Skip to content

Commit

Permalink
Release v2.0.0 (#341)
Browse files Browse the repository at this point in the history 
* Bump actions/create-release from 1.0.1 to 1.1.4

Bumps [actions/create-release](https://github.com/actions/create-release) from 1.0.1 to 1.1.4.
- [Release notes](https://github.com/actions/create-release/releases)
- [Commits](actions/create-release@v1.0.1...v1.1.4)

---
updated-dependencies:
- dependency-name: actions/create-release
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump actions/upload-release-asset from 1.0.1 to 1.0.2

Bumps [actions/upload-release-asset](https://github.com/actions/upload-release-asset) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/actions/upload-release-asset/releases)
- [Commits](actions/upload-release-asset@v1.0.1...v1.0.2)

---
updated-dependencies:
- dependency-name: actions/upload-release-asset
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump github/codeql-action from 1 to 2

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump actions/setup-python from 1 to 4

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 1 to 4.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v1...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump actions/checkout from 2 to 3.1.0

Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v2...v3.1.0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

* Run Flake8 & Safety in isolated Tox environments

* Bump watchdog from 2.1.7 to 3.0.0 (#297)

Bumps [watchdog](https://github.com/gorakhargosh/watchdog) from 2.1.7 to 3.0.0.
- [Release notes](https://github.com/gorakhargosh/watchdog/releases)
- [Changelog](https://github.com/gorakhargosh/watchdog/blob/master/changelog.rst)
- [Commits](gorakhargosh/watchdog@v2.1.7...v3.0.0)

---
updated-dependencies:
- dependency-name: watchdog
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump coverage from 6.3.2 to 7.2.7 (#298)

Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.3.2 to 7.2.7.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](nedbat/coveragepy@6.3.2...7.2.7)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump responses from 0.20.0 to 0.23.3 (#301)

Bumps [responses](https://github.com/getsentry/responses) from 0.20.0 to 0.23.3.
- [Release notes](https://github.com/getsentry/responses/releases)
- [Changelog](https://github.com/getsentry/responses/blob/master/CHANGES)
- [Commits](getsentry/responses@0.20.0...0.23.3)

---
updated-dependencies:
- dependency-name: responses
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump tabulate from 0.8.9 to 0.9.0 (#304)

Bumps [tabulate](https://github.com/astanin/python-tabulate) from 0.8.9 to 0.9.0.
- [Changelog](https://github.com/astanin/python-tabulate/blob/master/CHANGELOG)
- [Commits](astanin/python-tabulate@v0.8.9...v0.9.0)

---
updated-dependencies:
- dependency-name: tabulate
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump pyyaml from 6.0 to 6.0.1 (#305)

Bumps [pyyaml](https://github.com/yaml/pyyaml) from 6.0 to 6.0.1.
- [Changelog](https://github.com/yaml/pyyaml/blob/6.0.1/CHANGES)
- [Commits](yaml/pyyaml@6.0...6.0.1)

---
updated-dependencies:
- dependency-name: pyyaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Deprecate support for older versions of Python

* Remove Travis CI integration

* Deprecate support for Python <3.8

* Bump jsonschema from 4.4.0 to 4.18.4 (#299)

Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.4.0 to 4.18.4.
- [Release notes](https://github.com/python-jsonschema/jsonschema/releases)
- [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst)
- [Commits](python-jsonschema/jsonschema@v4.4.0...v4.18.4)

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump sphinx from 4.3.0 to 7.1.2 (#303)

Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 4.3.0 to 7.1.2.
- [Release notes](https://github.com/sphinx-doc/sphinx/releases)
- [Changelog](https://github.com/sphinx-doc/sphinx/blob/master/CHANGES)
- [Commits](sphinx-doc/sphinx@v4.3.0...v7.1.2)

---
updated-dependencies:
- dependency-name: sphinx
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump m2r2 from 0.3.2 to 0.3.3.post2 (#302)

Bumps [m2r2](https://github.com/crossnox/m2r2) from 0.3.2 to 0.3.3.post2.
- [Changelog](https://github.com/CrossNox/m2r2/blob/development/CHANGES.md)
- [Commits](CrossNox/m2r2@v0.3.2...v0.3.3.post2)

---
updated-dependencies:
- dependency-name: m2r2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Run Bandit using tox

* Add timeout to request to get rules from URL

* Rename validation methods

* Make ValidatorBase an abstract base class

* Bump wheel from 0.38.1 to 0.41.1 (#312)

Bumps [wheel](https://github.com/pypa/wheel) from 0.38.1 to 0.41.1.
- [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst)
- [Commits](pypa/wheel@0.38.1...0.41.1)

---
updated-dependencies:
- dependency-name: wheel
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Run unit tests using tox; Add coverage check to pipeline

* Code cleanup & maintenance

* Bump tox from 4.6.4 to 4.8.0 (#316)

Bumps [tox](https://github.com/tox-dev/tox) from 4.6.4 to 4.8.0.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](tox-dev/tox@4.6.4...4.8.0)

---
updated-dependencies:
- dependency-name: tox
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump jsonschema from 4.18.4 to 4.19.0 (#313)

Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.18.4 to 4.19.0.
- [Release notes](https://github.com/python-jsonschema/jsonschema/releases)
- [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst)
- [Commits](python-jsonschema/jsonschema@v4.18.4...v4.19.0)

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump twine from 3.8.0 to 4.0.2 (#310)

Bumps [twine](https://github.com/pypa/twine) from 3.8.0 to 4.0.2.
- [Release notes](https://github.com/pypa/twine/releases)
- [Changelog](https://github.com/pypa/twine/blob/main/docs/changelog.rst)
- [Commits](pypa/twine@3.8.0...4.0.2)

---
updated-dependencies:
- dependency-name: twine
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump actions/checkout from 3.1.0 to 3.5.3 (#314)

Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3.1.0...v3.5.3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Set source directory for coverage

* Use kwargs for HTTP options when retrieving headers

* Minor changes

* Reorganise load rules from file/URI

* CLI refactoring

* Move CLI into separate folder

* Configuration options for HTTP request (#335)

* Kwargs for HTTP call when init drheader instance

* Change default HTTP method when retrieving headers to HEAD

* Request kwargs input options for CLI

* Integration tests for CLI

* Update documentation for the CLI

* Bump actions/checkout from 3.5.3 to 4.0.0 (#333)

Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 4.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3.5.3...v4.0.0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump tox from 4.8.0 to 4.11.3 (#332)

Bumps [tox](https://github.com/tox-dev/tox) from 4.8.0 to 4.11.3.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](tox-dev/tox@4.8.0...4.11.3)

---
updated-dependencies:
- dependency-name: tox
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump jsonschema from 4.19.0 to 4.19.1 (#336)

Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.19.0 to 4.19.1.
- [Release notes](https://github.com/python-jsonschema/jsonschema/releases)
- [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst)
- [Commits](python-jsonschema/jsonschema@v4.19.0...v4.19.1)

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump wheel from 0.41.1 to 0.41.2 (#323)

Bumps [wheel](https://github.com/pypa/wheel) from 0.41.1 to 0.41.2.
- [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst)
- [Commits](pypa/wheel@0.41.1...0.41.2)

---
updated-dependencies:
- dependency-name: wheel
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Disable avoid & contain validations when enforced value validation

* Improved error handling in the CLI

* Default behaviour to follow redirects

* Include references to other README files

* Update out of date info in the README

* Add shorthand options to the CLI

* Remove headers key from rules spec

* Move rules.yml to resources folder

* Update manifest

* Bump actions/checkout from 4.0.0 to 4.1.1 (#338)

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4.0.0...v4.1.1)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: emilejq <[email protected]>

* Bump wheel from 0.41.2 to 0.41.3 (#339)

Bumps [wheel](https://github.com/pypa/wheel) from 0.41.2 to 0.41.3.
- [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst)
- [Commits](pypa/wheel@0.41.2...0.41.3)

---
updated-dependencies:
- dependency-name: wheel
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump jsonschema from 4.19.1 to 4.19.2 (#340)

Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.19.1 to 4.19.2.
- [Release notes](https://github.com/python-jsonschema/jsonschema/releases)
- [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst)
- [Commits](python-jsonschema/jsonschema@v4.19.1...v4.19.2)

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump major version to 2.0.0

* Separate steps to bump version in pull request action into a separate job (#342)

* Bump version: 1.7.0 → 2.0.0

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Emile <[email protected]>
Co-authored-by: GitHub Action <[email protected]>
  • Loading branch information
@emilejq @dependabot @actions-user
4 people authored Oct 31, 2023
1 parent c2098d5 commit b5d7a41
Show file tree
Hide file tree
Showing 50 changed files with 2,151 additions and 1,644 deletions.
8 changes: 4 additions & 4 deletions .github/workflows/codeql-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,11 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v2
uses: actions/checkout@v4.1.1

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -50,7 +50,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v1
uses: github/codeql-action/autobuild@v2

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
Expand All @@ -64,4 +64,4 @@ jobs:
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
uses: github/codeql-action/analyze@v2
55 changes: 33 additions & 22 deletions .github/workflows/pull_request.yml
View file
Original file line number Diff line number Diff line change
@@ -1,61 +1,72 @@
name: Dr Header Pull Request handler
name: Pull Request Handler

on: pull_request

jobs:
build:
runs-on: ubuntu-latest
strategy:
max-parallel: 4
matrix:
python-version: [3.7]
python-version: ["3.8", "3.9", "3.10", "3.11"]
steps:
- name: Checkout Code
uses: actions/checkout@v2
- name: Checkout code
uses: actions/checkout@v4.1.1

- name: Set up Python
uses: actions/setup-python@v1
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}

- name: Install PIP Dependencies
- name: Install dependencies
run: |
pip install -r requirements.txt
pip install -r requirements_dev.txt
- name: Test with pytest
run: python -m pytest --junitxml ${{ matrix.python-version }}.results.xml
- name: Run unit tests
env:
version: ${{ matrix.python-version }}
run: tox run -e py$version -- --junitxml $version.results.xml

- name: Upload Test results
- name: Upload test results
uses: actions/upload-artifact@master
with:
name: Results - ${{ matrix.python-version }}
path: ${{ matrix.python-version }}.results.xml

- name: Flake8 styles
run: python -m flake8 drheader
- name: Run lint scan
run: tox run -e lint

- name: Run SAST scan
run: tox run -e sast

- name: Run SCA scan
run: tox run -e sca

- name: Bandit security scan
run: python -m bandit -r ./drheader
bump-version:
if: github.base_ref == 'master'
needs: build

- name: Safety dependency scan
run: python -m safety check
runs-on: ubuntu-latest
steps:
- name: Install dependencies
run: |
pip install bump2version==1.0.1
- name: Checkout origin branch if PR 'to-branch' is master
if: github.base_ref == 'master'
uses: actions/checkout@v2
- name: Checkout head branch
uses: actions/[email protected]
with:
ref: ${{ github.head_ref }}

- name: BumpVersion if PR 'to-branch' is master
if: github.base_ref == 'master'
- name: Bump version
run: |
grep -i 'current_version = ' setup.cfg | head -1 | tr -d 'current_version = '
git config --local user.email "[email protected]"
git config --local user.name "GitHub Action"
bump2version minor
grep -i 'current_version = ' setup.cfg | head -1 | tr -d 'current_version = '
- name: Push changes if PR 'to-branch' is master
if: github.base_ref == 'master'
- name: Push changes to origin
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
Expand Down
30 changes: 16 additions & 14 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,13 @@ jobs:
strategy:
max-parallel: 4
matrix:
python-version: [3.7]
python-version: ["3.8", "3.9", "3.10", "3.11"]
steps:
- name: Checkout Code
uses: actions/checkout@v2
uses: actions/checkout@v4.1.1

- name: Set up Python
uses: actions/setup-python@v1
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}

Expand All @@ -25,17 +25,19 @@ jobs:
pip install -r requirements.txt
pip install -r requirements_dev.txt
- name: Test with pytest
run: python -m pytest --junitxml ${{ matrix.python-version }}.results.xml
- name: Run unit tests
env:
version: ${{ matrix.python-version }}
run: tox run -e py$version -- --junitxml $version.results.xml

- name: Flake8 styles
run: python -m flake8 drheader
- name: Run lint scan
run: tox run -e lint

- name: Bandit security scan
run: python -m bandit -r ./drheader
- name: Run SAST scan
run: tox run -e sast

- name: Safety dependency scan
run: python -m safety check
- name: Run SCA scan
run: tox run -e sca

- name: Make Wheel
run: |
Expand All @@ -51,7 +53,7 @@ jobs:

- name: Create Release
id: create_release
uses: actions/create-release@v1.0.1
uses: actions/create-release@v1.1.4
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
Expand All @@ -62,7 +64,7 @@ jobs:

- name: Upload Wheel
id: upload_wheel
uses: actions/[email protected].1
uses: actions/[email protected].2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
Expand All @@ -73,7 +75,7 @@ jobs:

- name: Upload Changelog
id: upload_changelog
uses: actions/[email protected].1
uses: actions/[email protected].2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
Expand Down
28 changes: 0 additions & 28 deletions .travis.yml
View file

This file was deleted.

Loading

0 comments on commit b5d7a41

Please sign in to comment.