Skip to content

⚠️ CONFLICT! Lineage pull request for: skeleton #35

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 74 commits into
base: develop
Choose a base branch
from
Open

⚠️ CONFLICT! Lineage pull request for: skeleton #35

wants to merge 74 commits into from
+180 −209

Conversation

@cisagovbot
Copy link

@cisagovbot cisagovbot commented Nov 21, 2025
edited by jsf9k
Loading

Lineage Pull Request: CONFLICT

Achtung!!!

Lineage has created this pull request to incorporate new changes found in an upstream repository:

Upstream repository: https://github.com/cisagov/skeleton-python-library.git
Remote branch: HEAD

Check the changes in this pull request to ensure they won't cause issues with your project.

The lineage/skeleton branch has one or more unresolved merge conflicts that you must resolve before merging this pull request!

How to resolve the conflicts

  1. Take ownership of this pull request by removing any other assignees.

  2. Clone the repository locally, and reapply the merge:

    git clone git@github.com:cisagov/mongo-db-from-config.git mongo-db-from-config
cd mongo-db-from-config
git remote add skeleton https://github.com/cisagov/skeleton-python-library.git
git remote set-url --push skeleton no_push
git switch develop
git switch --create lineage/skeleton --track origin/develop
git pull skeleton HEAD
git status

  3. Review the changes displayed by the status command. Fix any conflicts and possibly incorrect auto-merges.

  4. After resolving each of the conflicts, add your changes to the branch, commit, and push your changes:

    git add .github/workflows/build.yml README.md setup.py src/mongo_db_from_config/_version.py 
git commit
git push --force --set-upstream origin lineage/skeleton

    Note that you may append to the default merge commit message that git creates for you, but please do not delete the existing content. It provides useful information about the merge that is being performed.

  5. Wait for all the automated tests to pass.

  6. Confirm each item in the "Pre-approval checklist" below.

  7. Remove any of the checklist items that do not apply.

  8. Ensure every remaining checkbox has been checked.

  9. Mark this draft pull request "Ready for review".

✅ Pre-approval checklist

  • ✌️ The conflicts in this pull request have been resolved.
  • All relevant type-of-change labels have been added.
  • All new and existing tests pass.
  • Bump major, minor, patch, pre-release, and/or build versions as appropriate via the bump_version script if this repository is versioned and the changes in this PR warrant a version bump.
  • Create a pre-release (necessary if and only if the pre-release version was bumped).

✅ Pre-merge checklist

  • Finalize version.

✅ Post-merge checklist

  • Create a release (necessary if and only if the version was bumped).

Note

You are seeing this because one of this repository's maintainers has configured Lineage to open pull requests.

For more information:

🛠 Lineage configurations for this project are stored in .github/lineage.yml

📚 Read more about Lineage

dependabot bot and others added 30 commits October 13, 2025 18:01
@dependabot
Bump github/codeql-action from 3 to 4
59f893b 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v3...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@mcdonnnj
Remove an unnecessary permission from the PR label workflow
a44c47d 
There should be no reason for the actions/labeler action to create new
labels so we can remove the permission that would allow this to occur.
@dependabot
Bump actions/download-artifact from 5 to 6
f5ede35 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5 to 6.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v5...v6)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@jsf9k
Add pyproject.toml and remove setup.py
336618a
@jsf9k
Move pytest config to pyproject.toml
c02b9d2
@jsf9k
Add a license badge
629a0cc
@mcdonnnj
Update the color used for the python label
e133119 
This updates the existing color, which was pulled from the Python logo,
to the color used in the Python website's CSS for the "Python" item in
the site's top menu.
@mcdonnnj
Update the color used for the javascript label
15771ca 
This reflects the value defined by JSConf and used in their
unofficially official logo for JS.
@mcdonnnj
Update the color used for the typescript label
a7eeb15 
This reflects the color of the logo from the TypeScript branding page
at https://www.typescriptlang.org/branding/.
@mcdonnnj
Update the color used for the ansible label
fb7a736 
This mirrors the value used as a background for the mango Ansible
community mark logo found in the ansible/logos repository.
@mcdonnnj
Update the color used for the docker label
5503151 
This is the "Moby Blue" primary color as defined in the Docker brand
guidelines color section found at
https://www.docker.com/company/newsroom/media-resources/.
@mcdonnnj
Add a label and auto-label configuration for shell scripts
dc0d9a0 
Since we use shell scripts throughout our projects it makes sense to
have a dedicated label.
@jsf9k
Remove needless blank line
586af7c
@mcdonnnj @dav3r
Improve a labeler configuration's explanatory comment
8b5f6d2 
Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
@jsf9k
Add pyproject.toml as a trigger for the test label
8a10d11 
This is because this file now contains configurations for test tools.

Also remove test tool config files that no longer exist.
@jsf9k
Add a few helpful comments
60d3f11 
These may be of use to folks who are editing pyproject.toml for a
descendant of this skeleton repository.
@jsf9k
Add a few more classifiers
3b8d5fc
@jsf9k
Correct license SPDX expression
8cb395a 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jsf9k
Rename .flake8 to pyproject.toml and update syntax
ad708bd 
We can configure all our Python tooling in a single pyproject.toml
file.

Note that using pyproject.toml to configure flake8 requires the
addition of the flake8-pyproject Python library.
@jsf9k
Add flake8-pyproject as an additional dependency of the flake8 pre-co…
2a3bb8b 
…mmit hook

This will ensure that, even when run as a pre-commit hook, flake8
reads its configuration from the pyproject.toml file.
@jsf9k
Move isort config to pyproject.toml file
a70cf3c
@jsf9k
Add pyproject.toml as a trigger for the test label
c1861e6 
Also remove .flake8 and .isort.cfg as triggers for the same label.
@jsf9k
Move contents of .bandit.yml to CLI option in .pre-commit-config.yaml
da7213e 
This gets rid of the .bandit.yml file that was being used only against
the test code.
@jsf9k
Remove the .bandit.yml file
22c6f40 
This file was doing nothing due to its contents.
@jsf9k
Pin the flake8-pyproject dependency in the pre-commit configuration
15cb601 
The flake8-docstrings dependency is pinned, so this one should be too.
@jsf9k
Remove flake8-pyproject dependency from requirements-test.txt
bc6bf8c 
flake8 itself isn't installed here, so this dependency shouldn't be
either.  This jibes with the fact that we don't install
flake8-docstrings (another dependency of the flake8 pre-commit hook)
into the virtual environment either.
@jsf9k
Remove deprecated license classifier
7b9de90 
See here for more details:
https://packaging.python.org/en/latest/specifications/pyproject-toml/#classifiers
@jsf9k
Use well-known labels for project URL keys
13abf00 
See here for more details:
https://packaging.python.org/en/latest/specifications/well-known-project-urls/#well-known-labels
@jsf9k
Switch to using the setuptools build backend
461f872 
The setuptools build backend:
- Supports native extensions, in contrast with the hatchling build
backend
- Is the most commonly used build backend among projects on PyPI
- Is an officially supported build backend from Python, in contrast
with the hatchling build backend
@jsf9k
Add package-data
da6d6a2 
This ensures that the data file(s) are incorporated into the wheels
that are built.
@github-actions github-actions bot added documentation This issue or pull request improves or adds to documentation version bump This issue or pull request increments the version number dependencies Pull requests that update a dependency file github-actions Pull requests that update GitHub Actions code python Pull requests that update Python code test This issue or pull request adds or otherwise modifies test code labels Nov 21, 2025
@jsf9k jsf9k unassigned dav3r and mcdonnnj Nov 24, 2025
@github-project-automation github-project-automation bot moved this to In progress in BOD 18-01 Nov 24, 2025
@jsf9k jsf9k moved this to In Progress in CyHy System Nov 24, 2025
@jsf9k jsf9k force-pushed the lineage/skeleton branch 2 times, most recently from 206a111 to 5f6ee46 Compare November 24, 2025 17:57
@jsf9k
Specify the license via the deprecated PEP 621 format
9ce39fc 
Although PEP 639 allows us to specify teh license via a simple SPDX
string, the versions of setuptools we have to use for Python 3.7 and
3.8 do not allow this; hence, this antiquated format from the
deprecated PEP 621.
@coveralls
Copy link

coveralls commented Nov 24, 2025
edited
Loading

Coverage Status

coverage: 100.0%. remained the same
when pulling 772bb63 on lineage/skeleton
into d26a5d0 on develop.

@jsf9k jsf9k marked this pull request as ready for review November 24, 2025 18:31
@jsf9k jsf9k moved this from In progress to Review in progress in BOD 18-01 Nov 24, 2025
jsf9k added 2 commits November 24, 2025 19:37
@jsf9k
Remove types-setuptools and setuptools as dependencies
ec24337 
From the dev and install dependencies list, respectively.
@jsf9k
Add hidden dependency of mongomock for Python >= 3.12
772bb63 
setuptools is a hidden dependency of mongomock, and it is not
otherwise present under Python 3.12 and later.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jsf9k jsf9k jsf9k approved these changes

@dav3r dav3r Awaiting requested review from dav3r dav3r is a code owner

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

@jsf9k jsf9k

Labels

dependencies Pull requests that update a dependency file documentation This issue or pull request improves or adds to documentation github-actions Pull requests that update GitHub Actions code python Pull requests that update Python code test This issue or pull request adds or otherwise modifies test code upstream update This issue or pull request pulls in upstream updates version bump This issue or pull request increments the version number

Projects

BOD 18-01
Status: Review in progress
CyHy System
Status: In Progress

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@cisagovbot @coveralls @jsf9k @dav3r @mcdonnnj