Merge remote-tracking branch 'origin/main' into feature/future-tasks-…

…when-suspended
sartography · Feb 6, 2024 · 5d081ec · 5d081ec
2 parents 80355db + fcb52cb
commit 5d081ec
Show file tree

Hide file tree

Showing 10 changed files with 193 additions and 190 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -22,7 +22,7 @@ updates:
     directory: "/"
     schedule:
       interval: daily
-    open-pull-requests-limit: 0
+    open-pull-requests-limit: 1
   - package-ecosystem: pip
     directory: "/spiffworkflow-backend"
     schedule:

diff --git a/.github/workflows/auto-merge-dependabot-prs.yml b/.github/workflows/auto-merge-dependabot-prs.yml
@@ -17,6 +17,9 @@ on:
 #     types: [labeled]
 
 permissions:
+  # for gh pr review
+  pull-requests: write
+  # for gh pr merge
   contents: write
 
 jobs:

diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml
@@ -92,7 +92,7 @@ jobs:
 
         # Push the Snyk Code results into GitHub Code Scanning tab
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: spiffworkflow-backend/snyk-code.sarif
   snyk-frontend:
@@ -145,6 +145,6 @@ jobs:
 
         # Push the Snyk Code results into GitHub Code Scanning tab
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: spiffworkflow-frontend/snyk-code.sarif
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -185,22 +185,22 @@ jobs:
       - name: Upload coverage data
         # pin to upload coverage from only one matrix entry, otherwise coverage gets confused later
         if: matrix.upload_coverage
-        uses: "actions/upload-artifact@v4.3.0"
+        uses: "actions/upload-artifact@v4"
         # this action doesn't seem to respect working-directory so include working-directory value in path
         with:
           name: coverage-data
           path: "spiffworkflow-backend/.coverage.*"
 
       # - name: Upload documentation
       #   if: matrix.session == 'docs-build'
-      #   uses: actions/upload-artifact@v3
+      #   uses: actions/upload-artifact@v4
       #   with:
       #     name: docs
       #     path: docs/_build
       #
       - name: Upload logs
         if: failure() && matrix.session == 'tests'
-        uses: "actions/upload-artifact@v3"
+        uses: "actions/upload-artifact@v4"
         with:
           name: logs-${{matrix.python}}-${{matrix.os}}-${{matrix.database}}
           path: "./spiffworkflow-backend/log/*.log"
@@ -311,7 +311,7 @@ jobs:
           mkdir -p ./pr
           echo "$PR_NUMBER" > ./pr/pr_number
       - name: Upload PR number as artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         if: ${{ github.event_name == 'pull_request' }}
         with:
           name: pr_number
@@ -426,21 +426,21 @@ jobs:
         run: ./bin/get_logs_from_docker_compose >./log/docker_compose.log
       - name: Upload logs
         if: failure()
-        uses: "actions/upload-artifact@v3"
+        uses: "actions/upload-artifact@v4"
         with:
           name: spiffworkflow-backend-logs
           path: "./spiffworkflow-backend/log/*.log"
 
       #  https://github.com/cypress-io/github-action#artifacts
       - name: upload_screenshots
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         if: failure()
         with:
           name: cypress-screenshots
           path: ./spiffworkflow-frontend/cypress/screenshots
       # Test run video was always captured, so this action uses "always()" condition
       - name: upload_videos
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         if: failure()
         with:
           name: cypress-videos

diff --git a/docs/requirements.txt b/docs/requirements.txt
@@ -37,7 +37,7 @@ sphinx-autoapi==2.1.0
 sphinx-autobuild==2021.3.14
 sphinx-basic-ng==1.0.0b1
 sphinx-click==4.3.0
-sphinx-rtd-theme==1.2.0
+sphinx-rtd-theme==2.0.0
 sphinxcontrib-applehelp==1.0.4
 sphinxcontrib-devhelp==1.0.2
 sphinxcontrib-htmlhelp==2.0.1

diff --git a/spiffworkflow-backend/poetry.lock b/spiffworkflow-backend/poetry.lock
diff --git a/spiffworkflow-backend/pyproject.toml b/spiffworkflow-backend/pyproject.toml
@@ -69,7 +69,7 @@ cryptography = "^42.0"
 prometheus-flask-exporter = "^0.22.3"
 
 sqlalchemy = "^2.0.7"
-marshmallow-sqlalchemy = "^0.29.0"
+marshmallow-sqlalchemy = "^1.0.0"
 spiff-element-units = "^0.3.1"
 
 # mysqlclient lib is deemed better than the mysql-connector-python lib by sqlalchemy
@@ -87,7 +87,7 @@ spiffworkflow-backend = "spiffworkflow_backend.__main__:main"
 
 [tool.poetry.group.dev.dependencies]
 pytest = "^7.1.2"
-coverage = {extras = ["toml"], version = "^6.1"}
+coverage = {extras = ["toml"], version = "^7.4"}
 safety = "^2.3.5"
 mypy = ">=0.961"
 typeguard = "^4"

diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/routes/process_api_blueprint.py b/spiffworkflow-backend/src/spiffworkflow_backend/routes/process_api_blueprint.py
@@ -213,6 +213,8 @@ def process_data_file_download(
 # {"ref": "refs/heads/main", "repository": {"name": "sample-process-models",
 # "full_name": "sartography/sample-process-models", "private": False .... }}
 # test with: ngrok http 7000
+# or with:
+# npm install -g localtunnel && lt --port 7000 --subdomain oh-so-hot
 # where 7000 is the port the app is running on locally
 def github_webhook_receive(body: dict) -> Response:
     auth_header = request.headers.get("X-Hub-Signature-256")