diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml index c2e9d0b4..3a0357f8 100644 --- a/.github/workflows/codacy-analysis.yml +++ b/.github/workflows/codacy-analysis.yml @@ -1,43 +1,53 @@ -# Codacy is an automated code review tool that makes it easy to ensure your team is writing high-quality code - -# This workflow checks out code, performs a Codacy security scan and integrates -# the results with the GitHub Advanced Security code scanning feature. - -# The following scenario is implemented: -# - Integration with GitHub code scanning: -# Analyzes each commit and pull request and uploads the results to GitHub, -# which displays the identified issues under your repository's tab Security. - -# For more information on the Codacy security scan action usage, see: -# - https://github.com/marketplace/actions/codacy-analysis-cli -# - https://github.com/codacy/codacy-analysis-cli-action +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. +# This workflow checks out code, performs a Codacy security scan +# and integrates the results with the +# GitHub Advanced Security code scanning feature. For more information on +# the Codacy security scan action usage and parameters, see +# https://github.com/codacy/codacy-analysis-cli-action. # For more information on Codacy Analysis CLI in general, see # https://github.com/codacy/codacy-analysis-cli. name: Codacy Security Scan on: + schedule: + - cron: '59 11 27 * *' push: - branches: [ master, main ] - pull_request: - branches: [ master, main ] + branches: [ "master" ] + # pull_request: + # # The branches below must be a subset of the branches above + # branches: [ "master" ] + workflow_run: + workflows: [Test Changes] + branches: [ "master" ] + types: + - completed + +permissions: + contents: read jobs: codacy-security-scan: + permissions: + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/upload-sarif to upload SARIF results + actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status name: Codacy Security Scan runs-on: ubuntu-latest steps: # Checkout the repository to the GitHub Actions runner - name: Checkout code - uses: actions/checkout@main + uses: actions/checkout@v3 # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis - name: Run Codacy Analysis CLI - uses: codacy/codacy-analysis-cli-action@master + uses: codacy/codacy-analysis-cli-action@v4 with: - # To get your project token from your Codacy repository check: - # https://github.com/codacy/codacy-analysis-cli#project-token + # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository # You can also omit the token and run the tools that support default configurations project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} verbose: true @@ -51,8 +61,6 @@ jobs: # Upload the SARIF file generated in the previous step - name: Upload SARIF results file - uses: github/codeql-action/upload-sarif@main + uses: github/codeql-action/upload-sarif@v2 with: sarif_file: results.sarif - -# end of file # diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index ea195e1e..8665992d 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -12,56 +12,78 @@ name: "CodeQL" on: - push: - branches: [ master ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ master ] schedule: - - cron: '44 10 * * 0' + - cron: '59 10 27 * *' + push: + branches: [ "master" ] + # pull_request: + # branches: [ "master" ] + workflow_run: + workflows: [Test Changes] + branches: [ "master" ] + types: + - completed jobs: analyze: name: Analyze - runs-on: ubuntu-latest + # Runner size impacts CodeQL analysis time. To learn more, please see: + # - https://gh.io/recommended-hardware-resources-for-running-codeql + # - https://gh.io/supported-runners-and-hardware-resources + # - https://gh.io/using-larger-runners + # Consider using larger runners for possible analysis time improvements. + runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} + permissions: + # required for all workflows + security-events: write + + # only required for workflows in private repositories + actions: read + contents: read strategy: fail-fast: false matrix: language: [ 'python' ] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] - # Learn more: - # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed + # CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ] + # Use only 'java-kotlin' to analyze code written in Java, Kotlin or both + # Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support steps: - name: Checkout repository - uses: actions/checkout@main + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. # By default, queries listed here will override any specified in a config file. # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + + # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. - #- run: | - # make bootstrap - # make release + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml index 8bf88fbe..cc9d12be 100644 --- a/.github/workflows/publish-release.yml +++ b/.github/workflows/publish-release.yml @@ -9,10 +9,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout source code - uses: actions/checkout@main + uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python }} diff --git a/.github/workflows/test-changes.yml b/.github/workflows/test-changes.yml index 38114967..6d79f69d 100644 --- a/.github/workflows/test-changes.yml +++ b/.github/workflows/test-changes.yml @@ -3,7 +3,30 @@ name: Test Changes -on: [push, pull_request] +on: + push: + branches: [ "master" ] + pull_request: + types: [opened, reopened, synchronize, ready_for_review, labeled] + workflow_dispatch: + inputs: + logLevel: + description: 'Log level' + required: true + default: 'warning' + type: choice + options: + - info + - warning + - debug + tags: + description: 'Test scenario tags' + required: false + type: boolean + environment: + description: 'Environment to run tests against' + type: environment + required: true jobs: run-guard: @@ -50,7 +73,7 @@ jobs: echo 'python_eol=yes' >> $GITHUB_ENV - name: Checkout source code - uses: actions/checkout@main + uses: actions/checkout@v4 - name: Install linux tools if: matrix.os == 'ubuntu-latest' @@ -60,13 +83,13 @@ jobs: - name: Set up Python ${{ matrix.python }} if: env.python_eol == 'no' - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python }} - name: Set up Python ${{ matrix.python }} discontinued on ${{ matrix.os }} if: env.python_eol == 'yes' - uses: MatteoH2O1999/setup-python@v1 + uses: MatteoH2O1999/setup-python@v3 with: python-version: ${{ matrix.python }} cache: pip @@ -126,6 +149,16 @@ jobs: - name: Setup petl package run: python setup.py sdist bdist_wheel + - name: Install extra packages dependencies for mode full + if: env.testing == 'full' + run: python -m pip install --prefer-binary -r requirements-formats.txt + + - name: List Installed Packages for Throubleshooting + run: | + echo "::group::List Installed Packages for Throubleshooting" + python -m pip list --format freeze + echo "::endgroup::" + - name: Test python source code for mode simple if: env.testing == 'simple' run: pytest --cov=petl petl @@ -133,9 +166,6 @@ jobs: - name: Test documentation inside source code for mode full if: env.testing == 'full' run: | - echo "::group::Install extra packages test dependencies" - python -m pip install --prefer-binary -r requirements-formats.txt - echo "::endgroup::" echo "::group::Perform doctest-modules execution with coverage" pytest --doctest-modules --cov=petl petl echo "::endgroup::" @@ -160,10 +190,10 @@ jobs: steps: - name: Checkout source code - uses: actions/checkout@main + uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python }} diff --git a/petl/test/io/test_pytables.py b/petl/test/io/test_pytables.py index e174f72d..f060d8fd 100644 --- a/petl/test/io/test_pytables.py +++ b/petl/test/io/test_pytables.py @@ -31,8 +31,7 @@ def test_fromhdf5(): # set up a new hdf5 table to work with h5file = tables.open_file(f.name, mode='w', title='Test file') h5file.create_group('/', 'testgroup', 'Test Group') - h5table = h5file.create_table('/testgroup', 'testtable', FooBar, - 'Test Table') + h5table = h5file.create_table('/testgroup', 'testtable', FooBar, 'Test Table') # load some data into the table table1 = (('foo', 'bar'), diff --git a/requirements-formats.txt b/requirements-formats.txt index 04d8fc29..34692330 100644 --- a/requirements-formats.txt +++ b/requirements-formats.txt @@ -12,5 +12,5 @@ fastavro>=0.24.2 ; python_version >= '3.4' fastavro==0.24.2 ; python_version < '3.0' gspread>=3.4.0 ; python_version >= '3.4' -# version 3.7.0 doesn't work yet with python3.11 -tables ; python_version != '3.11' +# version 3.9.2 fails with python3.12 on macos-latest: PyTables/PyTables#1093 +tables ; python_version != '3.12' diff --git a/requirements-optional.txt b/requirements-optional.txt index b46163e3..007eee7a 100644 --- a/requirements-optional.txt +++ b/requirements-optional.txt @@ -2,13 +2,20 @@ # Also check: .github/workflows/test-changes.yml # Throubleshooting: -# 1. $ export DISABLE_BLOSC_AVX2=1 -# 2. $ brew install c-blosc +# 1. $ export DISABLE_BLOSC_AVX2=1 + +# 2.1 $ brew install c-blosc # On macOS +# 2.2 $ sudo apt-get install python3-dev # On debian distros +# 2.3 $ sudo dnf install python3-devel # On debian distros + +# 3.1 $ sudo find / -iname "Python.h" +# 3.2 $ export C_INCLUDE_PATH=/usr/include/python3.11/Python.h + blosc ; python_version >= '3.7' # Throubleshooting: -# 1. pip install --prefer-binary -r requirements-optional.txt -# 2. pip install --prefer-binary bcolz +# 1. $ pip install --prefer-binary -r requirements-optional.txt +# 2. $ pip install --prefer-binary bcolz bcolz ; python_version >= '3.7' and python_version < '3.10'