From 59f893b034e472e35ae79f2503a6d0cf6a65c6e4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Oct 2025 18:01:12 +0000 Subject: [PATCH 01/54] Bump github/codeql-action from 3 to 4 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0722fa3..ac19c95 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -117,7 +117,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} @@ -125,7 +125,7 @@ jobs: # Java). If this step fails, then you should remove it and run the build # manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@v4 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -139,4 +139,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 From a44c47daa5cc09ed51cfd9930efdb1c0d6e51f50 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 15 Oct 2025 12:26:46 -0400 Subject: [PATCH 02/54] Remove an unnecessary permission from the PR label workflow There should be no reason for the actions/labeler action to create new labels so we can remove the permission that would allow this to occur. --- .github/workflows/label-prs.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/label-prs.yml b/.github/workflows/label-prs.yml index 9d78e39..412cc4a 100644 --- a/.github/workflows/label-prs.yml +++ b/.github/workflows/label-prs.yml @@ -59,7 +59,6 @@ jobs: permissions: # Permissions required by actions/labeler contents: read - issues: write pull-requests: write runs-on: ubuntu-latest steps: From f5ede35548c3531b9478891358594169372a4673 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Oct 2025 17:15:51 +0000 Subject: [PATCH 03/54] Bump actions/download-artifact from 5 to 6 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5 to 6. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 922d219..79dcaf3 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -487,7 +487,7 @@ jobs: restore-keys: | ${{ env.BASE_CACHE_KEY }} - name: Retrieve the built wheel - uses: actions/download-artifact@v5 + uses: actions/download-artifact@v6 with: name: dist-${{ matrix.python-version }} path: dist From 336618a8848a51ce56322e045a3955a12ee13a13 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Tue, 28 Oct 2025 13:13:42 -0400 Subject: [PATCH 04/54] Add pyproject.toml and remove setup.py --- .github/labeler.yml | 2 +- pyproject.toml | 74 ++++++++++++++++++++++++++++ setup.py | 116 -------------------------------------------- 3 files changed, 75 insertions(+), 117 deletions(-) create mode 100644 pyproject.toml delete mode 100644 setup.py diff --git a/.github/labeler.yml b/.github/labeler.yml index 0826a4d..bfce97d 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -18,7 +18,7 @@ dependencies: # Add any dependency files used. - .pre-commit-config.yaml - requirements*.txt - - setup.py + - pyproject.toml docker: - changed-files: - any-glob-to-any-file: diff --git a/pyproject.toml b/pyproject.toml new file mode 100644 index 0000000..a9d5cf3 --- /dev/null +++ b/pyproject.toml @@ -0,0 +1,74 @@ +# For more information about configuring project metadata for the +# hatch build backend, please see +# https://hatch.pypa.io/latest/config/metadata/ +[build-system] +build-backend = "hatchling.build" +requires = ["hatchling"] + +[project] +authors = [ + { name = "Cybersecurity and Infrastructure Security Agency", email = "github@cisa.dhs.gov" } +] +classifiers = [ + # How mature is this project? Common values are + # 3 - Alpha + # 4 - Beta + # 5 - Production/Stable + "Development Status :: 3 - Alpha", + # Indicate who your project is intended for + "Intended Audience :: Developers", + # Pick your license as you wish (should match "license" above) + "License :: CC0 1.0 Universal (CC0 1.0) Public Domain Dedication", + # Specify the Python versions you support here. In particular, ensure + # that you indicate whether you support Python 2, Python 3 or both. + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3 :: Only", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Programming Language :: Python :: 3.13", + "Programming Language :: Python :: 3.14", + "Programming Language :: Python :: Implementation :: CPython", +] +dependencies = [ + "docopt", + "schema", +] +description = "Example Python library" +dynamic = ["version"] +keywords = ["skeleton"] +license = " CC-BY-1.0" +name = "example" +readme = "README.md" +requires-python = ">=3.9" + +[project.optional-dependencies] +# IMPORTANT: Keep type hinting-related dependencies of the dev section +# in sync with the mypy pre-commit hook configuration (see +# .pre-commit-config.yaml). Any changes to type hinting-related +# dependencies here should be reflected in the additional_dependencies +# field of the mypy pre-commit hook to avoid discrepancies in type +# checking between environments. +dev = [ + "types-docopt", + "types-setuptools", +] +test = [ + "coverage", + "coveralls", + "pre-commit", + "pytest-cov", + "pytest", +] + +[project.scripts] +example = "example.example:main" + +[project.urls] +Mission = "https://www.cisa.gov/cybersecurity" +Source = "https://github.com/cisagov/skeleton-python-library" +Tracker = "https://github.com/cisagov/skeleton-python-library/issues" + +[tool.hatch.version] +path = "src/example/_version.py" diff --git a/setup.py b/setup.py deleted file mode 100644 index 16fe44c..0000000 --- a/setup.py +++ /dev/null @@ -1,116 +0,0 @@ -""" -This is the setup module for the example project. - -Based on: - -- https://packaging.python.org/distributing/ -- https://github.com/pypa/sampleproject/blob/master/setup.py -- https://blog.ionelmc.ro/2014/05/25/python-packaging/#the-structure -""" - -# Standard Python Libraries -import codecs -from glob import glob -from os.path import abspath, basename, dirname, join, splitext - -# Third-Party Libraries -from setuptools import find_packages, setup - - -def readme(): - """Read in and return the contents of the project's README.md file.""" - with open("README.md", encoding="utf-8") as f: - return f.read() - - -# Below two methods were pulled from: -# https://packaging.python.org/guides/single-sourcing-package-version/ -def read(rel_path): - """Open a file for reading from a given relative path.""" - here = abspath(dirname(__file__)) - with codecs.open(join(here, rel_path), "r") as fp: - return fp.read() - - -def get_version(version_file): - """Extract a version number from the given file path.""" - for line in read(version_file).splitlines(): - if line.startswith("__version__"): - delim = '"' if '"' in line else "'" - return line.split(delim)[1] - raise RuntimeError("Unable to find version string.") - - -setup( - name="example", - # Versions should comply with PEP440 - version=get_version("src/example/_version.py"), - description="Example Python library", - long_description=readme(), - long_description_content_type="text/markdown", - # Landing page for CISA's cybersecurity mission - url="https://www.cisa.gov/cybersecurity", - # Additional URLs for this project per - # https://packaging.python.org/guides/distributing-packages-using-setuptools/#project-urls - project_urls={ - "Source": "https://github.com/cisagov/skeleton-python-library", - "Tracker": "https://github.com/cisagov/skeleton-python-library/issues", - }, - # Author details - author="Cybersecurity and Infrastructure Security Agency", - author_email="github@cisa.dhs.gov", - license="License :: CC0 1.0 Universal (CC0 1.0) Public Domain Dedication", - # See https://pypi.python.org/pypi?%3Aaction=list_classifiers - classifiers=[ - # How mature is this project? Common values are - # 3 - Alpha - # 4 - Beta - # 5 - Production/Stable - "Development Status :: 3 - Alpha", - # Indicate who your project is intended for - "Intended Audience :: Developers", - # Pick your license as you wish (should match "license" above) - "License :: CC0 1.0 Universal (CC0 1.0) Public Domain Dedication", - # Specify the Python versions you support here. In particular, ensure - # that you indicate whether you support Python 2, Python 3 or both. - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3 :: Only", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", - "Programming Language :: Python :: 3.11", - "Programming Language :: Python :: 3.12", - "Programming Language :: Python :: 3.13", - "Programming Language :: Python :: 3.14", - "Programming Language :: Python :: Implementation :: CPython", - ], - python_requires=">=3.9", - # What does your project relate to? - keywords="skeleton", - packages=find_packages(where="src"), - package_dir={"": "src"}, - package_data={"example": ["data/*.txt"]}, - py_modules=[splitext(basename(path))[0] for path in glob("src/*.py")], - include_package_data=True, - install_requires=["docopt", "schema", "setuptools"], - extras_require={ - # IMPORTANT: Keep type hinting-related dependencies of the dev section - # in sync with the mypy pre-commit hook configuration (see - # .pre-commit-config.yaml). Any changes to type hinting-related - # dependencies here should be reflected in the additional_dependencies - # field of the mypy pre-commit hook to avoid discrepancies in type - # checking between environments. - "dev": [ - "types-docopt", - "types-setuptools", - ], - "test": [ - "coverage", - "coveralls", - "pre-commit", - "pytest-cov", - "pytest", - ], - }, - # Conveniently allows one to run the CLI tool as `example` - entry_points={"console_scripts": ["example = example.example:main"]}, -) From c02b9d2bc5f17757b0eda718b2f9a32800c06c5a Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Tue, 28 Oct 2025 13:35:17 -0400 Subject: [PATCH 05/54] Move pytest config to pyproject.toml --- pyproject.toml | 6 ++++++ pytest.ini | 4 ---- 2 files changed, 6 insertions(+), 4 deletions(-) delete mode 100644 pytest.ini diff --git a/pyproject.toml b/pyproject.toml index a9d5cf3..e03e669 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -72,3 +72,9 @@ Tracker = "https://github.com/cisagov/skeleton-python-library/issues" [tool.hatch.version] path = "src/example/_version.py" + +[tool.pytest.ini_options] +# Increase verbosity, display extra test summary info for tests that +# did not pass, display code coverage results, and enable debug +# logging. +addopts = "--verbose -ra --cov --log-cli-level=DEBUG" diff --git a/pytest.ini b/pytest.ini deleted file mode 100644 index a1c266e..0000000 --- a/pytest.ini +++ /dev/null @@ -1,4 +0,0 @@ -[pytest] -# Increase verbosity, display extra test summary info for tests that did not pass, -# display code coverage results, and enable debug logging -addopts = --verbose -ra --cov --log-cli-level=DEBUG From 629a0cc616bd06540bddc3ccd39de55bab61403a Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Tue, 28 Oct 2025 16:11:15 -0400 Subject: [PATCH 06/54] Add a license badge --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index cb6c85a..4034ce6 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,9 @@ [![GitHub Build Status](https://github.com/cisagov/skeleton-generic/workflows/build/badge.svg)](https://github.com/cisagov/skeleton-generic/actions) +[![License](https://img.shields.io/github/license/cisagov/skeleton-generic +)](https://spdx.org/licenses/) + This is a generic skeleton project that can be used to quickly get a new [cisagov](https://github.com/cisagov) GitHub project started. This skeleton project contains [licensing information](LICENSE), as From e1331191e7858857c72cac55107e37508e744b6a Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Tue, 28 Oct 2025 21:41:06 -0400 Subject: [PATCH 07/54] Update the color used for the `python` label This updates the existing color, which was pulled from the Python logo, to the color used in the Python website's CSS for the "Python" item in the site's top menu. --- .github/labels.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/labels.yml b/.github/labels.yml index 650ed7c..1a8399b 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -62,7 +62,7 @@ - color: 02a8ef description: Pull requests that update Packer code name: packer -- color: 3772a4 +- color: 3776ab description: Pull requests that update Python code name: python - color: ef476c From 15771ca992f125f5e4c9516e7645b7b79908cad2 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 29 Oct 2025 03:29:59 -0400 Subject: [PATCH 08/54] Update the color used for the `javascript` label This reflects the value defined by JSConf and used in their unofficially official logo for JS. --- .github/labels.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/labels.yml b/.github/labels.yml index 1a8399b..3801ada 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -47,7 +47,7 @@ - color: fef2c0 description: This issue or pull request is not applicable, incorrect, or obsolete name: invalid -- color: f1d642 +- color: f0db4f description: Pull requests that update JavaScript code name: javascript - color: ce099a From a7eeb15808fccae45d6010641192f341f7013f50 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 29 Oct 2025 03:40:49 -0400 Subject: [PATCH 09/54] Update the color used for the `typescript` label This reflects the color of the logo from the TypeScript branding page at https://www.typescriptlang.org/branding/. --- .github/labels.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/labels.yml b/.github/labels.yml index 3801ada..6f63095 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -77,7 +77,7 @@ - color: 00008b description: This issue or pull request adds or otherwise modifies test code name: test -- color: 2b6ebf +- color: 2678c5 description: Pull requests that update TypeScript code name: typescript - color: 1d76db From fb7a73609e7d45eae2d566a39368a5ad5ea3ddb4 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 29 Oct 2025 03:51:12 -0400 Subject: [PATCH 10/54] Update the color used for the `ansible` label This mirrors the value used as a background for the mango Ansible community mark logo found in the ansible/logos repository. --- .github/labels.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/labels.yml b/.github/labels.yml index 6f63095..4862f3c 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -2,7 +2,7 @@ # Rather than breaking up descriptions into multiline strings we disable that # specific rule in yamllint for this file. # yamllint disable rule:line-length -- color: f15a53 +- color: ff5850 description: Pull requests that update Ansible code name: ansible - color: eb6420 From 55031516e97274377694f2974d210054444c406b Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 29 Oct 2025 03:59:50 -0400 Subject: [PATCH 11/54] Update the color used for the `docker` label This is the "Moby Blue" primary color as defined in the Docker brand guidelines color section found at https://www.docker.com/company/newsroom/media-resources/. --- .github/labels.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/labels.yml b/.github/labels.yml index 4862f3c..a539e6e 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -20,7 +20,7 @@ - color: 0366d6 description: Pull requests that update a dependency file name: dependencies -- color: 2497ed +- color: 1d63ed description: Pull requests that update Docker code name: docker - color: 5319e7 From dc0d9a0be70aab4c4f47f884ec649ac4fb086fff Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 29 Oct 2025 05:21:25 -0400 Subject: [PATCH 12/54] Add a label and auto-label configuration for shell scripts Since we use shell scripts throughout our projects it makes sense to have a dedicated label. --- .github/labeler.yml | 7 +++++++ .github/labels.yml | 3 +++ 2 files changed, 10 insertions(+) diff --git a/.github/labeler.yml b/.github/labeler.yml index a4e2186..5ccd8fe 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -44,6 +44,13 @@ python: - changed-files: - any-glob-to-any-file: - "**/*.py" +shell script: + - changed-files: + - any-glob-to-any-file: + # Add any shell scripts that do not end in the ".sh" extension. + - "**/*.sh" + - bump-version + - setup-env terraform: - changed-files: - any-glob-to-any-file: diff --git a/.github/labels.yml b/.github/labels.yml index 650ed7c..aa77db7 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -71,6 +71,9 @@ - color: d73a4a description: This issue or pull request addresses a security issue name: security +- color: 4eaa25 + description: Pull requests that update shell scripts + name: shell script - color: 7b42bc description: Pull requests that update Terraform code name: terraform From 586af7c89d29858b80f9abc150204858e281b4b3 Mon Sep 17 00:00:00 2001 From: Shane Frasier Date: Wed, 29 Oct 2025 08:52:57 -0400 Subject: [PATCH 13/54] Remove needless blank line --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 4034ce6..22134a3 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,6 @@ # skeleton-generic # [![GitHub Build Status](https://github.com/cisagov/skeleton-generic/workflows/build/badge.svg)](https://github.com/cisagov/skeleton-generic/actions) - [![License](https://img.shields.io/github/license/cisagov/skeleton-generic )](https://spdx.org/licenses/) From 8b5f6d215931b0252a33f92899e75aea082b9f70 Mon Sep 17 00:00:00 2001 From: Nick <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 29 Oct 2025 13:28:50 -0400 Subject: [PATCH 14/54] Improve a labeler configuration's explanatory comment Co-authored-by: dav3r --- .github/labeler.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/labeler.yml b/.github/labeler.yml index 5ccd8fe..05478bd 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -47,7 +47,8 @@ python: shell script: - changed-files: - any-glob-to-any-file: - # Add any shell scripts that do not end in the ".sh" extension. + # If this project has any shell scripts that do not end in the ".sh" + # extension, add them below. - "**/*.sh" - bump-version - setup-env From 8a10d11f98e14fe99d27ef6b7f443247bd204203 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Tue, 28 Oct 2025 14:51:01 -0400 Subject: [PATCH 15/54] Add pyproject.toml as a trigger for the test label This is because this file now contains configurations for test tools. Also remove test tool config files that no longer exist. --- .github/labeler.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/labeler.yml b/.github/labeler.yml index bfce97d..5ba6c2a 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -56,10 +56,9 @@ test: - .ansible-lint - .bandit.yml - .flake8 - - .isort.cfg - .mdl_config.yaml - .yamllint - - pytest.ini + - pyproject.toml - tests/** typescript: - changed-files: From 60d3f117203387b8cec2c470774f3180beec4585 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Tue, 28 Oct 2025 15:05:45 -0400 Subject: [PATCH 16/54] Add a few helpful comments These may be of use to folks who are editing pyproject.toml for a descendant of this skeleton repository. --- pyproject.toml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pyproject.toml b/pyproject.toml index e03e669..9c8d707 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -9,6 +9,7 @@ requires = ["hatchling"] authors = [ { name = "Cybersecurity and Infrastructure Security Agency", email = "github@cisa.dhs.gov" } ] +# See https://pypi.python.org/pypi?%3Aaction=list_classifiers classifiers = [ # How mature is this project? Common values are # 3 - Alpha @@ -66,11 +67,13 @@ test = [ example = "example.example:main" [project.urls] +# Landing page for CISA's cybersecurity mission Mission = "https://www.cisa.gov/cybersecurity" Source = "https://github.com/cisagov/skeleton-python-library" Tracker = "https://github.com/cisagov/skeleton-python-library/issues" [tool.hatch.version] +# Versions should comply with PEP440 path = "src/example/_version.py" [tool.pytest.ini_options] From 3b8d5fcc036bfd470be60d46a51d17b20d6dbcd5 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Tue, 28 Oct 2025 15:37:47 -0400 Subject: [PATCH 17/54] Add a few more classifiers --- pyproject.toml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pyproject.toml b/pyproject.toml index 9c8d707..c83342c 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,10 +16,13 @@ classifiers = [ # 4 - Beta # 5 - Production/Stable "Development Status :: 3 - Alpha", + "Environment :: Console", # Indicate who your project is intended for "Intended Audience :: Developers", # Pick your license as you wish (should match "license" above) "License :: CC0 1.0 Universal (CC0 1.0) Public Domain Dedication", + "Natural Language :: English", + "Operating System :: OS Independent", # Specify the Python versions you support here. In particular, ensure # that you indicate whether you support Python 2, Python 3 or both. "Programming Language :: Python :: 3", From 8cb395a8ca4cc3ba96ecbd3c4f02c2f056281fe0 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 6 Nov 2025 12:47:23 -0500 Subject: [PATCH 18/54] Correct license SPDX expression Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index c83342c..13a3955 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -42,7 +42,7 @@ dependencies = [ description = "Example Python library" dynamic = ["version"] keywords = ["skeleton"] -license = " CC-BY-1.0" +license = "CC0-1.0" name = "example" readme = "README.md" requires-python = ">=3.9" From ad708bd9fad93d23f837f71d975ddee4060a4aec Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 6 Nov 2025 16:21:25 -0500 Subject: [PATCH 19/54] Rename .flake8 to pyproject.toml and update syntax We can configure all our Python tooling in a single pyproject.toml file. Note that using pyproject.toml to configure flake8 requires the addition of the flake8-pyproject Python library. --- .flake8 => pyproject.toml | 6 +++--- requirements-test.txt | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) rename .flake8 => pyproject.toml (92%) diff --git a/.flake8 b/pyproject.toml similarity index 92% rename from .flake8 rename to pyproject.toml index 92ff826..574223c 100644 --- a/.flake8 +++ b/pyproject.toml @@ -1,4 +1,4 @@ -[flake8] +[tool.flake8] max-line-length = 80 # Select (turn on) # * Complexity violations reported by mccabe (C) - @@ -13,7 +13,7 @@ max-line-length = 80 # https://github.com/PyCQA/flake8-bugbear#list-of-warnings # * The B950 flake8-bugbear opinionated warning - # https://github.com/PyCQA/flake8-bugbear#opinionated-warnings -select = C,D,E,F,W,B,B950 +select = ["C", "D", "E", "F", "W", "B", "B950"] # Ignore flake8's default warning about maximum line length, which has # a hard stop at the configured value. Instead we use # flake8-bugbear's B950, which allows up to 10% overage. @@ -22,4 +22,4 @@ select = C,D,E,F,W,B,B950 # operators. It no longer agrees with PEP8. See, for example, here: # https://github.com/ambv/black/issues/21. Guido agrees here: # https://github.com/python/peps/commit/c59c4376ad233a62ca4b3a6060c81368bd21e85b. -ignore = E501,W503 +extend-ignore = ["E501", "W503"] diff --git a/requirements-test.txt b/requirements-test.txt index 66f74db..3fd2ff1 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -1,2 +1,3 @@ --requirement requirements.txt +flake8-pyproject pre-commit From 2a3bb8b44d9597078b1add4c6b649edf45955e91 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 6 Nov 2025 16:25:57 -0500 Subject: [PATCH 20/54] Add flake8-pyproject as an additional dependency of the flake8 pre-commit hook This will ensure that, even when run as a pre-commit hook, flake8 reads its configuration from the pyproject.toml file. --- .pre-commit-config.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index bc76d85..2193233 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -144,6 +144,9 @@ repos: - id: flake8 additional_dependencies: - flake8-docstrings==1.7.0 + # This is necessary to read the flake8 configuration from + # the pyproject.toml file. + - flake8-pyproject - repo: https://github.com/PyCQA/isort rev: 6.0.1 hooks: From a70cf3c5a12b8dcd116867484ca76eed3e2b1c7c Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 6 Nov 2025 16:32:02 -0500 Subject: [PATCH 21/54] Move isort config to pyproject.toml file --- .isort.cfg | 10 ---------- pyproject.toml | 12 ++++++++++++ 2 files changed, 12 insertions(+), 10 deletions(-) delete mode 100644 .isort.cfg diff --git a/.isort.cfg b/.isort.cfg deleted file mode 100644 index 46d45f3..0000000 --- a/.isort.cfg +++ /dev/null @@ -1,10 +0,0 @@ -[settings] -combine_star=true -force_sort_within_sections=true - -import_heading_stdlib=Standard Python Libraries -import_heading_thirdparty=Third-Party Libraries -import_heading_firstparty=cisagov Libraries - -# Run isort under the black profile to align with our other Python linting -profile=black diff --git a/pyproject.toml b/pyproject.toml index 574223c..eec000b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -23,3 +23,15 @@ select = ["C", "D", "E", "F", "W", "B", "B950"] # https://github.com/ambv/black/issues/21. Guido agrees here: # https://github.com/python/peps/commit/c59c4376ad233a62ca4b3a6060c81368bd21e85b. extend-ignore = ["E501", "W503"] + +[tool.isort] +combine_star = true +force_sort_within_sections = true + +import_heading_stdlib = "Standard Python Libraries" +import_heading_thirdparty = "Third-Party Libraries" +import_heading_firstparty = "cisagov Libraries" + +# Run isort under the black profile to align with our other Python +# linting +profile = "black" From c1861e6027848854dc975180e1e44b18cee73367 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 6 Nov 2025 16:38:38 -0500 Subject: [PATCH 22/54] Add pyproject.toml as a trigger for the test label Also remove .flake8 and .isort.cfg as triggers for the same label. --- .github/labeler.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/labeler.yml b/.github/labeler.yml index a4e2186..d6c77d0 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -54,10 +54,9 @@ test: # Add any test-related files or paths. - .ansible-lint - .bandit.yml - - .flake8 - - .isort.cfg - .mdl_config.yaml - .yamllint + - pyproject.toml typescript: - changed-files: - any-glob-to-any-file: From da7213e4f1c25bedcd52ec4267a494e85102a106 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 6 Nov 2025 16:53:10 -0500 Subject: [PATCH 23/54] Move contents of .bandit.yml to CLI option in .pre-commit-config.yaml This gets rid of the .bandit.yml file that was being used only against the test code. --- .bandit.yml | 14 -------------- .github/labeler.yml | 1 - .pre-commit-config.yaml | 4 +++- 3 files changed, 3 insertions(+), 16 deletions(-) delete mode 100644 .bandit.yml diff --git a/.bandit.yml b/.bandit.yml deleted file mode 100644 index 3215b91..0000000 --- a/.bandit.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -# Configuration file for the Bandit python security scanner -# https://bandit.readthedocs.io/en/latest/config.html -# This config is applied to bandit when scanning the "tests" tree - -# Tests are first included by `tests`, and then excluded by `skips`. -# If `tests` is empty, all tests are considered included. - -tests: -# - B101 -# - B102 - -skips: - - B101 # skip "assert used" check since assertions are required in pytests diff --git a/.github/labeler.yml b/.github/labeler.yml index 5ba6c2a..e43a370 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -54,7 +54,6 @@ test: - any-glob-to-any-file: # Add any test-related files or paths. - .ansible-lint - - .bandit.yml - .flake8 - .mdl_config.yaml - .yamllint diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index df67df9..5972e8b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -136,7 +136,9 @@ repos: name: bandit (tests tree) files: tests args: - - --config=.bandit.yml + # Skip "assert used" check since assertions are used + # frequently in pytests. + - --skip=B101 # Run bandit on everything except the "tests" tree - repo: https://github.com/PyCQA/bandit rev: 1.8.6 From 22c6f4019add36d3b9ff3e830f0f018be5aeedd2 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 6 Nov 2025 16:40:19 -0500 Subject: [PATCH 24/54] Remove the .bandit.yml file This file was doing nothing due to its contents. --- .bandit.yml | 13 ------------- .github/labeler.yml | 1 - .pre-commit-config.yaml | 2 -- 3 files changed, 16 deletions(-) delete mode 100644 .bandit.yml diff --git a/.bandit.yml b/.bandit.yml deleted file mode 100644 index ab3cb21..0000000 --- a/.bandit.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -# Configuration file for the Bandit python security scanner -# https://bandit.readthedocs.io/en/latest/config.html - -# Tests are first included by `tests`, and then excluded by `skips`. -# If `tests` is empty, all tests are considered included. - -tests: -# - B101 -# - B102 - -skips: -# - B101 # skip "assert used" check since assertions are required in pytests diff --git a/.github/labeler.yml b/.github/labeler.yml index d6c77d0..914ddd1 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -53,7 +53,6 @@ test: - any-glob-to-any-file: # Add any test-related files or paths. - .ansible-lint - - .bandit.yml - .mdl_config.yaml - .yamllint - pyproject.toml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2193233..e2e557e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -132,8 +132,6 @@ repos: rev: 1.8.6 hooks: - id: bandit - args: - - --config=.bandit.yml - repo: https://github.com/psf/black-pre-commit-mirror rev: 25.1.0 hooks: From 15cb60196e1a5d71c6039ec2081acbe80d4c37a0 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 6 Nov 2025 16:48:16 -0500 Subject: [PATCH 25/54] Pin the flake8-pyproject dependency in the pre-commit configuration The flake8-docstrings dependency is pinned, so this one should be too. --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index e2e557e..a8c71b5 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -144,7 +144,7 @@ repos: - flake8-docstrings==1.7.0 # This is necessary to read the flake8 configuration from # the pyproject.toml file. - - flake8-pyproject + - flake8-pyproject==1.2.3 - repo: https://github.com/PyCQA/isort rev: 6.0.1 hooks: From bc6bf8c2d3b47d56d189ece182cb0389e3b96358 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Fri, 7 Nov 2025 13:31:17 -0500 Subject: [PATCH 26/54] Remove flake8-pyproject dependency from requirements-test.txt flake8 itself isn't installed here, so this dependency shouldn't be either. This jibes with the fact that we don't install flake8-docstrings (another dependency of the flake8 pre-commit hook) into the virtual environment either. --- requirements-test.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/requirements-test.txt b/requirements-test.txt index 3fd2ff1..66f74db 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -1,3 +1,2 @@ --requirement requirements.txt -flake8-pyproject pre-commit From 7b9de90b118f108a896ff6840e72c4c00b2676f0 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 10 Nov 2025 09:55:03 -0500 Subject: [PATCH 27/54] Remove deprecated license classifier See here for more details: https://packaging.python.org/en/latest/specifications/pyproject-toml/#classifiers --- pyproject.toml | 2 -- 1 file changed, 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 13a3955..eba5f59 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -19,8 +19,6 @@ classifiers = [ "Environment :: Console", # Indicate who your project is intended for "Intended Audience :: Developers", - # Pick your license as you wish (should match "license" above) - "License :: CC0 1.0 Universal (CC0 1.0) Public Domain Dedication", "Natural Language :: English", "Operating System :: OS Independent", # Specify the Python versions you support here. In particular, ensure From 13abf00d5970dd4ca175d31340ccade4ea55a58a Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 10 Nov 2025 09:57:42 -0500 Subject: [PATCH 28/54] Use well-known labels for project URL keys See here for more details: https://packaging.python.org/en/latest/specifications/well-known-project-urls/#well-known-labels --- pyproject.toml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index eba5f59..370ba01 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -68,10 +68,11 @@ test = [ example = "example.example:main" [project.urls] +homepage = "https://github.com/cisagov/skeleton-python-library" +issues = "https://github.com/cisagov/skeleton-python-library/issues" # Landing page for CISA's cybersecurity mission -Mission = "https://www.cisa.gov/cybersecurity" -Source = "https://github.com/cisagov/skeleton-python-library" -Tracker = "https://github.com/cisagov/skeleton-python-library/issues" +mission = "https://www.cisa.gov/cybersecurity" +source = "https://github.com/cisagov/skeleton-python-library" [tool.hatch.version] # Versions should comply with PEP440 From 461f87203d6c74da55f5fba2a4e876cb6cef93d2 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 10 Nov 2025 14:07:17 -0500 Subject: [PATCH 29/54] Switch to using the setuptools build backend The setuptools build backend: - Supports native extensions, in contrast with the hatchling build backend - Is the most commonly used build backend among projects on PyPI - Is an officially supported build backend from Python, in contrast with the hatchling build backend --- pyproject.toml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 370ba01..5f4e575 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,9 +1,9 @@ # For more information about configuring project metadata for the -# hatch build backend, please see -# https://hatch.pypa.io/latest/config/metadata/ +# setuptools build backend, please see +# https://setuptools.pypa.io/en/latest/userguide/pyproject_config.html [build-system] -build-backend = "hatchling.build" -requires = ["hatchling"] +build-backend = "setuptools.build_meta" +requires = ["setuptools"] [project] authors = [ @@ -38,11 +38,10 @@ dependencies = [ "schema", ] description = "Example Python library" -dynamic = ["version"] +dynamic = ["readme", "version"] keywords = ["skeleton"] license = "CC0-1.0" name = "example" -readme = "README.md" requires-python = ">=3.9" [project.optional-dependencies] @@ -74,12 +73,12 @@ issues = "https://github.com/cisagov/skeleton-python-library/issues" mission = "https://www.cisa.gov/cybersecurity" source = "https://github.com/cisagov/skeleton-python-library" -[tool.hatch.version] -# Versions should comply with PEP440 -path = "src/example/_version.py" - [tool.pytest.ini_options] # Increase verbosity, display extra test summary info for tests that # did not pass, display code coverage results, and enable debug # logging. addopts = "--verbose -ra --cov --log-cli-level=DEBUG" + +[tool.setuptools.dynamic] +readme = {file = ["README.md"], content-type = "text/markdown"} +version = {attr = "example._version.__version__"} From da6d6a2c4fad5a3c75da626585fd654796991a0a Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 10 Nov 2025 14:27:04 -0500 Subject: [PATCH 30/54] Add package-data This ensures that the data file(s) are incorporated into the wheels that are built. --- pyproject.toml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pyproject.toml b/pyproject.toml index 5f4e575..cadd7da 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -82,3 +82,6 @@ addopts = "--verbose -ra --cov --log-cli-level=DEBUG" [tool.setuptools.dynamic] readme = {file = ["README.md"], content-type = "text/markdown"} version = {attr = "example._version.__version__"} + +[tool.setuptools.package-data] +example = ["data/*.txt"] From a4a51676833ec0a19ea285a65396e62e3bb07e1f Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 10 Nov 2025 14:29:57 -0500 Subject: [PATCH 31/54] Add build dir to .gitignore This directory can be created by `pip install .`. --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 242b4aa..579601b 100644 --- a/.gitignore +++ b/.gitignore @@ -9,4 +9,5 @@ __pycache__ .pytest_cache .python-version *.egg-info +build dist From c7c0c0ad2acaff7d34c19fe54929f0291fc226a6 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 17 Nov 2025 10:27:14 -0500 Subject: [PATCH 32/54] Upgrade pre-commit hooks via pre-commit autoupdate --- .pre-commit-config.yaml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index bc76d85..316366f 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -63,20 +63,20 @@ repos: # GitHub Actions hooks - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.33.3 + rev: 0.35.0 hooks: - id: check-github-actions - id: check-github-workflows # pre-commit hooks - repo: https://github.com/pre-commit/pre-commit - rev: v4.3.0 + rev: v4.4.0 hooks: - id: validate_manifest # Go hooks - repo: https://github.com/TekWizely/pre-commit-golang - rev: v1.0.0-rc.2 + rev: v1.0.0-rc.4 hooks: # Go Build - id: go-build-repo-mod @@ -129,13 +129,13 @@ repos: # Python hooks - repo: https://github.com/PyCQA/bandit - rev: 1.8.6 + rev: 1.9.0 hooks: - id: bandit args: - --config=.bandit.yml - repo: https://github.com/psf/black-pre-commit-mirror - rev: 25.1.0 + rev: 25.11.0 hooks: - id: black - repo: https://github.com/PyCQA/flake8 @@ -145,11 +145,11 @@ repos: additional_dependencies: - flake8-docstrings==1.7.0 - repo: https://github.com/PyCQA/isort - rev: 6.0.1 + rev: 7.0.0 hooks: - id: isort - repo: https://github.com/pre-commit/mirrors-mypy - rev: v1.18.1 + rev: v1.18.2 hooks: - id: mypy - repo: https://github.com/pypa/pip-audit @@ -165,13 +165,13 @@ repos: - --requirement - requirements.txt - repo: https://github.com/asottile/pyupgrade - rev: v3.20.0 + rev: v3.21.1 hooks: - id: pyupgrade # Ansible hooks - repo: https://github.com/ansible/ansible-lint - rev: v25.9.0 + rev: v25.11.0 hooks: - id: ansible-lint additional_dependencies: @@ -215,7 +215,7 @@ repos: # Terraform hooks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.100.0 + rev: v1.103.0 hooks: - id: terraform_fmt - id: terraform_validate From 2d88e72d0f403e64d43d8d1c240ad561475dce51 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 17 Jul 2025 12:50:32 -0400 Subject: [PATCH 33/54] Add a CodeQL badge to the README We added a CodeQL configuration in #202 but did not add a badge. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 22134a3..33fc585 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,7 @@ [![GitHub Build Status](https://github.com/cisagov/skeleton-generic/workflows/build/badge.svg)](https://github.com/cisagov/skeleton-generic/actions) [![License](https://img.shields.io/github/license/cisagov/skeleton-generic )](https://spdx.org/licenses/) +[![CodeQL](https://github.com/cisagov/skeleton-generic/workflows/CodeQL/badge.svg)](https://github.com/cisagov/skeleton-generic/actions/workflows/codeql-analysis.yml) This is a generic skeleton project that can be used to quickly get a new [cisagov](https://github.com/cisagov) GitHub project started. From 2759cc5e4110bb170f5a2661b93b7b634265bb89 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 17 Nov 2025 22:16:49 -0500 Subject: [PATCH 34/54] Update Bandit pre-commit hook The 1.9.0 release of Bandit was flawed due to a failure of the GHA workflows that publish to PyPI and Test PyPI. The 1.9.1 release resolved the issue. --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f3570eb..93493c9 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -129,7 +129,7 @@ repos: # Python hooks - repo: https://github.com/PyCQA/bandit - rev: 1.9.0 + rev: 1.9.1 hooks: - id: bandit - repo: https://github.com/psf/black-pre-commit-mirror From 12101f04dca8475fd566b6ba40322fec219d0e64 Mon Sep 17 00:00:00 2001 From: Shane Frasier Date: Tue, 18 Nov 2025 14:35:18 -0500 Subject: [PATCH 35/54] Revert "Move all Python tool configs to `pyproject.toml`" --- .bandit.yml | 13 +++++++++++++ pyproject.toml => .flake8 | 18 +++--------------- .github/labeler.yml | 4 +++- .isort.cfg | 10 ++++++++++ .pre-commit-config.yaml | 5 ++--- 5 files changed, 31 insertions(+), 19 deletions(-) create mode 100644 .bandit.yml rename pyproject.toml => .flake8 (75%) create mode 100644 .isort.cfg diff --git a/.bandit.yml b/.bandit.yml new file mode 100644 index 0000000..ab3cb21 --- /dev/null +++ b/.bandit.yml @@ -0,0 +1,13 @@ +--- +# Configuration file for the Bandit python security scanner +# https://bandit.readthedocs.io/en/latest/config.html + +# Tests are first included by `tests`, and then excluded by `skips`. +# If `tests` is empty, all tests are considered included. + +tests: +# - B101 +# - B102 + +skips: +# - B101 # skip "assert used" check since assertions are required in pytests diff --git a/pyproject.toml b/.flake8 similarity index 75% rename from pyproject.toml rename to .flake8 index eec000b..92ff826 100644 --- a/pyproject.toml +++ b/.flake8 @@ -1,4 +1,4 @@ -[tool.flake8] +[flake8] max-line-length = 80 # Select (turn on) # * Complexity violations reported by mccabe (C) - @@ -13,7 +13,7 @@ max-line-length = 80 # https://github.com/PyCQA/flake8-bugbear#list-of-warnings # * The B950 flake8-bugbear opinionated warning - # https://github.com/PyCQA/flake8-bugbear#opinionated-warnings -select = ["C", "D", "E", "F", "W", "B", "B950"] +select = C,D,E,F,W,B,B950 # Ignore flake8's default warning about maximum line length, which has # a hard stop at the configured value. Instead we use # flake8-bugbear's B950, which allows up to 10% overage. @@ -22,16 +22,4 @@ select = ["C", "D", "E", "F", "W", "B", "B950"] # operators. It no longer agrees with PEP8. See, for example, here: # https://github.com/ambv/black/issues/21. Guido agrees here: # https://github.com/python/peps/commit/c59c4376ad233a62ca4b3a6060c81368bd21e85b. -extend-ignore = ["E501", "W503"] - -[tool.isort] -combine_star = true -force_sort_within_sections = true - -import_heading_stdlib = "Standard Python Libraries" -import_heading_thirdparty = "Third-Party Libraries" -import_heading_firstparty = "cisagov Libraries" - -# Run isort under the black profile to align with our other Python -# linting -profile = "black" +ignore = E501,W503 diff --git a/.github/labeler.yml b/.github/labeler.yml index ff74248..05478bd 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -61,9 +61,11 @@ test: - any-glob-to-any-file: # Add any test-related files or paths. - .ansible-lint + - .bandit.yml + - .flake8 + - .isort.cfg - .mdl_config.yaml - .yamllint - - pyproject.toml typescript: - changed-files: - any-glob-to-any-file: diff --git a/.isort.cfg b/.isort.cfg new file mode 100644 index 0000000..46d45f3 --- /dev/null +++ b/.isort.cfg @@ -0,0 +1,10 @@ +[settings] +combine_star=true +force_sort_within_sections=true + +import_heading_stdlib=Standard Python Libraries +import_heading_thirdparty=Third-Party Libraries +import_heading_firstparty=cisagov Libraries + +# Run isort under the black profile to align with our other Python linting +profile=black diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 93493c9..471cdc3 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -132,6 +132,8 @@ repos: rev: 1.9.1 hooks: - id: bandit + args: + - --config=.bandit.yml - repo: https://github.com/psf/black-pre-commit-mirror rev: 25.11.0 hooks: @@ -142,9 +144,6 @@ repos: - id: flake8 additional_dependencies: - flake8-docstrings==1.7.0 - # This is necessary to read the flake8 configuration from - # the pyproject.toml file. - - flake8-pyproject==1.2.3 - repo: https://github.com/PyCQA/isort rev: 7.0.0 hooks: From b598b704d44dee9045ca7ae8e3c83ff02c8f329a Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Tue, 18 Nov 2025 14:45:57 -0500 Subject: [PATCH 36/54] Move flake8 configuration to pyproject.toml Note that using pyproject.toml to configure flake8 requires the addition of the flake8-pyproject Python library. --- .flake8 | 25 ------------------------- .pre-commit-config.yaml | 3 +++ pyproject.toml | 26 ++++++++++++++++++++++++++ 3 files changed, 29 insertions(+), 25 deletions(-) delete mode 100644 .flake8 diff --git a/.flake8 b/.flake8 deleted file mode 100644 index 92ff826..0000000 --- a/.flake8 +++ /dev/null @@ -1,25 +0,0 @@ -[flake8] -max-line-length = 80 -# Select (turn on) -# * Complexity violations reported by mccabe (C) - -# http://flake8.pycqa.org/en/latest/user/error-codes.html#error-violation-codes -# * Documentation conventions compliance reported by pydocstyle (D) - -# http://www.pydocstyle.org/en/stable/error_codes.html -# * Default errors and warnings reported by pycodestyle (E and W) - -# https://pycodestyle.readthedocs.io/en/latest/intro.html#error-codes -# * Default errors reported by pyflakes (F) - -# http://flake8.pycqa.org/en/latest/glossary.html#term-pyflakes -# * Default warnings reported by flake8-bugbear (B) - -# https://github.com/PyCQA/flake8-bugbear#list-of-warnings -# * The B950 flake8-bugbear opinionated warning - -# https://github.com/PyCQA/flake8-bugbear#opinionated-warnings -select = C,D,E,F,W,B,B950 -# Ignore flake8's default warning about maximum line length, which has -# a hard stop at the configured value. Instead we use -# flake8-bugbear's B950, which allows up to 10% overage. -# -# Also ignore flake8's warning about line breaks before binary -# operators. It no longer agrees with PEP8. See, for example, here: -# https://github.com/ambv/black/issues/21. Guido agrees here: -# https://github.com/python/peps/commit/c59c4376ad233a62ca4b3a6060c81368bd21e85b. -ignore = E501,W503 diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 5972e8b..fe35bfb 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -156,6 +156,9 @@ repos: - id: flake8 additional_dependencies: - flake8-docstrings==1.7.0 + # This is necessary to read the flake8 configuration from + # the pyproject.toml file. + - flake8-pyproject==1.2.3 - repo: https://github.com/PyCQA/isort rev: 6.0.1 hooks: diff --git a/pyproject.toml b/pyproject.toml index cadd7da..7d3880b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -73,6 +73,32 @@ issues = "https://github.com/cisagov/skeleton-python-library/issues" mission = "https://www.cisa.gov/cybersecurity" source = "https://github.com/cisagov/skeleton-python-library" +[tool.flake8] +max-line-length = 80 +# Select (turn on) +# * Complexity violations reported by mccabe (C) - +# http://flake8.pycqa.org/en/latest/user/error-codes.html#error-violation-codes +# * Documentation conventions compliance reported by pydocstyle (D) - +# http://www.pydocstyle.org/en/stable/error_codes.html +# * Default errors and warnings reported by pycodestyle (E and W) - +# https://pycodestyle.readthedocs.io/en/latest/intro.html#error-codes +# * Default errors reported by pyflakes (F) - +# http://flake8.pycqa.org/en/latest/glossary.html#term-pyflakes +# * Default warnings reported by flake8-bugbear (B) - +# https://github.com/PyCQA/flake8-bugbear#list-of-warnings +# * The B950 flake8-bugbear opinionated warning - +# https://github.com/PyCQA/flake8-bugbear#opinionated-warnings +select = ["C", "D", "E", "F", "W", "B", "B950"] +# Ignore flake8's default warning about maximum line length, which has +# a hard stop at the configured value. Instead we use +# flake8-bugbear's B950, which allows up to 10% overage. +# +# Also ignore flake8's warning about line breaks before binary +# operators. It no longer agrees with PEP8. See, for example, here: +# https://github.com/ambv/black/issues/21. Guido agrees here: +# https://github.com/python/peps/commit/c59c4376ad233a62ca4b3a6060c81368bd21e85b. +extend-ignore = ["E501", "W503"] + [tool.pytest.ini_options] # Increase verbosity, display extra test summary info for tests that # did not pass, display code coverage results, and enable debug From 077d3a241274f96ead02efe570735756d3a916ef Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Tue, 18 Nov 2025 14:55:25 -0500 Subject: [PATCH 37/54] Move isort config to pyproject.toml file --- .isort.cfg | 10 ---------- pyproject.toml | 12 ++++++++++++ 2 files changed, 12 insertions(+), 10 deletions(-) delete mode 100644 .isort.cfg diff --git a/.isort.cfg b/.isort.cfg deleted file mode 100644 index 46d45f3..0000000 --- a/.isort.cfg +++ /dev/null @@ -1,10 +0,0 @@ -[settings] -combine_star=true -force_sort_within_sections=true - -import_heading_stdlib=Standard Python Libraries -import_heading_thirdparty=Third-Party Libraries -import_heading_firstparty=cisagov Libraries - -# Run isort under the black profile to align with our other Python linting -profile=black diff --git a/pyproject.toml b/pyproject.toml index 7d3880b..bbd6892 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -99,6 +99,18 @@ select = ["C", "D", "E", "F", "W", "B", "B950"] # https://github.com/python/peps/commit/c59c4376ad233a62ca4b3a6060c81368bd21e85b. extend-ignore = ["E501", "W503"] +[tool.isort] +combine_star = true +force_sort_within_sections = true + +import_heading_stdlib = "Standard Python Libraries" +import_heading_thirdparty = "Third-Party Libraries" +import_heading_firstparty = "cisagov Libraries" + +# Run isort under the black profile to align with our other Python +# linting +profile = "black" + [tool.pytest.ini_options] # Increase verbosity, display extra test summary info for tests that # did not pass, display code coverage results, and enable debug From 447db4b76792f737d19398d87e1a099f5118d9d6 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Tue, 18 Nov 2025 15:27:53 -0500 Subject: [PATCH 38/54] Remove .flake8 as a trigger for the test label --- .github/labeler.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/labeler.yml b/.github/labeler.yml index e43a370..7ba9520 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -54,7 +54,6 @@ test: - any-glob-to-any-file: # Add any test-related files or paths. - .ansible-lint - - .flake8 - .mdl_config.yaml - .yamllint - pyproject.toml From 5090de1d6491650324ceefad06ffb06c0be89113 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Wed, 19 Nov 2025 11:11:27 -0500 Subject: [PATCH 39/54] Keep two Bandit blocks in sync wrt version --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 044047d..14d0e20 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -139,7 +139,7 @@ repos: - --config=.bandit.yml # Run bandit on everything except the "tests" tree - repo: https://github.com/PyCQA/bandit - rev: 1.8.6 + rev: 1.9.1 hooks: - id: bandit name: bandit (everything else) From 0b0f62ff037e7ee3f0245a8ae5cceac85493ccd3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 20 Nov 2025 14:03:25 +0000 Subject: [PATCH 40/54] Bump actions/upload-artifact from 4 to 5 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 5. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 79dcaf3..315a73e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -406,7 +406,7 @@ jobs: - name: Build artifacts run: python -m build - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: dist-${{ matrix.python-version }} path: dist From 6ffe32396035dd7339e07e7dc2f2319c0d550f84 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Tue, 28 Oct 2025 16:05:18 -0400 Subject: [PATCH 41/54] Add a code style badge --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 67a35ac..6872211 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,9 @@ [![CodeQL](https://github.com/cisagov/skeleton-python-library/workflows/CodeQL/badge.svg)](https://github.com/cisagov/skeleton-python-library/actions/workflows/codeql-analysis.yml) [![Coverage Status](https://coveralls.io/repos/github/cisagov/skeleton-python-library/badge.svg?branch=develop)](https://coveralls.io/github/cisagov/skeleton-python-library?branch=develop) +[![Code Style](https://img.shields.io/badge/Code%20Style-Black-black +)](https://github.com/psf/black) + This is a generic skeleton project that can be used to quickly get a new [cisagov](https://github.com/cisagov) Python library GitHub project started. This skeleton project contains [licensing From 702dab0cdf6e79e164c5b51373d85b0b4272512b Mon Sep 17 00:00:00 2001 From: Shane Frasier Date: Wed, 29 Oct 2025 08:49:33 -0400 Subject: [PATCH 42/54] Use lower case for the code style badge This agrees with what is done in the code style badge for the black project. Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 6872211..e58767c 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ [![CodeQL](https://github.com/cisagov/skeleton-python-library/workflows/CodeQL/badge.svg)](https://github.com/cisagov/skeleton-python-library/actions/workflows/codeql-analysis.yml) [![Coverage Status](https://coveralls.io/repos/github/cisagov/skeleton-python-library/badge.svg?branch=develop)](https://coveralls.io/github/cisagov/skeleton-python-library?branch=develop) -[![Code Style](https://img.shields.io/badge/Code%20Style-Black-black +[![Code Style](https://img.shields.io/badge/Code%20Style-black-black )](https://github.com/psf/black) This is a generic skeleton project that can be used to quickly get a From fa5dec32964710716dff2f602770d38445274f0d Mon Sep 17 00:00:00 2001 From: Shane Frasier Date: Wed, 29 Oct 2025 08:55:31 -0400 Subject: [PATCH 43/54] Remove needless blank line --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index e58767c..94ccf63 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,6 @@ [![GitHub Build Status](https://github.com/cisagov/skeleton-python-library/workflows/build/badge.svg)](https://github.com/cisagov/skeleton-python-library/actions) [![CodeQL](https://github.com/cisagov/skeleton-python-library/workflows/CodeQL/badge.svg)](https://github.com/cisagov/skeleton-python-library/actions/workflows/codeql-analysis.yml) [![Coverage Status](https://coveralls.io/repos/github/cisagov/skeleton-python-library/badge.svg?branch=develop)](https://coveralls.io/github/cisagov/skeleton-python-library?branch=develop) - [![Code Style](https://img.shields.io/badge/Code%20Style-black-black )](https://github.com/psf/black) From b75e60bb65a60b5495338121102ca4f682f2c7a4 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 20 Nov 2025 09:40:55 -0500 Subject: [PATCH 44/54] Remove needless carriage return --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index df17f94..6ffe1c3 100644 --- a/README.md +++ b/README.md @@ -4,8 +4,7 @@ [![License](https://img.shields.io/github/license/cisagov/skeleton-python-library)](https://spdx.org/licenses/) [![CodeQL](https://github.com/cisagov/skeleton-python-library/workflows/CodeQL/badge.svg)](https://github.com/cisagov/skeleton-python-library/actions/workflows/codeql-analysis.yml) [![Coverage Status](https://coveralls.io/repos/github/cisagov/skeleton-python-library/badge.svg?branch=develop)](https://coveralls.io/github/cisagov/skeleton-python-library?branch=develop) -[![Code Style](https://img.shields.io/badge/Code%20Style-black-black -)](https://github.com/psf/black) +[![Code Style](https://img.shields.io/badge/Code%20Style-black-black)](https://github.com/psf/black) This is a generic skeleton project that can be used to quickly get a new [cisagov](https://github.com/cisagov) Python library GitHub From 5b4e6e77648a3b3e0155f4be033cf022f3fa361b Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 20 Nov 2025 10:50:06 -0500 Subject: [PATCH 45/54] Drop support for Python 3.9 Python 3.9 reached its EOL on October 31, 2025: https://devguide.python.org/versions/ --- .github/workflows/build.yml | 3 --- pyproject.toml | 3 +-- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 315a73e..5c4477b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -219,7 +219,6 @@ jobs: - ubuntu-latest - windows-latest python-version: - - "3.9" - "3.10" - "3.11" - "3.12" @@ -347,7 +346,6 @@ jobs: fail-fast: false matrix: python-version: - - "3.9" - "3.10" - "3.11" - "3.12" @@ -433,7 +431,6 @@ jobs: - ubuntu-latest - windows-latest python-version: - - "3.9" - "3.10" - "3.11" - "3.12" diff --git a/pyproject.toml b/pyproject.toml index bbd6892..0b89569 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -25,7 +25,6 @@ classifiers = [ # that you indicate whether you support Python 2, Python 3 or both. "Programming Language :: Python :: 3", "Programming Language :: Python :: 3 :: Only", - "Programming Language :: Python :: 3.9", "Programming Language :: Python :: 3.10", "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.12", @@ -42,7 +41,7 @@ dynamic = ["readme", "version"] keywords = ["skeleton"] license = "CC0-1.0" name = "example" -requires-python = ">=3.9" +requires-python = ">=3.10" [project.optional-dependencies] # IMPORTANT: Keep type hinting-related dependencies of the dev section From a785305514c9867c381977e3aa9fa4c31a3cae7a Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 20 Nov 2025 11:19:56 -0500 Subject: [PATCH 46/54] Bump version from 0.3.0 to 1.0.0 --- src/example/_version.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/example/_version.py b/src/example/_version.py index 871cf76..f8d70f6 100644 --- a/src/example/_version.py +++ b/src/example/_version.py @@ -1,3 +1,3 @@ """This file defines the version of this module.""" -__version__ = "0.3.0" +__version__ = "1.0.0" From 2d0498b0e7453a82dc5ac396bd1b13828a40ae0e Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 20 Nov 2025 11:23:16 -0500 Subject: [PATCH 47/54] Bump version from 1.0.0 to 1.0.0-rc.1 --- src/example/_version.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/example/_version.py b/src/example/_version.py index f8d70f6..f65a4df 100644 --- a/src/example/_version.py +++ b/src/example/_version.py @@ -1,3 +1,3 @@ """This file defines the version of this module.""" -__version__ = "1.0.0" +__version__ = "1.0.0-rc.1" From 3d57f51af84993428d6d6246f7f4c690423d2bbe Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Thu, 20 Nov 2025 13:52:32 -0500 Subject: [PATCH 48/54] Finalize version from 1.0.0-rc.1 to 1.0.0 --- src/example/_version.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/example/_version.py b/src/example/_version.py index f65a4df..f8d70f6 100644 --- a/src/example/_version.py +++ b/src/example/_version.py @@ -1,3 +1,3 @@ """This file defines the version of this module.""" -__version__ = "1.0.0-rc.1" +__version__ = "1.0.0" From 4c3423804db81c9181cf72f14472d00ddbc8b1e1 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 24 Nov 2025 12:49:27 -0500 Subject: [PATCH 49/54] Remove [project.scripts] table This project has no scripts. --- pyproject.toml | 3 --- 1 file changed, 3 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 97c2292..f712ba2 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -75,9 +75,6 @@ test = [ "pytest", ] -[project.scripts] -example = "example.example:main" - [project.urls] homepage = "https://github.com/cisagov/mongo-db-from-config" issues = "https://github.com/cisagov/mongo-db-from-config/issues" From b10d903e4f54d2e309ebdbcb6f35ea10b761de6e Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 24 Nov 2025 12:51:08 -0500 Subject: [PATCH 50/54] Remove [project.package-data] table This project has no package data. --- pyproject.toml | 3 --- 1 file changed, 3 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index f712ba2..bc444fe 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -129,6 +129,3 @@ addopts = "--verbose -ra --cov --log-cli-level=DEBUG" [tool.setuptools.dynamic] readme = {file = ["README.md"], content-type = "text/markdown"} version = {attr = "mongo_db_from_config._version.__version__"} - -[tool.setuptools.package-data] -example = ["data/*.txt"] From cfcd70217a85a34a3513f0e53890a54ba273b54f Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 24 Nov 2025 12:57:35 -0500 Subject: [PATCH 51/54] Bump version from 1.2.0 to 1.2.1-rc.1 --- src/mongo_db_from_config/_version.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/mongo_db_from_config/_version.py b/src/mongo_db_from_config/_version.py index 337deea..e85f160 100644 --- a/src/mongo_db_from_config/_version.py +++ b/src/mongo_db_from_config/_version.py @@ -1,3 +1,3 @@ """This file defines the version of this module.""" -__version__ = "1.2.0" +__version__ = "1.2.1-rc.1" From 9ce39fc159f63b7d1fe2819055fb19816475de32 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 24 Nov 2025 13:14:30 -0500 Subject: [PATCH 52/54] Specify the license via the deprecated PEP 621 format Although PEP 639 allows us to specify teh license via a simple SPDX string, the versions of setuptools we have to use for Python 3.7 and 3.8 do not allow this; hence, this antiquated format from the deprecated PEP 621. --- pyproject.toml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index bc444fe..5358a1b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -47,7 +47,11 @@ dependencies = [ description = "Create a Mongo database connection from a YAML config file" dynamic = ["readme", "version"] keywords = ["config", "mongo", "yaml"] -license = "CC0-1.0" +# Although PEP 639 allows us to specify teh license via a simple SPDX +# string, the versions of setuptools we have to use for Python 3.7 and +# 3.8 do not allow this; hence, this antiquated format from the +# deprecated PEP 621. +license = { text = "CC0-1.0" } name = "mongo_db_from_config" requires-python = ">=3.7" From ec243376f5345ef248fa07599ea621d7d07bb184 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 24 Nov 2025 15:36:30 -0500 Subject: [PATCH 53/54] Remove types-setuptools and setuptools as dependencies From the dev and install dependencies list, respectively. --- .pre-commit-config.yaml | 1 - pyproject.toml | 2 -- 2 files changed, 3 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index b4138d0..cac1be2 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -173,7 +173,6 @@ repos: # checking between environments. additional_dependencies: - types-PyYAML - - types-setuptools - repo: https://github.com/pypa/pip-audit rev: v2.9.0 hooks: diff --git a/pyproject.toml b/pyproject.toml index 5358a1b..411da96 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -42,7 +42,6 @@ dependencies = [ # 3.6. "pymongo>=3.7.2,<4.9", "PyYAML>=5.1", - "setuptools", ] description = "Create a Mongo database connection from a YAML config file" dynamic = ["readme", "version"] @@ -64,7 +63,6 @@ requires-python = ">=3.7" # checking between environments. dev = [ "types-PyYAML", - "types-setuptools", ] test = [ "coverage", From 772bb639d123ddd2a6ed65fdb316f2199911e419 Mon Sep 17 00:00:00 2001 From: Jeremy Frasier Date: Mon, 24 Nov 2025 15:52:58 -0500 Subject: [PATCH 54/54] Add hidden dependency of mongomock for Python >= 3.12 setuptools is a hidden dependency of mongomock, and it is not otherwise present under Python 3.12 and later. --- pyproject.toml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pyproject.toml b/pyproject.toml index 411da96..11ede57 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -75,6 +75,9 @@ test = [ "pyfakefs", "pytest-cov", "pytest", + # This is a hidden dependency of mongomock, and it is not + # otherwise present under Python 3.12 and later. + "setuptools; python_version >= '3.12'", ] [project.urls]