Release Preperation

.github/workflows/pypi.yml

@@ -0,0 +1,45 @@
+# This workflow will upload a Python Package using Twine when a new tag is created
+# For more information see: https://help.github.com/en/actions/language-and-framework-guides/using-python-with-github-actions#publishing-to-package-registries
+
+name: detect-secrets-pypi
+
+on:
+  push:
+    tags:
+      - v*
+
+jobs:
+
+  tox:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest]
+        python: ['3.6', '3.7', '3.8', '3.9']
+    steps:
+    - uses: actions/checkout@v2
+    - uses: actions/setup-python@v2
+      with:
+        python-version: ${{ matrix.python }}
+    - run: python -m pip install --upgrade setuptools pip tox virtualenv
+    # Run tox only for the installed py version on the runner as outlined in the python matrix
+    # Ensures the correct py version is installed and tested as opposed to 'tox' which attempts to run for all py versions in tox.ini
+    - run: tox -e py
+    - run: tox -e mypy
+
+  deploy:
+    # Run tests beforing deploying to pypi
+    needs: tox
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Python
+      uses: actions/setup-python@v2
+      with:
+        python-version: 3.8
+    - name: Build package
+      run: python setup.py sdist bdist_wheel
+    - name: Publish package
+      uses: pypa/gh-action-pypi-publish@v1.5.0
+      with:
+        password: ${{ secrets.pypi_password }}

CHANGELOG.md

@@ -29,6 +29,49 @@ If you love `detect-secrets`, please star our project on GitHub to show your sup
 ### Unreleased
 -->
 
+### v1.2.0
+##### February 10th, 2022
+
+#### :mega: Release Highlights
+- Continous integration github action added ([#506])
+- Release pipeline github action added ([#513])
+
+#### :tada: New Features
+
+- New GitHub token plugin added ([#465])
+- New SendGrid plugin added ([#463])
+- More new ignored file extensions
+
+#### :bug: Bugfixes
+- Fixes catastrophic backtracking for indirect reference heuristic ([#509])
+- Fixes pre-commit hook secret equality checking causing updates to baseline with no real changes - only a timestamp update ([#507])
+- Fixes python 3.8 failing to load plugins on windows and macos ([#505])
+- Fixes yaml transformer inline dicitonary index out of bounds exceptions ([#501])
+- Fixes regex for slack url ([#477])
+- Fixes `AttributeError: 'PotentialSecret' object has no attribute 'line_number'` by safely falling back to 0 if line_number isn't present. ([#476])([#472])
+- Fixes gibberish-detector current version
+- Fixes filtering ordering in .secrets.baseline
+
+#### :snake: Miscellaneous
+
+- Updated README due hook failing to interpret filenames with spaces ([#470])
+- Add CI github action badge to README
+- Development dependency bumps ([#519])
+
+[#463]: https://github.com/Yelp/detect-secrets/pull/463
+[#465]: https://github.com/Yelp/detect-secrets/pull/465
+[#470]: https://github.com/Yelp/detect-secrets/pull/470
+[#472]: https://github.com/Yelp/detect-secrets/pull/472
+[#476]: https://github.com/Yelp/detect-secrets/pull/476
+[#477]: https://github.com/Yelp/detect-secrets/pull/477
+[#501]: https://github.com/Yelp/detect-secrets/pull/501
+[#505]: https://github.com/Yelp/detect-secrets/pull/505
+[#506]: https://github.com/Yelp/detect-secrets/pull/506
+[#507]: https://github.com/Yelp/detect-secrets/pull/507
+[#509]: https://github.com/Yelp/detect-secrets/pull/509
+[#513]: https://github.com/Yelp/detect-secrets/pull/513
+[#519]: https://github.com/Yelp/detect-secrets/pull/519
+
 ### v1.1.0
 ##### April 14th, 2021
 

README.md

@@ -380,7 +380,7 @@ We recommend setting this up as a pre-commit hook. One way to do this is by usin
 # .pre-commit-config.yaml
 repos:
 -   repo: https://github.com/Yelp/detect-secrets
-    rev: v1.0.0
+    rev: v1.2.0
     hooks:
     -   id: detect-secrets
         args: ['--baseline', '.secrets.baseline']

docs/upgrades.md

@@ -71,10 +71,5 @@ scripts/bump-version
 
 ### Pushing to PyPi
 
-```bash
-# First, test with test.pypi.com
-scripts/upload-to-pypi
-
-# If all looks good, we can head to prod!
-scripts/upload-to-pypi --prod
-```
+Once the tag from `scripts/bump-version` has been created and pushed to the repository, the pypi
+github action will automatically start and publish the package to pypi.

setup.cfg

@@ -4,10 +4,7 @@ commit = True
 tag = True
 
 [metadata]
-description-file = README.md
-
-[wheel]
-universal = True
+description_file = README.md
 
 [bumpversion:file:detect_secrets/__version__.py]
 search = VERSION = '{current_version}'