Switch to UV as the dependency manager (#21)

* Use uv instead of poetry for dependency manamagement and building the package
* Fix noxfile for lower python versions
* Update publishing action to use uv; update README; package version read from __init__.py
* Update numpy version dependency

.github/workflows/dependency-review.yml

@@ -1,9 +1,3 @@
-# Dependency Review Action
-#
-# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
-#
-# Source repository: https://github.com/actions/dependency-review-action
-# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
 name: 'Dependency Review'
 on: [pull_request]
 
@@ -16,5 +10,6 @@ jobs:
     steps:
       - name: 'Checkout Repository'
         uses: actions/checkout@v4
+
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v3
+        uses: actions/dependency-review-action@v4

.github/workflows/publish.yml

@@ -5,15 +5,21 @@ on:
 permissions:
   contents: read
 
+env:
+  UV_VERSION: "0.5.1"
+
 jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v4
     - uses: actions/setup-python@v5
       with:
-        python-version: "3.12"
-    - run: curl -sSL https://install.python-poetry.org | python - -y
+        python-version: "3.13"
+    - name: Install uv
+      uses: astral-sh/setup-uv@v3
+      with:
+        version: "$UV_VERSION"
     - run: make lint
 
   test:
@@ -26,8 +32,10 @@ jobs:
     - uses: actions/setup-python@v5
       with:
         python-version: ${{ matrix.python-version }}
-    - run: curl -sSL https://install.python-poetry.org | python - -y
-    - run: poetry config virtualenvs.in-project true
+    - name: Install uv
+      uses: astral-sh/setup-uv@v3
+      with:
+        version: "$UV_VERSION"
     - run: make test
     - run: python3 -m pip install nox && make test-dep-versions
 
@@ -41,13 +49,16 @@ jobs:
     - uses: actions/setup-python@v5
       with:
         python-version: "3.12"
-    - run: curl -sSL https://install.python-poetry.org | python - -y
+    - name: Install uv
+      uses: astral-sh/setup-uv@v3
+      with:
+        version: "$UV_VERSION"
     - name: check GITHUB_REF matches package version
       uses: samuelcolvin/check-python-version@v3
       with:
         version_file_path: src/pydantic_to_pyarrow/__init__.py
     - run: make package
-    - uses: actions/upload-artifact@v3
+    - uses: actions/upload-artifact@v4
       with:
         path: dist/*
         name: package
@@ -61,7 +72,7 @@ jobs:
     permissions:
       id-token: write
     steps:
-      - uses: actions/download-artifact@v3
+      - uses: actions/download-artifact@v4
         with:
           name: package
           path: dist

.github/workflows/test.yml

@@ -11,23 +11,16 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v4
+
     - name: Set up Python
       uses: actions/setup-python@v5
       with:
-        python-version: "3.11"
-    - name: Bootstrap poetry
-      run: curl -sSL https://install.python-poetry.org | python - -y
-
-    - name: Get full Python version
-      id: full-python-version
-      run: echo version=$(python -c "import sys; print('-'.join(str(v) for v in sys.version_info))") >> $GITHUB_OUTPUT
+        python-version: "3.13"
 
-    - name: Set up cache
-      uses: actions/cache@v4
-      id: cache
+    - name: Install uv
+      uses: astral-sh/setup-uv@v3
       with:
-        path: .venv
-        key: venv-${{ runner.os }}-${{ steps.full-python-version.outputs.version }}-${{ hashFiles('**/poetry.lock') }}
+        version: "0.5.1"
 
     - name: Lint
       run: make lint
@@ -46,22 +39,10 @@ jobs:
       with:
         python-version: ${{ matrix.python-version }}
 
-    - name: Bootstrap poetry
-      run: curl -sSL https://install.python-poetry.org | python - -y
-
-    - name: Configure poetry
-      run: poetry config virtualenvs.in-project true
-
-    - name: Get full Python version
-      id: full-python-version
-      run: echo version=$(python -c "import sys; print('-'.join(str(v) for v in sys.version_info))") >> $GITHUB_OUTPUT
-
-    - name: Set up cache
-      uses: actions/cache@v4
-      id: cache
+    - name: Install uv
+      uses: astral-sh/setup-uv@v3
       with:
-        path: .venv
-        key: venv-${{ runner.os }}-${{ steps.full-python-version.outputs.version }}-${{ hashFiles('**/poetry.lock') }}
+        version: "0.5.1"
 
     - name: Run tests
       run: make test

.gitignore

@@ -82,34 +82,6 @@ target/
 profile_default/
 ipython_config.py
 
-# pyenv
-#   For a library or package, you might want to ignore these files since the code is
-#   intended to run in multiple environments; otherwise, check them in:
-# .python-version
-
-# pipenv
-#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
-#   However, in case of collaboration, if having platform-specific dependencies or dependencies
-#   having no cross-platform support, pipenv may install dependencies that don't work, or not
-#   install all needed dependencies.
-#Pipfile.lock
-
-# poetry
-#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
-#   This is especially recommended for binary packages to ensure reproducibility, and is more
-#   commonly ignored for libraries.
-#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
-#poetry.lock
-
-# pdm
-#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
-#pdm.lock
-#   pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
-#   in version control.
-#   https://pdm.fming.dev/#use-with-ide
-.pdm.toml
-
-# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
 __pypackages__/
 
 # Celery stuff
@@ -143,18 +115,7 @@ venv.bak/
 .dmypy.json
 dmypy.json
 
-# Pyre type checker
 .pyre/
-
-# pytype static type analyzer
 .pytype/
 
-# Cython debug symbols
 cython_debug/
-
-# PyCharm
-#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
-#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
-#  and can be added to the global gitignore or merged into this file.  For a more nuclear
-#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
-#.idea/

Makefile

@@ -4,28 +4,27 @@ sources = src tests
 
 .PHONY: prepare
 prepare:
-	poetry install
+	uv sync
 
 
 .PHONY: lintable
 lintable: prepare
-	poetry run black $(sources)
-	poetry run ruff --fix $(sources)
+	uv run black $(sources)
+	uv run ruff check --fix $(sources)
 
 
 .PHONY: lint
 lint: prepare
-	poetry check
-	poetry run black --check --diff $(sources)
-	poetry run ruff check $(sources)
-	poetry run mypy $(sources)
+	uv run black --check --diff $(sources)
+	uv run ruff check $(sources)
+	uv run mypy $(sources)
 
 
 
 .PHONY: test
 test: prepare
-	poetry run coverage run -m pytest
-	poetry run coverage report
+	uv run coverage run -m pytest
+	uv run coverage report
 
 
 .PHONY: test-dep-versions
@@ -53,7 +52,7 @@ clean:
 
 .PHONY: package
 package: prepare
-	poetry build
+	uv build
 
 
 .PHONY: help

README.md

@@ -130,7 +130,8 @@ print(pa_schema)
 
 Prerequisites:
 
-- Any Python 3.8 through 3.11
-- [poetry](https://github.com/python-poetry/poetry) for dependency management
+- Any Python 3.8 through 3.13
+- [uv](https://github.com/astral-sh/uv) for dependency management
 - git
 - make
+- [nox](https://nox.thea.codes/en/stable/index.html) (to run tests across dependency versions)