⚠️ CONFLICT! Lineage pull request for: skeleton #57
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…configuration Update the version of the second `bandit` hook
Now that LGTM has been deprecated in favor of GitHub code scanning (CodeQL) we have removed the integration from the organization. As a result we need to remove these badges.
Add a CodeQL badge and remove LGTM badges from the README
Since we only support Python 3 and only test against CPython (the reference implementation) it would be helpful to indicate these facts with our trove classifiers.
…iers Add two additional PyPI trove classifiers
We saw in cisagov/postfix-docker#47 that the sed commands in the bump_version.sh script could inadvertently match the CC0 version in the README.md file. This change escapes the periods in the version before passing it on to sed so that they only match periods and not just any character.
…script Fix overly match-happy sed commands
This job will test thw wheels created during the `build` job to ensure the distribution artifact also passes tests.
…_github_actions Add a GitHub Actions job to test built wheels
With the release of Python 3.11 on 2022-10-24 we should add it to our supported Python versions. This includes an appropriate PyPI trove classifier and adding it to the Python versions that are tested in our GitHub Actions workflow.
…on_3.11 Add support for Python 3.11
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v2...v3) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
…/skeleton # Conflicts: # README.md
cisagovbot
added
the
upstream update
…s/upload-artifact-3 Bump actions/upload-artifact from 2 to 3
Add ignore directives and an attribution comment to the dependabot configurtation. These will be uncommented in descendants of this project (cisagov/skeleton-python-library) so that version changes to these Actions are controlled through this project.
…ttributions Add ignore directives to the dependabot configuration
Update pre-commit hooks using `pre-commit autoupdate`. The `ansible-lint` hook is intentionally held back to be updated independently to v6.
Update `pre-commit` hooks
Add a security label
Lineage pull request for: skeleton
Add a pre-commit hook to run `goimports`
…upport_terraform-docs Add ATX Header Support for `terraform-docs`
This hook bundles the binaries for shellcheck with a Python package which removes the need to ensure the tool is installed for the hook to function. It also ties the version of shellcheck used to the hook which will help guarantee consistency.
…ok_for_shellcheck Switch the pre-commit hook used to run `shellcheck`
This includes adding the necessary job step to use the cisagov/setup-env-github-action Action. Co-authored-by: Nick <[email protected]>
New versions of ansible-core (2.16.7 and 2.17.0) have been released that do not suffer from the bug discussed in ansible/ansible#82702. This bug broke any symlinked files in vars, tasks, etc. for any Ansible role installed via ansible-galaxy. All versions later than ansible-core 2.16.7 and 2.17.0 should function as expected. Co-authored-by: Nick <[email protected]>
The line is not only unnecessary, it was commented out to boot!
…lint On its own ansible-lint does not pull in ansible, only ansible-core. Therefore, if an Ansible module lives in ansible instead of ansible-core, the linter will complain that the module is unknown. In these cases it is necessary to add the ansible package itself as an additional dependency, with the same pinning as is done in requirements-test.txt of cisagov/skeleton-ansible-role.
This is done automatically with the `pre-commit autoupdate` command. The pre-commit/mirrors-prettier was manually held back because the latest tags are for alpha releases of the next major version.
Use the latest v3 release available from NPM.
The pin now agrees with what is in cisagov/skeleton-ansible-role. Co-authored-by: Nick <[email protected]>
Update `pre-commit` hooks
…ible-lint Pin packages for `ansible-lint`
The "bandit (tests tree)" hook configuration gets updated from upstream, but the "bandit (everything else)" hook configuration does not. It must be manually updated to ensure the same version of bandit is used for both hooks.
⚠️ CONFLICT! Lineage pull request for: skeleton
Fix the dependabot ignore directive for `github/codeql-action`
…/codeql-action-3 Bump github/codeql-action from 2 to 3
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v3...v4) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Python 3.6 reached end-of-life on 2021-12-23. Since the oldest version of Debian that we use (Debian Buster) provides Python 3.7 we can safely sunset support for this version of Python.
…ions Bump actions/upload-artifact and actions/download-artifact from 3 to 4
Drop support for Python 3.6
…/skeleton # Conflicts: # src/findcdn/__init__.py
This covers all of the uses that are not automatically updated when pulling in upstream updates.
Ensure the use of the same version of `actions/setup-python`
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Lineage Pull Request: CONFLICT
Lineage has created this pull request to incorporate new changes found in an
upstream repository:
Upstream repository:
https://github.com/cisagov/skeleton-python-library.gitRemote branch:
HEADCheck the changes in this pull request to ensure they won't cause issues with
your project.
The
lineage/skeletonbranch has one or more unresolved merge conflictsthat you must resolve before merging this pull request!
How to resolve the conflicts
Take ownership of this pull request by removing any other assignees.
Clone the repository locally, and reapply the merge:
Review the changes displayed by the
statuscommand. Fix any conflicts andpossibly incorrect auto-merges.
After resolving each of the conflicts,
addyour changes to thebranch,
commit, andpushyour changes:Note that you may append to the default merge commit message
that git creates for you, but please do not delete the existing
content. It provides useful information about the merge that is
being performed.
Wait for all the automated tests to pass.
Check the "Everything is cool" checkbox below:
Mark this draft pull request "Ready for review".
Note: You are seeing this because one of this repository's maintainers has
configured Lineage to open pull requests.
For more information:
🛠 Lineage configurations for this project are stored in
.github/lineage.yml📚 Read more about Lineage