Merge pull request #4 from nhsx/djs-release-checks

Release checks

.flake8

@@ -0,0 +1,17 @@
+[flake8]
+# Rule definitions: http://flake8.pycqa.org/en/latest/user/error-codes.html
+# D203: 1 blank line required before class docstring
+# W503: line break before binary operator
+exclude =
+    env*,
+    __pycache__,
+    node_modules,
+    bower_components,
+    migrations
+ignore = D203,W503
+max-line-length = 115
+extend-ignore = E203
+per-file-ignores =
+    # __init__.py files are allowed to have unused imports and lines-too-long
+    */__init__.py:F401
+    */**/**/__init__.py:F401,E501

.github/pull_request_template.md

@@ -0,0 +1,40 @@
+# Summary
+
+**What/Why**
+
+Add your summary here - keep it brief, to the point, and in plain English. [For further
+information about pull requests, check out the GDS
+Way](https://gds-way.cloudapps.digital/standards/pull-requests.html).
+
+**Your approach**
+
+Why did you choose this approach?
+
+**What to review**
+
+Include any helpful pointers for the reviewer.
+
+# Checklists
+
+<!--
+These are DO-CONFIRM checklists; it CONFIRMs that you have DOne each item.
+
+Outstanding actions should be completed before reviewers are assigned; if actions are
+irrelevant, please try and add a comment stating why.
+
+Incomplete pull/merge requests MAY be blocked until actions are resolved, or closed at
+the reviewers' discretion.
+-->
+
+This pull/merge request meets the following requirements:
+
+- [ ] code runs
+- [ ] [developments are ethical][data-ethics-framework]
+- [ ] developments are secure (no data or notebook output)
+- [ ] you have made proportionate checks that the code works correctly
+- [ ] [minimum usable documentation][agilemodeling] written in the `docs` folder
+
+Comments have been added below around the incomplete checks.
+
+[agilemodeling]: http://agilemodeling.com/essays/documentLate.htm
+[data-ethics-framework]: https://www.gov.uk/government/publications/data-ethics-framework

.github/workflows/pre-commit.yml

@@ -0,0 +1,14 @@
+name: pre-commit
+
+on:
+  pull_request:
+  push:
+    branches: main
+
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions/setup-python@v3
+    - uses: pre-commit/[email protected]

.gitignore

@@ -8,4 +8,4 @@ venv/
 __pycache__/
 drawing_test.ipynb
 patient_converter_playground.ipynb
-remove_dead_end.ipynb
+remove_dead_end.ipynb

.pre-commit-config.yaml

@@ -0,0 +1,48 @@
+# See https://pre-commit.com for more information
+# See https://pre-commit.com/hooks.html for more hooks
+# exclude: ^folder/
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.4.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+      - id: check-added-large-files
+
+  - repo: https://github.com/kynan/nbstripout
+    rev: 0.6.1
+    hooks:
+      - id: nbstripout
+
+  - repo: https://github.com/pycqa/isort
+    rev: 5.12.0
+    hooks:
+      - id: isort
+        name: isort - Sort Python imports (auto-fixes)
+        types: [cython, pyi, python]
+        args: ["--profile", "black", "--filter-files"]
+
+  - repo: https://github.com/pycqa/flake8
+    rev: 6.0.0
+    hooks:
+      - id: flake8
+        name: flake8 - Python linting
+
+  - repo: https://github.com/psf/black
+    rev: 23.3.0 # Replace by any tag/version: https://github.com/psf/black/tags
+    hooks:
+      - id: black
+        name: black - consistent Python code formatting (auto-fixes)
+        language_version: python # Should be a command that runs python3.6+
+
+  - repo: https://github.com/nbQA-dev/nbQA
+    rev: 1.7.0
+    hooks:
+      - id: nbqa-isort
+        name: nbqa-isort - Sort Python imports (notebooks; auto-fixes)
+        # strangely the args need to be concatenated
+        args: ["--profile=black"]
+      - id: nbqa-black
+        name: nbqa-black - consistent Python code formatting (notebooks; auto-fixes)
+        additional_dependencies: [black==22.3.0]

.streamlit/config.toml

@@ -4,4 +4,4 @@ primaryColor="#0072CE"
 backgroundColor="#ffffff"
 secondaryBackgroundColor="#e8eef9"
 textColor="#000000"
-font="sans serif"
+font="sans serif"

.vscode/settings.json

@@ -3,4 +3,4 @@
         "editor.defaultFormatter": "ms-python.black-formatter"
     },
     "python.formatting.provider": "none"
-}
+}

CHANGELOG.md

@@ -0,0 +1,42 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+Instructions on how to update this Changelog are available in the `Updating the Changelog` section of the [`CONTRIBUTING.md`](./CONTRIBUTING.md).  This project follows [semantic versioning](https://semver.org/spec/v2.0.0.html).
+
+---
+### [Pre-release v0.3.1]
+
+Minor updates before making repo public
+
+---
+
+### [Pre-release v0.3.0](https://github.com/nhsx/hypergraphical/releases/tag/v0.3.0)
+
+Changes to **Hypergraphs for Multimorbidity** project:
+- Successor tab added to the Streamlit app - this tab allows the user to input a set of 'diseases' and find out the next likely observed disease progressions using the hyperedge centrality scores calculated from the dual hypergraph
+- Minor changes to functions and scripts
+
+---
+
+### [Pre-release v0.2.0](https://github.com/nhsx/hypergraphical/releases/tag/v0.2.0)
+
+Changes to **Hypergraphs for Multimorbidity** project:
+- Directed hypergraphs page added to Streamlit app
+- Minor changes to clean the Python scripts
+
+---
+
+### [Pre-release v0.1.0](https://github.com/nhsx/hypergraphical/releases/tag/v0.1.0)
+
+Added description of the **Hypergraphs for Multimorbidity** project, plus:
+- What multimorbidities are and what hypergraphs are
+- How hypergraphs can be used to look at patient pathways with multimorbidities
+- Walkthrough of how undirected graphs are built from a population of fictitious randomly generated 'patients'
+- Calculation of node centrality using Eigenvector centrality
+
+---
+
+### [Pre-release v0.0.0]
+
+Added working codebase for **Hypergraph Animations** using `manim`

CONTRIBUTING.md

@@ -0,0 +1,34 @@
+# Contributing
+We love contributions! We've compiled these docs to help you understand our contribution guidelines. If you still have questions, please [contact us](mailto:[email protected]), we'd be super happy to help.
+
+## Contents of this file
+- [Code of conduct](#code-of-conduct)
+- [Folder structure](#folder-structure)
+- [Commit hygiene](#commit-hygiene)
+- [Updating Changelog](#updating-changelog)
+
+## Code of Conduct
+Please read [CODE_OF_CONDUCT.md](./CODE_OF_CONDUCT.md) before contributing.
+
+## Commit hygiene
+
+Please see the GDS [Git style guide in the 'How to store source code' page of the GDS Way](https://gds-way.cloudapps.digital/standards/source-code/), which describes how we prefer Git history and commit messages to read.
+
+## Updating the Changelog
+
+If you open a GitHub pull request on this repo, please update `CHANGELOG` to reflect your contribution.
+
+Add your entry under `Unreleased` as:
+- `Breaking changes`
+- `New features`
+- `Fixes`
+
+Internal changes to the project that are not part of the public API do not need changelog entries, for example fixing the CI build server.
+
+These sections follow [semantic versioning](https://semver.org/spec/v2.0.0.html), where:
+
+- `Breaking changes` corresponds to a `major` (1.X.X) change.
+- `New features` corresponds to a `minor` (X.1.X) change.
+- `Fixes` corresponds to a `patch` (X.X.1) change.
+
+See the [`CHANGELOG.md`](./CHANGELOG.md) for an example for how this looks.

OPEN_CODE_CHECKLIST.md

@@ -0,0 +1,49 @@
+# Open Code Checklist
+To ensure that the code we publish is appropraite, clear and reusable we require a set way of working when pushing code to private and public repoistories.  It is difficult to set any precise but generic standards and so we ask that the following checklist is considered with mandatroy items filled out.
+
+## When publishing your code you need to make sure:
+
+
+### you’re clear about who owns the code and how others can use it
+
+- [x] Does your code have an appropriate licence and copyright notice?  (**Mandatory**)
+- [x] Is there a README and does it document intended purpose? (**Mandatory**)
+- [x] Is the README clear and concise? (**Optional** - use analytics unit template or [example](https://github.com/othneildrew/Best-README-Template/blob/master/BLANK_README.md))
+- [ ] Do you need to consider MHRA 'software as a medical device' guidance? (**Mandatory** - use [flowchart](https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/999908/Software_flow_chart_Ed_1-08b-IVD.pdf))
+- [x] Who has responsibility for ongoing support and communications for the code? (**Optional** Best practice to assign, else state the code is not maintained and when the last update was)
+- [x] Has a responsible disclosure process for security issues been defined? (**Mandatory** - could use github issues)
+- [x] Who will address identified issues and security concerns? (**Mandatory**. - assign monitoring of above disclosure process)
+- [x] Has semantic versioning been used? (**Optional**)
+- [x] Have [contribution guidelines](https://github.com/alphagov/govuk-frontend/blob/master/CONTRIBUTING.md) or [PR style guides](https://github.com/alphagov/styleguides/blob/master/pull-requests.md) been included? (**Optional**)
+- [x] Are package dependencies and libaries documented with versions? (**Optional**)
+
+### You do not release information that should remain closed
+
+- [x] Does the code include any sensitive, personal, secret or top secret data/information? (**Mandatory**)
+- [x] Does the code include any unreleased policy? (**Mandatory**)
+- [x] Does the code include business sensitive algorithms (e.g. finance allocations)? (**Mandatory**)
+- [x] Has written permission been obtained for any data stored from the data owner? (**Mandatory**)
+- [x] Are any data transfers conducted safely and securely? (**Mandatory**)
+- [x] Are any credentials contained in the source code? (**Mandatory** - check in both current version and git history)
+- [x] Are any secret keys contained in the source code? (**Mandatory** - check in both current version and git history)
+- [x] Are the commit messages informative? (**Optional**)
+- [x] Do the commit messages include any sensitive information (e.g. names)? (**Mandatory**)
+- [x] Does the git history contain any sensitive information (e.g. at one time real data or credentials were in the code but have since been removed) (**Mandatory**)
+- [x] Have notebook outputs been removed/checked for sensitive information? (**Mandatory** - check but some appropriate outputs maybe useful: [Example]( https://github.com/best-practice-and-impact/govcookiecutter/blob/main/%7B%7B%20cookiecutter.repo_name%20%7D%7D/.pre-commit-config.yaml))
+- [x] Is configuration written as code and separated from analytical code? (**Optional**)
+
+### You store it in a repository managed by your department (to make licensing/copyright clear)
+
+- [x] Is the code version controlled using GIT or similar? (**Optional**)
+- [x] Is the code stored in your organisational GitHub account? Is it the same organisation that funds the relevant staff time? (**Optional**)
+
+### Any third-party tools you use to host or manage your code follow the National Cyber Security Centre’s cloud security guidance
+
+- [x] Are third party tools used within the code? (**Mandatory** check. Best practice is to keep an inventory)
+- [x] If so do they adhere to the NCSC's [Cloud Security Principles](https://www.ncsc.gov.uk/collection/cloud-security/implementing-the-cloud-security-principles)? (**Mandatory**)
+
+### An internal code review has been completed
+
+- [ ] Has a colleague reviewed the code for sensitive data content and security vulnerabilities? (**Mandatory** - Best practice is to record automated code quality and security tools used)
+- [ ] Has a code quality review been completed focussing on the end usability and clarity? (**Optional** - consider runing through the [example](https://best-practice-and-impact.github.io/qa-of-code-guidance/checklist_higher.html) or similar code quality checklist)
+- [ ] Has the code been assessed for its [level or RAP](https://github.com/NHSDigital/rap-community-of-practice/blob/main/what_is_RAP/levels_of_RAP.md)(Reproducible Analytical Pipeline)?