From a571f1e128eabff306fc741c1250b824d8931a41 Mon Sep 17 00:00:00 2001 From: mosfet80 Date: Mon, 23 Sep 2024 11:52:50 +0200 Subject: [PATCH 1/5] Update pylint lib https://github.com/pylint-dev/pylint/releases/tag/v3.3.0 --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 090a0d95..bcdbd2a1 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -115,7 +115,7 @@ repos: language_version: python3.11 # flake8-commas doesn't work w/ Python 3.12 - repo: https://github.com/PyCQA/pylint.git - rev: v3.1.0 + rev: v3.3.0 hooks: - id: pylint args: From 00b87c80e8474c1b36b186257e09785ce3a5c288 Mon Sep 17 00:00:00 2001 From: mosfet80 Date: Mon, 23 Sep 2024 11:56:13 +0200 Subject: [PATCH 2/5] Update check-jsonschema and pre-commit libs https://github.com/python-jsonschema/check-jsonschema/releases https://github.com/pre-commit/pre-commit-hooks/releases/tag/v4.6.0 --- .pre-commit-config.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 090a0d95..c4590da7 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -22,7 +22,7 @@ repos: - id: remove-tabs - repo: https://github.com/python-jsonschema/check-jsonschema.git - rev: 0.28.1 + rev: 0.29.2 hooks: - id: check-github-actions - id: check-github-workflows @@ -37,7 +37,7 @@ repos: - id: check-readthedocs - repo: https://github.com/pre-commit/pre-commit-hooks.git - rev: v4.5.0 + rev: v4.6.0 hooks: # Side-effects: - id: end-of-file-fixer From a1ce3844ac33bd8deec3df588c16ea681915ab7e Mon Sep 17 00:00:00 2001 From: Facundo Tuesca Date: Fri, 27 Sep 2024 20:47:02 +0200 Subject: [PATCH 3/5] Check for Trusted Publishing in magic link logic --- twine-upload.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/twine-upload.sh b/twine-upload.sh index fce45172..98d41b1b 100755 --- a/twine-upload.sh +++ b/twine-upload.sh @@ -73,7 +73,11 @@ MAGIC_LINK_MESSAGE="::warning title=Create a Trusted Publisher::\ A new Trusted Publisher for the currently running publishing workflow can be created \ by accessing the following link(s) while logged-in as an owner of the package(s):" -if [[ ! "${INPUT_REPOSITORY_URL}" =~ pypi\.org || ${#PACKAGE_NAMES[@]} -eq 0 ]] ; then + +[[ "${INPUT_USER}" == "__token__" && -z "${INPUT_PASSWORD}" ]] \ + && TRUSTED_PUBLISHING=true || TRUSTED_PUBLISHING=false + +if [[ "${TRUSTED_PUBLISHING}" == true || ! "${INPUT_REPOSITORY_URL}" =~ pypi\.org || ${#PACKAGE_NAMES[@]} -eq 0 ]] ; then TRUSTED_PUBLISHING_MAGIC_LINK_NUDGE="" else if [[ "${INPUT_REPOSITORY_URL}" =~ test\.pypi\.org ]] ; then @@ -90,8 +94,6 @@ else echo "${MAGIC_LINK_MESSAGE}" >> $GITHUB_STEP_SUMMARY fi -[[ "${INPUT_USER}" == "__token__" && -z "${INPUT_PASSWORD}" ]] \ - && TRUSTED_PUBLISHING=true || TRUSTED_PUBLISHING=false if [[ "${INPUT_ATTESTATIONS}" != "false" ]] ; then # Setting `attestations: true` without Trusted Publishing indicates From d8c894824be9b682f2c96437e9f8002633580706 Mon Sep 17 00:00:00 2001 From: Facundo Tuesca Date: Fri, 27 Sep 2024 20:47:50 +0200 Subject: [PATCH 4/5] Fix magic link nudge formatting in job summary --- twine-upload.sh | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/twine-upload.sh b/twine-upload.sh index 98d41b1b..482e266a 100755 --- a/twine-upload.sh +++ b/twine-upload.sh @@ -69,9 +69,9 @@ The workflow was run with 'attestations: true' input, but the specified \ repository URL does not support PEP 740 attestations. As a result, the \ attestations input is ignored." -MAGIC_LINK_MESSAGE="::warning title=Create a Trusted Publisher::\ -A new Trusted Publisher for the currently running publishing workflow can be created \ -by accessing the following link(s) while logged-in as an owner of the package(s):" +MAGIC_LINK_MESSAGE="A new Trusted Publisher for the currently running \ +publishing workflow can be created by accessing the following link(s) while \ +logged-in as an owner of the package(s):" [[ "${INPUT_USER}" == "__token__" && -z "${INPUT_PASSWORD}" ]] \ @@ -90,10 +90,14 @@ else LINK="- ${INDEX_URL}/manage/project/${PACKAGE_NAME}/settings/publishing/?provider=github&owner=${GITHUB_REPOSITORY_OWNER}&repository=${REPOSITORY_NAME}&workflow_filename=${WORKFLOW_FILENAME}" ALL_LINKS+="$LINK"$'\n' done - TRUSTED_PUBLISHING_MAGIC_LINK_NUDGE="${MAGIC_LINK_MESSAGE}"$'\n'"${ALL_LINKS}" - echo "${MAGIC_LINK_MESSAGE}" >> $GITHUB_STEP_SUMMARY -fi + # Construct the summary message without the warning header + MAGIC_LINK_MESSAGE_WITH_LINKS="${MAGIC_LINK_MESSAGE}"$'\n'"${ALL_LINKS}" + echo "${MAGIC_LINK_MESSAGE_WITH_LINKS}" >> $GITHUB_STEP_SUMMARY + + # The actual nudge in the log is formatted as a warning + TRUSTED_PUBLISHING_MAGIC_LINK_NUDGE="::warning title=Create a Trusted Publisher::${MAGIC_LINK_MESSAGE_WITH_LINKS}" +fi if [[ "${INPUT_ATTESTATIONS}" != "false" ]] ; then # Setting `attestations: true` without Trusted Publishing indicates From 6edc29448558443d6ab3041af8e0140a58f96fba Mon Sep 17 00:00:00 2001 From: mosfet80 Date: Sun, 29 Sep 2024 09:04:41 +0200 Subject: [PATCH 5/5] Fix node.js v16 deprecation self-smoke-test-action.yml actions/checkout@v3 use node.js versio 16. But version 16 is deprecated. version 4 fixes the problem. --- .github/workflows/self-smoke-test-action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/self-smoke-test-action.yml b/.github/workflows/self-smoke-test-action.yml index eecd8cc3..b655019d 100644 --- a/.github/workflows/self-smoke-test-action.yml +++ b/.github/workflows/self-smoke-test-action.yml @@ -42,7 +42,7 @@ jobs: steps: - name: Check out the action locally - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: path: test - name: Install the packaging-related tools