From c2f77627e77b282f748f9672e98d2483e33f40e5 Mon Sep 17 00:00:00 2001 From: Coding-Dev-Tools Date: Mon, 18 May 2026 11:54:35 -0400 Subject: [PATCH] CI hardening: remove npm-publish.yml, add Python 3.13, persist-credentials, permissions, project.urls --- .github/workflows/ci.yml | 8 +- .github/workflows/npm-publish.yml | 27 ------ pyproject.toml | 131 +++++++++++++++--------------- 3 files changed, 73 insertions(+), 93 deletions(-) delete mode 100644 .github/workflows/npm-publish.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1acf4d9..6c1a78f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,15 +6,20 @@ on: pull_request: branches: [main] +permissions: + contents: read + jobs: test: runs-on: ubuntu-latest strategy: matrix: - python-version: ["3.10", "3.11", "3.12"] + python-version: ["3.10", "3.11", "3.12", "3.13"] steps: - uses: actions/checkout@v4 + with: + persist-credentials: false - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v5 @@ -30,4 +35,3 @@ jobs: - name: Run tests run: | python -m pytest tests/ -v --cov=src --cov-report=term-missing - diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml deleted file mode 100644 index cb14d77..0000000 --- a/.github/workflows/npm-publish.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: Publish to npm - -on: - release: - types: [published] - workflow_dispatch: - -jobs: - publish: - runs-on: ubuntu-latest - permissions: - contents: read - - steps: - - uses: actions/checkout@v6 - - - name: Set up Node.js - uses: actions/setup-node@v6 - with: - node-version: "22" - registry-url: "https://registry.npmjs.org" - - - name: Publish to npm - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - run: | - npm publish --access public diff --git a/pyproject.toml b/pyproject.toml index 348db56..6050e2e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,65 +1,68 @@ -[build-system] -requires = ["setuptools>=68.0", "wheel"] -build-backend = "setuptools.build_meta" - -[project] -name = "configdrift" -version = "0.1.0" -description = "CLI tool that detects and fixes configuration file drift across environments (dev/staging/prod). Supports YAML, JSON, TOML, and .env formats." -readme = "README.md" -requires-python = ">=3.10" -license = "MIT" -authors = [{name = "Revenue Holdings"}] -keywords = ["config", "drift", "diff", "env", "devops", "cli"] -classifiers = [ - "Development Status :: 4 - Beta", - "Intended Audience :: Developers", - "Topic :: Software Development :: Quality Assurance", - "Topic :: System :: Systems Administration", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.10", - "Programming Language :: Python :: 3.11", - "Programming Language :: Python :: 3.12", -] -dependencies = [ - "typer>=0.9.0", - "rich>=13.0.0", - "pyyaml>=6.0", - "tomli>=2.0.0; python_version < '3.11'", - "tomli-w>=1.0.0", -] - -[project.optional-dependencies] -license = ["revenueholdings-license>=0.1.0"] -dev = [ - "pytest>=7.0.0", - "pytest-cov>=4.0.0", - "ruff>=0.4.0", -] -toml = ["tomli>=2.0.0", "tomli-w>=1.0.0"] - -[project.urls] -Homepage = "https://github.com/Coding-Dev-Tools/configdrift" -Repository = "https://github.com/Coding-Dev-Tools/configdrift" -"Issue Tracker" = "https://github.com/Coding-Dev-Tools/configdrift/issues" - -[project.scripts] -configdrift = "configdrift.cli:app" - -[tool.setuptools.packages.find] -where = ["src"] - -[tool.pytest.ini_options] -testpaths = ["tests"] -addopts = "-v --tb=short" - -[tool.ruff] -target-version = "py310" -line-length = 120 - -[tool.ruff.lint] -select = ["E", "F", "W", "I", "UP", "B", "SIM"] -ignore = ["E501"] - -[tool.ruff.lint.isort] +[build-system] +requires = ["setuptools>=68.0", "wheel"] +build-backend = "setuptools.build_meta" + +[project] +name = "configdrift" +version = "0.1.0" +description = "CLI tool that detects and fixes configuration file drift across environments (dev/staging/prod). Supports YAML, JSON, TOML, and .env formats." +readme = "README.md" +requires-python = ">=3.10" +license = "MIT" +authors = [{name = "Revenue Holdings"}] +keywords = ["config", "drift", "diff", "env", "devops", "cli"] +classifiers = [ + "Development Status :: 4 - Beta", + "Intended Audience :: Developers", + "Topic :: Software Development :: Quality Assurance", + "Topic :: System :: Systems Administration", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Programming Language :: Python :: 3.13", +] +dependencies = [ + "typer>=0.9.0", + "rich>=13.0.0", + "pyyaml>=6.0", + "tomli>=2.0.0; python_version < '3.11'", + "tomli-w>=1.0.0", +] + +[project.optional-dependencies] +license = ["revenueholdings-license>=0.1.0"] +dev = [ + "pytest>=7.0.0", + "pytest-cov>=4.0.0", + "ruff>=0.4.0", +] +toml = ["tomli>=2.0.0", "tomli-w>=1.0.0"] + +[project.urls] +Homepage = "https://github.com/Coding-Dev-Tools/configdrift" +Documentation = "https://coding-dev-tools.github.io/configdrift" +Repository = "https://github.com/Coding-Dev-Tools/configdrift" +Issues = "https://github.com/Coding-Dev-Tools/configdrift/issues" +Changelog = "https://github.com/Coding-Dev-Tools/configdrift/releases" + +[project.scripts] +configdrift = "configdrift.cli:app" + +[tool.setuptools.packages.find] +where = ["src"] + +[tool.pytest.ini_options] +testpaths = ["tests"] +addopts = "-v --tb=short" + +[tool.ruff] +target-version = "py310" +line-length = 120 + +[tool.ruff.lint] +select = ["E", "F", "W", "I", "UP", "B", "SIM"] +ignore = ["E501"] + +[tool.ruff.lint.isort] known-first-party = ["*"]