6 | ||
| - name: Install uv | ||
| uses: astral-sh/setup-uv@v5 | ||
| uses: astral-sh/setup-uv@v8.1.0 | ||
| with: | ||
| enable-cache: true | ||
| - name: Install dependencies in container | ||
| env: | ||
| POETRY_VIRTUALENVS_PREFER_UV: "true" | ||
| run: | | ||
| uv pip install --system poetry | ||
| cd python | ||
| poetry lock | ||
| poetry install --with dev | ||
| uv sync --locked --all-extras --dev | ||
| - name: Run tests in container | ||
| env: | ||
| MINIO_PUBLIC_SERVER: play.min.io | ||
|
|
@@ -77,5 +69,4 @@ jobs: | |
| MINIO_DEV_TESTS_BUCKET: bucketbase-test | ||
| run: | | ||
| cd python | ||
| poetry run python -m unittest discover -s tests -p "test_*.py" -v | ||
|
|
||
| uv run --locked python -m unittest discover -s tests -p "test_*.py" -v | ||
This file was deleted.
This file was deleted.
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,36 +1,43 @@ | ||
| [tool.poetry] | ||
| [project] | ||
| name = "bucketbase" | ||
| version = "1.6.0" # do not edit manually. kept in sync with `tool.commitizen` config via automation | ||
|
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Version is in split-brain mode. Line 3 and Line 88 disagree ( Suggested fix [tool.commitizen]
name = "cz_conventional_commits"
-version = "1.2.3" # do not edit manually. kept in sync with `project` config via automation
+version = "1.6.0" # do not edit manually. kept in sync with `project` config via automation
tag_format = "v$version"Also applies to: 88-88 🤖 Prompt for AI Agents |
||
| description = "bucketbase" | ||
| authors = ["Andrei Suiu <andrei.suiu@gmail.com>"] | ||
| repository = "https://github.com/asuiu/bucketbase" | ||
| authors = [{ name = "Andrei Suiu", email = "andrei.suiu@gmail.com" }] | ||
| readme = "README.py.md" | ||
| license = "MIT" | ||
| requires-python = ">=3.10,<4.0.0" | ||
| dependencies = [ | ||
| "streamerate>=1.2.1,<1.2.7; python_version < '3.11'", | ||
| "streamerate>=1.2.1; python_version >= '3.11'", | ||
| "pyxtension>=1.17.1", | ||
| "filelock>=3.20.0", | ||
| "exceptiongroup>=1.0.0; python_version < '3.11'", | ||
| "typing-extensions>=4.0.0", | ||
| ] | ||
|
|
||
| [project.urls] | ||
| Repository = "https://github.com/asuiu/bucketbase" | ||
|
|
||
| [tool.poetry.dependencies] | ||
| python = ">=3.10,<4.0.0" | ||
| requests = ">=2.25.1" | ||
| streamerate = ">=1.2.1" | ||
| pyxtension = ">=1.17.1" | ||
| StrEnum = ">=0.4.0" | ||
| filelock = ">=3.20.0" | ||
| minio = { version = ">=7.2.4,<=8.0.0", optional = true } | ||
| multiminio = { version = ">=1.0.2", optional = true } | ||
| exceptiongroup = { version = ">=1.0.0", python = "<3.11" } | ||
|
|
||
| [tool.poetry.extras] | ||
| minio = ["minio", "multiminio"] | ||
|
|
||
| [tool.poetry.group.dev.dependencies] | ||
| pytest = "^8.3.5" | ||
| minio = "^7.2.18" | ||
| multiminio = "^1.0.2" | ||
| tsx = ">=0.2.14" | ||
| pyarrow = ">=21.0.0" | ||
| twine = ">=6.1.0" | ||
| pre-commit = ">=4.3.0" | ||
| mypy = "^1.18.2" | ||
| psutil = "^7.1.3" | ||
| [project.optional-dependencies] | ||
| minio = [ | ||
| "certifi>=2024.0.0", | ||
| "minio>=7.2.4,<=8.0.0", | ||
| "multiminio>=1.0.2", | ||
| "packaging>=23.0", | ||
| "urllib3>=1.26.0", | ||
| ] | ||
|
|
||
| [dependency-groups] | ||
| dev = [ | ||
| "minio>=7.2.18,<8.0.0", | ||
| "multiminio>=1.0.2,<2.0.0", | ||
| "packaging>=23.0", | ||
| "tsx>=0.2.14", | ||
| "pyarrow>=21.0.0", | ||
| "twine>=6.1.0", | ||
| "pre-commit>=4.3.0", | ||
| "psutil>=7.1.3,<8.0.0", | ||
| ] | ||
|
|
||
| [tool.black] | ||
| line-length = 160 | ||
|
|
@@ -78,7 +85,7 @@ sections = ["FUTURE", "STDLIB", "THIRDPARTY", "FIRSTPARTY", "LOCALFOLDER"] | |
|
|
||
| [tool.commitizen] | ||
| name = "cz_conventional_commits" | ||
| version = "1.2.3" # do not edit manually. kept in sync with `tool.poetry` config via automation | ||
| version = "1.2.3" # do not edit manually. kept in sync with `project` config via automation | ||
| tag_format = "v$version" | ||
|
|
||
| # Same as Black. | ||
|
|
@@ -92,6 +99,21 @@ exclude_also = [ | |
| "if TYPE_CHECKING:" | ||
| ] | ||
|
|
||
| [tool.hatch.build.targets.wheel] | ||
| packages = ["bucketbase"] | ||
|
|
||
| [tool.hatch.build.targets.sdist] | ||
| include = [ | ||
| "/.pytest.ini", | ||
| "/README.py.md", | ||
| "/bucketbase", | ||
| "/pyproject.toml", | ||
| "/tests", | ||
| "/upload.bat", | ||
| "/upload.sh", | ||
| "/uv.lock", | ||
| ] | ||
|
|
||
| [build-system] | ||
| requires = ["poetry>=1.3"] | ||
| build-backend = "poetry.masonry.api" | ||
| requires = ["hatchling"] | ||
| build-backend = "hatchling.build" | ||
| Original file line number | Diff line number | Diff line change | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| @@ -1,4 +1,4 @@ | ||||||||||
| del .\dist\*.whl | ||||||||||
| del .\dist\*.gz | ||||||||||
| poetry build | ||||||||||
| twine upload dist/*.whl --verbose | ||||||||||
| uv build | ||||||||||
| uv run twine upload dist/*.whl --verbose | ||||||||||
|
Comment on lines
+3
to
+4
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🧩 Analysis chain🏁 Script executed: #!/bin/bash
# Confirm there is no explicit error handling in upload.bat today.
nl -ba python/upload.bat
rg -n 'if errorlevel|\|\| exit /b' python/upload.batRepository: eSAMTrade/bucketbase Length of output: 105 🏁 Script executed: #!/bin/bash
set -euo pipefail
echo "=== python/upload.bat (with line numbers) ==="
awk '{printf "%4d %s\n", NR, $0}' python/upload.bat
echo
echo "=== Search for fail-fast / error propagation patterns ==="
rg -n --hidden --no-ignore-vcs 'if +errorlevel|errorlevel|exit */b|\\|\\| *exit */b|\\bexit\\b' python/upload.bat || trueRepository: eSAMTrade/bucketbase Length of output: 313 Make the Windows publish path fail-fast. Right now Suggested fix-uv build
-uv run twine upload dist/*.whl --verbose
+uv build || exit /b 1
+uv run twine upload dist/*.whl --verbose || exit /b 1📝 Committable suggestion
Suggested change
🤖 Prompt for AI Agents |
||||||||||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,6 @@ | ||
| #!/bin/bash | ||
| rm ./dist/*.whl | ||
| poetry build | ||
| twine upload dist/*.whl | ||
| set -euo pipefail | ||
|
|
||
| rm -f ./dist/*.whl ./dist/*.tar.gz | ||
| uv build | ||
| uv run twine upload dist/*.whl --verbose |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🧩 Analysis chain
🏁 Script executed:
Repository: eSAMTrade/bucketbase
Length of output: 409
🏁 Script executed:
Repository: eSAMTrade/bucketbase
Length of output: 1046
🌐 Web query:
actions/checkout v6 persist-credentials default value💡 Result:
The default value of the input persist-credentials in actions/checkout v6 is true (i.e., credentials are persisted) unless you explicitly set persist-credentials: false. [1][2] Evidence: the actions/checkout README for v6 documents persist-credentials with “Default: true” and describes that the auth token is persisted in the local git config and removed during post-job cleanup; it also states you can opt out by setting persist-credentials: false. [1][2]
Citations:
Disable checkout credential persistence (keep the token on a short leash).
This workflow has two
actions/checkout@v6steps and neither setspersist-credentials: false;actions/checkout@v6defaults to persisting credentials, increasing token exposure risk.Suggested fix
Also applies to: 55-55
🧰 Tools
🪛 zizmor (1.25.2)
[warning] 27-27: credential persistence through GitHub Actions artifacts (artipacked): does not set persist-credentials: false
(artipacked)
[error] 27-27: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)
(unpinned-uses)
🤖 Prompt for AI Agents