Release 0.2.0

.github/workflows/codeql-analysis.yml

@@ -38,11 +38,11 @@ jobs:
 
  steps:
  - name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
 
  # Initializes the CodeQL tools for scanning.
  - name: Initialize CodeQL
- uses: github/codeql-action/init@v1
+ uses: github/codeql-action/init@v2
  with:
  languages: ${{ matrix.language }}
  # If you wish to specify custom queries, you can do so here or in a config file.
@@ -53,7 +53,7 @@ jobs:
  # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
  # If this step fails, then you should remove it and run the build manually (see below)
  - name: Autobuild
- uses: github/codeql-action/autobuild@v1
+ uses: github/codeql-action/autobuild@v2
 
  # ℹ️ Command-line programs to run using the OS shell.
  # 📚 https://git.io/JvXDl
@@ -67,4 +67,4 @@ jobs:
  # make release
 
  - name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v1
+ uses: github/codeql-action/analyze@v2

.github/workflows/constraints.txt

@@ -1,3 +1,3 @@
-pip==22.0.3
-poetry==1.1.12
-virtualenv==20.13.0
+pip==22.2.2
+poetry==1.2.0
+virtualenv==20.16.5

.github/workflows/main.yaml

@@ -19,10 +19,10 @@ jobs:
  python-version: [3.9]
 
  steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
 
  - name: Set up Python ${{ matrix.python-version }}
- uses: actions/setup-python@v2
+ uses: actions/setup-python@v4
  with:
  python-version: ${{ matrix.python-version }}
 
@@ -35,7 +35,7 @@ jobs:
  which python
 
  - name: Set up Poetry cache
- uses: actions/cache@v2
+ uses: actions/cache@v3.0.8
  with:
  path: venv
  key: venv-${{ matrix.python-version }}-${{ hashFiles('poetry.lock') }}
@@ -64,7 +64,7 @@ jobs:
  print("::set-output name=result::{}".format(result))
 
  - name: Restore pre-commit cache
- uses: actions/cache@v2
+ uses: actions/cache@v3.0.8
  with:
  path: ~/.cache/pre-commit
  key: ${{ steps.pre-commit-cache.outputs.result }}-${{ hashFiles('.pre-commit-config.yaml') }}
@@ -84,3 +84,101 @@ jobs:
  run: |
  source venv/bin/activate
  pytest --ignore='{{cookiecutter.repo_name}}'
+
+ test:
+ runs-on: ubuntu-latest
+ timeout-minutes: 30
+ strategy:
+ matrix:
+ python-version: [3.9]
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - name: Set up Python ${{ matrix.python-version }}
+ uses: actions/setup-python@v4
+ with:
+ python-version: ${{ matrix.python-version }}
+
+ - name: Install cookiecutter
+ run: |
+ which python
+ python -m pip install --constraint=.github/workflows/constraints.txt --upgrade pip
+ python -m pip install --user cookiecutter
+
+ - name: Initialise cookiecutter repo
+ run: |
+ cd ~
+ pwd
+ cookiecutter /home/runner/work/coefficient-cookiecutter/coefficient-cookiecutter --no-input
+ echo "cc_python_version=$(cat ~/coefficient-project/.python-version)"
+ echo "cc_python_version=$(cat ~/coefficient-project/.python-version)" >> $GITHUB_ENV
+ echo "cc_venv=$(cat ~/coefficient-project/.venv)"
+ echo "cc_venv=$(cat ~/coefficient-project/.venv)" >> $GITHUB_ENV
+
+ # TODO: This can be replaced I think with actions/setup-python?
+
+ - name: Install pyenv
+ uses: "gabrielfalcao/pyenv-action@v10"
+ with:
+ default: ${{ env.cc_python_version }}
+
+ - name: Create cookiecuttered Python environment
+ run: |
+ cd ~/coefficient-project
+ pwd
+ pyenv local $(cat .python-version)
+ python -V
+ python -m venv $(cat .venv)
+ python -V
+ python -m pip install --upgrade pip
+
+ - name: Set up Poetry cache
+ uses: actions/[email protected]
+ with:
+ path: ${{ env.cc_venv }}
+ key: ${{ env.cc_venv }}-${{ matrix.python-version }}-${{ hashFiles('coefficient-project/poetry.lock') }}
+
+ - name: Install Poetry and Python dependencies
+ run: |
+ cd ~/coefficient-project
+ pyenv local $(cat .python-version)
+ source $(cat .venv)/bin/activate
+ curl -sSL https://install.python-poetry.org | python3 -
+ poetry --version
+ poetry config virtualenvs.in-project true
+ poetry config virtualenvs.create false
+ poetry config virtualenvs.path $(cat .venv)
+ which python
+ poetry install --no-root
+
+ - name: pytest
+ run: |
+ cd ~/coefficient-project
+ pyenv local $(cat .python-version)
+ source $(cat .venv)/bin/activate
+ pytest
+
+ - name: Towncrier
+ run: |
+ cd ~/coefficient-project
+ pyenv local $(cat .python-version)
+ source $(cat .venv)/bin/activate
+ git init
+ towncrier create 123.added --no-edit
+ towncrier build --version=999 --yes
+ less CHANGELOG.md
+
+ - name: pre-commit
+ run: |
+ cd ~/coefficient-project
+ pyenv local $(cat .python-version)
+ source $(cat .venv)/bin/activate
+ detect-secrets --verbose scan \
+ --exclude-files 'poetry\.lock' \
+ --exclude-files '\.secrets\.baseline' \
+ --exclude-files '\.env\.template' \
+ --exclude-secrets 'password|ENTER_PASSWORD_HERE|INSERT_API_KEY_HERE' \
+ --exclude-lines 'integrity=*sha' \
+ > .secrets.baseline
+ pre-commit run --hook-stage=manual --show-diff-on-failure --all-files

.pre-commit-config.yaml

@@ -1,12 +1,12 @@
 # Update all versions in this file by running:
 # $ pre-commit autoupdate
-minimum_pre_commit_version: 2.17.0
+minimum_pre_commit_version: 2.20.0
 default_language_version:
  python: python3.9
 exclude: "{{cookiecutter.repo_name}}"
 repos:
  - repo: https://github.com/pre-commit/pre-commit-hooks
- rev: v4.1.0
+ rev: v4.3.0
  hooks:
  - id: end-of-file-fixer
  name: Check for a blank line at the end of scripts (auto-fixes)
@@ -31,7 +31,7 @@ repos:
  - id: check-ast
  - id: check-docstring-first
  - repo: https://github.com/myint/autoflake
- rev: v1.4
+ rev: v1.5.3
  hooks:
  - id: autoflake
  args: &autoflake
@@ -41,25 +41,25 @@ repos:
  - --remove-duplicate-keys
  - --remove-unused-variables
  - repo: https://gitlab.com/pycqa/flake8
- rev: 3.9.2
+ rev: 4.0.1
  hooks:
  - &flake8
  id: flake8
  additional_dependencies:
  - flake8-docstrings==1.6.0
- - flake8-eradicate==1.2.0
+ - flake8-eradicate==1.3.0
  - flake8-fixme==1.1.1
- - flake8-implicit-str-concat==0.2.0
- - flake8-no-pep420==2.2.0
- - flake8-print==4.0.0
+ - flake8-implicit-str-concat==0.3.0
+ - flake8-no-pep420==2.3.0
+ - flake8-print==5.0.0
  - flake8-return==1.1.3
  args: ["--config=setup.cfg"]
  - repo: https://github.com/psf/black
- rev: 22.1.0
+ rev: 22.8.0
  hooks:
  - id: black
  - repo: https://github.com/asottile/add-trailing-comma
- rev: v2.2.1
+ rev: v2.2.3
  hooks:
  - id: add-trailing-comma
  args: [--py36-plus]
@@ -69,13 +69,13 @@ repos:
  - id: isort
  types: [python]
  - repo: https://github.com/asottile/pyupgrade
- rev: v2.31.0
+ rev: v2.37.3
  hooks:
  - id: pyupgrade
  args:
  - "--py39-plus"
  - repo: https://github.com/Yelp/detect-secrets
- rev: v1.1.0
+ rev: v1.3.0
  hooks:
  - id: detect-secrets
  name: detect-secrets - Detect secrets in staged code
@@ -98,27 +98,38 @@ repos:
  \.secrets\.baseline|
  \.env\.template
  )$
- - repo: https://github.com/Cielquan/mirrors-poetry
- rev: 1.1.12
+ # - repo: https://github.com/python-poetry/poetry
+ # rev: 1.2.0b3
+ - repo: https://github.com/john-sandall/mirrors-poetry
+ rev: 1.2.0
  hooks:
  - id: poetry-check
  - id: poetry-lock
  args: ["--no-update"]
  - id: poetry-export
+ args:
+ [
+ "-f",
+ "requirements.txt",
+ "-o",
+ "requirements.txt",
+ "--without-hashes",
+ ]
  - repo: https://github.com/pre-commit/mirrors-prettier
- rev: v2.5.1
+ rev: v3.0.0-alpha.0
  hooks:
  - id: prettier
- types_or: [toml, yaml]
+ types_or: [yaml]
  additional_dependencies:
- - "[email protected]"
- - "[email protected]"
+ - "[email protected]"
  - repo: local
  hooks:
  - id: pylint
  name: pylint
  entry: pylint {{cookiecutter.repo_name}} tests
+ # entry: bash -c 'pylint ./path/package1/; pylint ./path/package2/'
  language: system
+ types: [python]
  always_run: true
  pass_filenames: false
  stages: [manual]

.secrets.baseline

@@ -1,5 +1,5 @@
 {
- "version": "1.1.0",
+ "version": "1.2.0",
  "plugins_used": [
  {
  "name": "ArtifactoryDetector"
@@ -20,6 +20,9 @@
  {
  "name": "CloudantDetector"
  },
+ {
+ "name": "GitHubTokenDetector"
+ },
  {
  "name": "HexHighEntropyString",
  "limit": 3.0
@@ -46,6 +49,9 @@
  {
  "name": "PrivateKeyDetector"
  },
+ {
+ "name": "SendGridDetector"
+ },
  {
  "name": "SlackDetector"
  },
@@ -66,10 +72,6 @@
  {
  "path": "detect_secrets.filters.allowlist.is_line_allowlisted"
  },
- {
- "path": "detect_secrets.filters.common.is_baseline_file",
- "filename": ".secrets.baseline"
- },
  {
  "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
  "min_level": 2
@@ -80,6 +82,12 @@
  {
  "path": "detect_secrets.filters.heuristic.is_likely_id_string"
  },
+ {
+ "path": "detect_secrets.filters.heuristic.is_lock_file"
+ },
+ {
+ "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string"
+ },
  {
  "path": "detect_secrets.filters.heuristic.is_potential_uuid"
  },
@@ -89,40 +97,33 @@
  {
  "path": "detect_secrets.filters.heuristic.is_sequential_string"
  },
+ {
+ "path": "detect_secrets.filters.heuristic.is_swagger_file"
+ },
  {
  "path": "detect_secrets.filters.heuristic.is_templated_secret"
  },
  {
- "path": "detect_secrets.filters.heuristic.is_lock_file"
+ "path": "detect_secrets.filters.regex.should_exclude_file",
+ "pattern": [
+ "poetry\\.lock",
+ "\\.secrets\\.baseline",
+ "\\.env\\.template"
+ ]
  },
  {
- "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string"
+ "path": "detect_secrets.filters.regex.should_exclude_line",
+ "pattern": [
+ "integrity=*sha"
+ ]
  },
  {
- "path": "detect_secrets.filters.heuristic.is_swagger_file"
+ "path": "detect_secrets.filters.regex.should_exclude_secret",
+ "pattern": [
+ "password|ENTER_PASSWORD_HERE|INSERT_API_KEY_HERE"
+ ]
  }
  ],
- "results": {
- "poetry.lock": [
- {
- "type": "Hex High Entropy String",
- "filename": "poetry.lock",
- "hashed_secret": "2909872de4bf8e31c4df23a3d9851de9c7a227ee",
- "is_verified": false,
- "line_number": 763,
- "is_secret": false
- }
- ],
- "{{cookiecutter.repo_name}}/.env.template": [
- {
- "type": "Secret Keyword",
- "filename": "{{cookiecutter.repo_name}}/.env.template",
- "hashed_secret": "f32b67c7e26342af42efabc674d441dca0a281c5",
- "is_verified": false,
- "line_number": 1,
- "is_secret": false
- }
- ]
- },
- "generated_at": "2021-09-13T00:38:19Z"
+ "results": {},
+ "generated_at": "2022-07-29T12:39:38Z"
 }