diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..d811479 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,67 @@ +# SPDX-FileCopyrightText: 2026 William Jin +# +# SPDX-License-Identifier: BSL-1.0 +# +# Dependabot version updates (opens PRs). Also enable in the repo UI: +# Settings → Code security → Dependabot alerts / Dependabot security updates. +# https://docs.astral.sh/uv/guides/integration/dependabot/ + +version: 2 + +updates: + # pyproject.toml + uv.lock (this project uses uv, not requirements.txt). +- package-ecosystem: uv + directory: / + schedule: + interval: weekly + day: monday + time: 09:00 + timezone: Etc/UTC + open-pull-requests-limit: 10 + labels: + - dependencies + - python + # Note: dependency-type-based groups are not supported for uv yet + # (see dependabot/dependabot-core#13202). Group by semver bump size instead. + groups: + uv-patch-minor: + update-types: + - patch + - minor + uv-major: + update-types: + - major + + # Pinned third-party actions under .github/workflows/ +- package-ecosystem: github-actions + directory: / + schedule: + interval: weekly + day: monday + time: 09:00 + timezone: Etc/UTC + open-pull-requests-limit: 5 + labels: + - dependencies + - github-actions + groups: + actions: + patterns: + - '*' + + # Hook repos + revs in .pre-commit-config.yaml +- package-ecosystem: pre-commit + directory: / + schedule: + interval: weekly + day: monday + time: 09:00 + timezone: Etc/UTC + open-pull-requests-limit: 5 + labels: + - dependencies + - pre-commit + groups: + pre-commit-hooks: + patterns: + - '*' diff --git a/.github/workflows/dep-audit.yml b/.github/workflows/ci-dependencies.yml similarity index 100% rename from .github/workflows/dep-audit.yml rename to .github/workflows/ci-dependencies.yml diff --git a/.github/workflows/ci-lint.yml b/.github/workflows/ci-lint.yml new file mode 100644 index 0000000..2cc589a --- /dev/null +++ b/.github/workflows/ci-lint.yml @@ -0,0 +1,50 @@ +# SPDX-FileCopyrightText: 2026 William Jin +# +# SPDX-License-Identifier: BSL-1.0 + +name: Lint and format + +on: + pull_request: + push: + branches: + - main + - develop + +permissions: + contents: read + +jobs: + lint-and-format: + runs-on: ubuntu-latest + + steps: + # actions/checkout v6.0.2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + with: + persist-credentials: false + # actions/cache v5.0.5 + - uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae + with: + path: ~/.cache/prek + key: ${{ runner.os }}-${{ runner.arch }}-prek-${{ hashFiles('.pre-commit-config.yaml') }} + restore-keys: | + ${{ runner.os }}-${{ runner.arch }}-prek- + # actions/setup-python v6.2.0 + - name: Setup Python + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 + with: + python-version: '3.14' + # astral-sh/setup-uv v8.1.0 + - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b + with: + version: 0.11.12 + - name: Install apt dependencies (Weblate venv) + run: sudo ./.github/ci/apt-install + - name: pre-commit + run: | + uv run --only-group pre-commit prek run --all-files --show-diff-on-failure + uv run --only-group pre-commit prek cache gc + env: + RUFF_OUTPUT_FORMAT: github + REUSE_OUTPUT_FORMAT: github diff --git a/.github/workflows/build-and-check.yml b/.github/workflows/ci-package.yml similarity index 100% rename from .github/workflows/build-and-check.yml rename to .github/workflows/ci-package.yml diff --git a/.github/workflows/lint-and-format.yml b/.github/workflows/ci-test.yml similarity index 57% rename from .github/workflows/lint-and-format.yml rename to .github/workflows/ci-test.yml index 03405aa..0c9e0ba 100644 --- a/.github/workflows/lint-and-format.yml +++ b/.github/workflows/ci-test.yml @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: BSL-1.0 -name: Lint and format +name: Tests and coverage on: push: @@ -12,40 +12,6 @@ permissions: contents: read jobs: - lint-and-format: - runs-on: ubuntu-latest - - steps: - # actions/checkout v6.0.2 - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - with: - persist-credentials: false - # actions/cache v5.0.5 - - uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae - with: - path: ~/.cache/prek - key: ${{ runner.os }}-${{ runner.arch }}-prek-${{ hashFiles('.pre-commit-config.yaml') }} - restore-keys: | - ${{ runner.os }}-${{ runner.arch }}-prek- - # actions/setup-python v6.2.0 - - name: Setup Python - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 - with: - python-version: '3.14' - # astral-sh/setup-uv v8.1.0 - - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b - with: - version: 0.11.12 - - name: Install apt dependencies (Weblate venv) - run: sudo ./.github/ci/apt-install - - name: pre-commit - run: | - uv run --only-group pre-commit prek run --all-files --show-diff-on-failure - uv run --only-group pre-commit prek cache gc - env: - RUFF_OUTPUT_FORMAT: github - REUSE_OUTPUT_FORMAT: github - test-coverage: name: Tests and coverage runs-on: ubuntu-latest