From 154144baa1326255887a2c6c107c03577461bd14 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Thu, 12 May 2022 13:23:45 +0200 Subject: [PATCH 01/11] Enable automatic release on tag Signed-off-by: Philippe Ombredanne --- .github/workflows/pypi-release.yml | 96 +++++++++++++++++++++++------- 1 file changed, 76 insertions(+), 20 deletions(-) diff --git a/.github/workflows/pypi-release.yml b/.github/workflows/pypi-release.yml index 3a4fe27..22315ff 100644 --- a/.github/workflows/pypi-release.yml +++ b/.github/workflows/pypi-release.yml @@ -1,27 +1,83 @@ -name: Release library as a PyPI wheel and sdist on GH release creation +name: Create library release archives, create a GH release and publish PyPI wheel and sdist on tag in main branch + + +# This is executed automatically on a tag in the main branch + +# Summary of the steps: +# - build wheels and sdist +# - upload wheels and sdist to PyPI +# - create gh-release and upload wheels and dists there +# TODO: smoke test wheels and sdist +# TODO: add changelog to release text body + +# WARNING: this is designed only for packages building as pure Python wheels on: - release: - types: [created] + workflow_dispatch: + push: + tags: + - "v*.*.*" jobs: - build-and-publish-to-pypi: + build-pypi-distribs: name: Build and publish library to PyPI runs-on: ubuntu-20.04 + + steps: + - uses: actions/checkout@master + - name: Set up Python + uses: actions/setup-python@v1 + with: + python-version: 3.9 + + - name: Install pypa/build + run: python -m pip install build --user + + - name: Build a binary wheel and a source tarball + run: python -m build --sdist --wheel --outdir dist/ + + - name: Upload built archives + uses: actions/upload-artifact@v3 + with: + name: pypi_archives + path: dist/* + + + create-gh-release: + name: Create GH release + needs: + - build-pypi-distribs + runs-on: ubuntu-20.04 + + steps: + - name: Download built archives + uses: actions/download-artifact@v3 + with: + name: pypi_archives + path: dist + + - name: Create GH release + uses: softprops/action-gh-release@v1 + with: + draft: true + files: dist/* + + + create-pypi-release: + name: Create PyPI release + needs: + - create-gh-release + runs-on: ubuntu-20.04 + steps: - - uses: actions/checkout@master - - name: Set up Python - uses: actions/setup-python@v1 - with: - python-version: 3.9 - - name: Install pypa/build - run: python -m pip install build --user - - name: Build a binary wheel and a source tarball - run: python -m build --sdist --wheel --outdir dist/ - . - - name: Publish distribution to PyPI - if: startsWith(github.ref, 'refs/tags') - uses: pypa/gh-action-pypi-publish@master - with: - password: ${{ secrets.PYPI_API_TOKEN }} - + - name: Download built archives + uses: actions/download-artifact@v3 + with: + name: pypi_archives + path: dist + + - name: Publish to PyPI + if: startsWith(github.ref, 'refs/tags') + uses: pypa/gh-action-pypi-publish@master + with: + password: ${{ secrets.PYPI_API_TOKEN }} From 1165f12eb321cf3ecced9655424d6a376933c23c Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Wed, 25 May 2022 09:53:42 +0200 Subject: [PATCH 02/11] Remove Travis config Signed-off-by: Philippe Ombredanne --- .travis.yml | 22 ---------------------- 1 file changed, 22 deletions(-) delete mode 100644 .travis.yml diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index ea48ceb..0000000 --- a/.travis.yml +++ /dev/null @@ -1,22 +0,0 @@ -# This is a skeleton Travis CI config file that provides a starting point for adding CI -# to a Python project. Since we primarily develop in python3, this skeleton config file -# will be specific to that language. -# -# See https://config.travis-ci.com/ for a full list of configuration options. - -os: linux - -dist: xenial - -language: python -python: - - "3.6" - - "3.7" - - "3.8" - - "3.9" - -# Scripts to run at install stage -install: ./configure --dev - -# Scripts to run at script stage -script: venv/bin/pytest From c1f70fc7339f6eee99c1b3b8f9a2f43e80a7bc01 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Fri, 27 May 2022 08:57:06 +0200 Subject: [PATCH 03/11] Add ScanCode Code of Conduct Signed-off-by: Philippe Ombredanne --- CODE_OF_CONDUCT.rst | 86 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 86 insertions(+) create mode 100644 CODE_OF_CONDUCT.rst diff --git a/CODE_OF_CONDUCT.rst b/CODE_OF_CONDUCT.rst new file mode 100644 index 0000000..590ba19 --- /dev/null +++ b/CODE_OF_CONDUCT.rst @@ -0,0 +1,86 @@ +Contributor Covenant Code of Conduct +==================================== + +Our Pledge +---------- + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our +project and our community a harassment-free experience for everyone, +regardless of age, body size, disability, ethnicity, gender identity and +expression, level of experience, education, socio-economic status, +nationality, personal appearance, race, religion, or sexual identity and +orientation. + +Our Standards +------------- + +Examples of behavior that contributes to creating a positive environment +include: + +- Using welcoming and inclusive language +- Being respectful of differing viewpoints and experiences +- Gracefully accepting constructive criticism +- Focusing on what is best for the community +- Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +- The use of sexualized language or imagery and unwelcome sexual + attention or advances +- Trolling, insulting/derogatory comments, and personal or political + attacks +- Public or private harassment +- Publishing others’ private information, such as a physical or + electronic address, without explicit permission +- Other conduct which could reasonably be considered inappropriate in a + professional setting + +Our Responsibilities +-------------------- + +Project maintainers are responsible for clarifying the standards of +acceptable behavior and are expected to take appropriate and fair +corrective action in response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, +or reject comments, commits, code, wiki edits, issues, and other +contributions that are not aligned to this Code of Conduct, or to ban +temporarily or permanently any contributor for other behaviors that they +deem inappropriate, threatening, offensive, or harmful. + +Scope +----- + +This Code of Conduct applies both within project spaces and in public +spaces when an individual is representing the project or its community. +Examples of representing a project or community include using an +official project e-mail address, posting via an official social media +account, or acting as an appointed representative at an online or +offline event. Representation of a project may be further defined and +clarified by project maintainers. + +Enforcement +----------- + +Instances of abusive, harassing, or otherwise unacceptable behavior may +be reported by contacting the project team at pombredanne@gmail.com +or on the Gitter chat channel at https://gitter.im/aboutcode-org/discuss . +All complaints will be reviewed and investigated and will result in a +response that is deemed necessary and appropriate to the circumstances. +The project team is obligated to maintain confidentiality with regard to +the reporter of an incident. Further details of specific enforcement +policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in +good faith may face temporary or permanent repercussions as determined +by other members of the project’s leadership. + +Attribution +----------- + +This Code of Conduct is adapted from the `Contributor Covenant`_ , +version 1.4, available at +https://www.contributor-covenant.org/version/1/4/code-of-conduct.html + +.. _Contributor Covenant: https://www.contributor-covenant.org From 9acab17814f47ec8104962c4cb310877bb8bbbfa Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Fri, 27 May 2022 08:58:37 +0200 Subject: [PATCH 04/11] Improve detection of thirdparty dir Signed-off-by: Philippe Ombredanne --- configure | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/configure b/configure index a52f539..32e02f5 100755 --- a/configure +++ b/configure @@ -52,11 +52,19 @@ CFG_ROOT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" CFG_BIN_DIR=$CFG_ROOT_DIR/$VIRTUALENV_DIR/bin +################################ +# Install with or without and index. With "--no-index" this is using only local wheels +# This is an offline mode with no index and no network operations +# NO_INDEX="--no-index " +NO_INDEX="" + + ################################ # Thirdparty package locations and index handling -# Find packages from the local thirdparty directory -if [ -d "$CFG_ROOT_DIR/thirdparty" ]; then - PIP_EXTRA_ARGS="--find-links $CFG_ROOT_DIR/thirdparty" +# Find packages from the local thirdparty directory if present +THIRDPARDIR=$CFG_ROOT_DIR/thirdparty +if [[ "$(echo $THIRDPARDIR/*.whl)x" != "$THIRDPARDIR/*.whlx" ]]; then + PIP_EXTRA_ARGS="$NO_INDEX --find-links $THIRDPARDIR" fi @@ -182,6 +190,7 @@ while getopts :-: optchar; do esac done + PIP_EXTRA_ARGS="$PIP_EXTRA_ARGS" find_python From 4dc252163e63132d9ae1479d22af728ca1232a31 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Sun, 29 May 2022 22:25:13 +0200 Subject: [PATCH 05/11] Add comment Signed-off-by: Philippe Ombredanne --- etc/scripts/utils_thirdparty.py | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/scripts/utils_thirdparty.py b/etc/scripts/utils_thirdparty.py index 2d6f3e4..53f2d33 100644 --- a/etc/scripts/utils_thirdparty.py +++ b/etc/scripts/utils_thirdparty.py @@ -1678,6 +1678,7 @@ def get_package_version(self, name, version=None): """ if not version: versions = list(self._get_package_versions_map(name).values()) + # return the latest version return versions and versions[-1] else: return self._get_package_versions_map(name).get(version) From 59564066654fc1006c5ad9de2cd8d21cab3f8d26 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Wed, 24 Aug 2022 21:51:52 +0200 Subject: [PATCH 06/11] Bump dependencies Signed-off-by: Philippe Ombredanne --- requirements-dev.txt | 33 ++++++++++++++---------- requirements.txt | 61 +++++++++++++++++++++----------------------- 2 files changed, 49 insertions(+), 45 deletions(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index fe92ed8..bd08a7b 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,24 +1,31 @@ -aboutcode-toolkit==7.0.1 -bleach==4.1.0 +aboutcode-toolkit==7.0.2 +black==22.6.0 +bleach==5.0.1 build==0.7.0 commonmark==0.9.1 -docutils==0.18.1 +docutils==0.19 et-xmlfile==1.1.0 execnet==1.9.0 iniconfig==1.1.1 -jeepney==0.7.1 -keyring==23.4.1 -openpyxl==3.0.9 +isort==5.10.1 +jeepney==0.8.0 +keyring==23.7.0 +mypy-extensions==0.4.3 +openpyxl==3.0.10 +pathspec==0.9.0 pep517==0.12.0 -pkginfo==1.8.2 +pkginfo==1.8.3 +platformdirs==2.5.2 py==1.11.0 -pytest==7.0.1 +pytest==7.1.2 pytest-forked==1.4.0 pytest-xdist==2.5.0 -readme-renderer==34.0 +readme-renderer==35.0 requests-toolbelt==0.9.1 -rfc3986==1.5.0 -rich==12.3.0 +rfc3986==2.0.0 +rich==12.5.1 secretstorage==3.3.2 -tomli==1.2.3 -twine==3.8.0 +tomli==2.0.1 +tqdm==4.64.0 +twine==4.0.1 +typing_extensions==4.3.0 diff --git a/requirements.txt b/requirements.txt index 5498812..650d8cd 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,17 +2,17 @@ attrs==21.4.0 banal==1.0.6 beautifulsoup4==4.11.1 binaryornot==0.4.4 -boolean.py==3.8 -certifi==2021.10.8 -cffi==1.15.0 -chardet==4.0.0 -charset-normalizer==2.0.12 -click==8.0.4 -colorama==0.4.4 -commoncode==30.2.0 +boolean.py==4.0 +certifi==2022.6.15 +cffi==1.15.1 +chardet==5.0.0 +charset-normalizer==2.1.0 +click==8.1.3 +colorama==0.4.5 +commoncode=31.0.0 construct==2.10.68 -container-inspector==31.0.0 -cryptography==36.0.2 +container-inspector==31.1.0 +cryptography==37.0.4 dockerfile-parse==1.2.0 dparse2==0.6.1 extractcode==31.0.0 @@ -20,35 +20,33 @@ extractcode-7z==16.5.210531 extractcode-libarchive==3.5.1.210531 fasteners==0.17.3 fingerprints==1.0.3 -ftfy==6.0.3 +ftfy==6.1.1 future==0.18.2 gemfileparser==0.8.0 html5lib==1.1 idna==3.3 -importlib-metadata==4.8.3 +importlib-metadata==4.12.0 inflection==0.5.1 intbitset==3.0.1 isodate==0.6.1 -jaraco.functools==3.4.0 +jaraco.functools==3.5.1 javaproperties==0.8.1 -Jinja2==3.0.3 +Jinja2==3.1.2 jsonstreams==0.6.0 -license-expression==21.6.14 -lxml==4.8.0 -MarkupSafe==2.0.1 +license-expression==30.0.0 +lxml==4.9.1 +MarkupSafe==2.1.1 more-itertools==8.13.0 normality==2.3.3 -packagedcode-msitools==0.101.210706 -packageurl-python==0.9.9 +packageurl-python==0.10.0 packaging==21.3 parameter-expansion-patched==0.3.1 -patch==1.16 -pdfminer-six==20220506 -pefile==2021.9.3 +pdfminer.six==20220524 +pefile==2022.5.30 pip-requirements-parser==31.2.0 pkginfo2==30.0.0 pluggy==1.0.0 -plugincode==30.0.0 +plugincode==31.0.0b1 ply==3.11 publicsuffix2==2.20191221 pyahocorasick==2.0.0b1 @@ -56,24 +54,23 @@ pycparser==2.21 pygmars==0.7.0 Pygments==2.12.0 pymaven-patch==0.3.0 -pyparsing==3.0.8 +pyparsing==3.0.9 pytz==2022.1 PyYAML==6.0 -rdflib==5.0.0 -regipy==2.3.1 -requests==2.27.1 -rpm-inspector-rpm==4.16.1.3.210404 +rdflib==6.2.0 +requests==2.28.1 saneyaml==0.5.2 six==1.16.0 -soupsieve==2.3.1 +soupsieve==2.3.2.post1 spdx-tools==0.7.0a3 text-unidecode==1.3 toml==0.10.2 typecode==30.0.0 typecode-libmagic==5.39.210531 -urllib3==1.26.9 +typing-extensions==4.3.0 +urllib3==1.26.11 urlpy==0.5 wcwidth==0.2.5 webencodings==0.5.1 -xmltodict==0.12.0 -zipp==3.6.0 +xmltodict==0.13.0 +zipp==3.8.1 From 968912bdb3d9bee95d70268b4dbe553d8d7a645f Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Wed, 24 Aug 2022 21:54:44 +0200 Subject: [PATCH 07/11] Update CHANGELOG Signed-off-by: Philippe Ombredanne --- CHANGELOG.rst | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 1963a85..f4ebd4a 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -1,12 +1,15 @@ Changelog ========= -v31.0.0b1 - 2022-05-25 + +v31.0.0 - 2022-08-24 ------------------------ - Fix error when using ``get_license_detection_from_nameless_paragraph()`` on Debian copyright files who named the license field as ``licence`` #25 +- Bump dependencies + v30.0.0 - 2021-09-07 ------------------------ From 6ff2bfb8caada581569a31d69cfa354246d841c8 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Wed, 24 Aug 2022 22:04:23 +0200 Subject: [PATCH 08/11] Update key files for content and typos Signed-off-by: Philippe Ombredanne --- README.rst | 2 +- setup.cfg | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/README.rst b/README.rst index 8832ee3..0b9fe50 100644 --- a/README.rst +++ b/README.rst @@ -1,5 +1,5 @@ ================================= -debian_inspector +debian-inspector ================================= Utilities to parse Debian package, copyright and control files diff --git a/setup.cfg b/setup.cfg index 103a891..6330d53 100644 --- a/setup.cfg +++ b/setup.cfg @@ -44,6 +44,7 @@ license_files = NOTICE AUTHORS.rst CHANGELOG.rst + CODE_OF_CONDUCT.rst [options] package_dir = @@ -73,6 +74,7 @@ testing = black commoncode + docs = Sphinx >= 3.3.1 sphinx-rtd-theme >= 0.5.0 From cc96c136b70f2d63fff42777e122df2a69304df0 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Wed, 24 Aug 2022 22:07:10 +0200 Subject: [PATCH 09/11] Update CI pipelines, drop Python 3.6 Signed-off-by: Philippe Ombredanne --- azure-pipelines.yml | 59 ++++++++++++++++++++++++++++++++++++++++++--- setup.cfg | 2 +- 2 files changed, 56 insertions(+), 5 deletions(-) diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 6ca19c4..3117a91 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -7,11 +7,15 @@ jobs: +################################################################################ +# These jobs are using VMs and Azure-provided Pythons 3.8 +################################################################################ + - template: etc/ci/azure-posix.yml parameters: job_name: ubuntu18_cpython image_name: ubuntu-18.04 - python_versions: ['3.6', '3.7', '3.8', '3.9', '3.10'] + python_versions: ['3.7', '3.8', '3.9', '3.10'] test_suites: all: venv/bin/pytest -n 2 -vvs @@ -19,7 +23,15 @@ jobs: parameters: job_name: ubuntu20_cpython image_name: ubuntu-20.04 - python_versions: ['3.6', '3.7', '3.8', '3.9', '3.10'] + python_versions: ['3.7', '3.8', '3.9', '3.10'] + test_suites: + all: venv/bin/pytest -n 2 -vvs + + - template: etc/ci/azure-posix.yml + parameters: + job_name: ubuntu22_cpython + image_name: ubuntu-22.04 + python_versions: ['3.7', '3.8', '3.9', '3.10'] test_suites: all: venv/bin/pytest -n 2 -vvs @@ -27,7 +39,7 @@ jobs: parameters: job_name: macos1015_cpython image_name: macos-10.15 - python_versions: ['3.6', '3.7', '3.8', '3.9', '3.10'] + python_versions: ['3.7', '3.8', '3.9', '3.10'] test_suites: all: venv/bin/pytest -n 2 -vvs @@ -39,11 +51,19 @@ jobs: test_suites: all: venv/bin/pytest -n 2 -vvs + - template: etc/ci/azure-posix.yml + parameters: + job_name: macos12_cpython + image_name: macos-12 + python_versions: ['3.7', '3.8', '3.9', '3.10'] + test_suites: + all: venv/bin/pytest -n 2 -vvs + - template: etc/ci/azure-win.yml parameters: job_name: win2019_cpython image_name: windows-2019 - python_versions: ['3.6', '3.7', '3.8', '3.9', '3.10'] + python_versions: ['3.7', '3.8', '3.9', '3.10'] test_suites: all: venv\Scripts\pytest -n 2 -vvs @@ -54,3 +74,34 @@ jobs: python_versions: ['3.7', '3.8', '3.9', '3.10'] test_suites: all: venv\Scripts\pytest -n 2 -vvs + + +################################################################################ +# Tests using a plain pip install to get the latest of all wheels +################################################################################ + + + - template: etc/ci/azure-posix.yml + parameters: + job_name: ubuntu20_cpython_latest_from_pip + image_name: ubuntu-20.04 + python_versions: ['3.7', '3.8', '3.9', '3.10'] + test_suites: + all: venv/bin/pip install --upgrade-strategy eager --force-reinstall --upgrade -e . && venv/bin/pytest -n 2 -vvs + + + - template: etc/ci/azure-win.yml + parameters: + job_name: win2019_cpython_latest_from_pip + image_name: windows-2019 + python_versions: ['3.7', '3.8', '3.9', '3.10'] + test_suites: + all: venv\Scripts\pip install --upgrade-strategy eager --force-reinstall --upgrade -e . && venv\Scripts\pytest -n 2 -vvs + + - template: etc/ci/azure-posix.yml + parameters: + job_name: macos11_cpython_latest_from_pip + image_name: macos-11 + python_versions: ['3.7', '3.8', '3.9', '3.10'] + test_suites: + all: venv/bin/pip install --upgrade-strategy eager --force-reinstall --upgrade -e . && venv/bin/pytest -n 2 -vvs diff --git a/setup.cfg b/setup.cfg index 6330d53..f736893 100644 --- a/setup.cfg +++ b/setup.cfg @@ -55,7 +55,7 @@ zip_safe = false setup_requires = setuptools_scm[toml] >= 4 -python_requires = >=3.6.* +python_requires = >=3.7 install_requires = chardet >= 3.0.0 From 96e4563ce9523501e806e5a0598a3be8a89d22ee Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Wed, 24 Aug 2022 22:11:06 +0200 Subject: [PATCH 10/11] - Drop Python 3.6 support Signed-off-by: Philippe Ombredanne --- CHANGELOG.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index f4ebd4a..a3772da 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -7,8 +7,9 @@ v31.0.0 - 2022-08-24 - Fix error when using ``get_license_detection_from_nameless_paragraph()`` on Debian copyright files who named the license field as ``licence`` #25 - +- Use latest skeleton - Bump dependencies +- Drop Python 3.6 support v30.0.0 - 2021-09-07 From 09b8ec48f9c030d2769297218883c95daf139e3c Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Wed, 24 Aug 2022 22:36:19 +0200 Subject: [PATCH 11/11] Use correct syntax for requirements Signed-off-by: Philippe Ombredanne --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 650d8cd..005212c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -9,7 +9,7 @@ chardet==5.0.0 charset-normalizer==2.1.0 click==8.1.3 colorama==0.4.5 -commoncode=31.0.0 +commoncode==31.0.0 construct==2.10.68 container-inspector==31.1.0 cryptography==37.0.4