Skip to content

Draft/PoC: uv, ruff, version upgrades #413

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
martinhoyer wants to merge 3 commits into
base: master
Choose a base branch
from
Draft

Draft/PoC: uv, ruff, version upgrades #413

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
797316f
Migrate from poetry to uv
Jan 27, 2026
1a20786
Fix reportAttributeAccessIssue in db/__init__.py
Jan 27, 2026
0e6cc00
Migrate to ruff, prek
Jan 28, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ coverage.xml
*.cover
.hypothesis/

# Poetry
# Python
dist/
build/
*.egg-info/
Expand Down
2 changes: 1 addition & 1 deletion .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
version: 2
updates:
- package-ecosystem: pip
- package-ecosystem: uv
directory: /
schedule:
interval: monthly
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,16 +41,16 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@v2
with:
egress-policy: audit

- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
uses: actions/checkout@v6

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
uses: github/codeql-action/init@v4
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -60,7 +60,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
uses: github/codeql-action/autobuild@v4

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
Expand All @@ -73,6 +73,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
uses: github/codeql-action/analyze@v4
with:
category: "/language:${{matrix.language}}"
22 changes: 7 additions & 15 deletions .github/workflows/e2e-tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,24 +10,16 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@v2
with:
egress-policy: audit

- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Install Python
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: 3.13
cache: pip

- name: Install poetry
uses: abatilo/actions-poetry@e78f54a89cb052fff327414dd9ff010b5d2b4dbd # v3.0.1

- name: Install dependencies
run: poetry install --with tests
uses: actions/checkout@v6

- name: Install the latest version of uv
uses: astral-sh/setup-uv@v7
- name: Install Python 3.14
run: uv python install 3.14
- name: Run tests
run: poetry run pytest -v tests/e2e/
run: uv run pytest -v tests/e2e/
20 changes: 6 additions & 14 deletions .github/workflows/gh-pages.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ on:
paths:
- ".github/workflows/update-docs.ya?ml"
- "mkdocs.ya?ml"
- "poetry.lock"
- "uv.lock"
- "pyproject.toml"
- "docs/**"

Expand All @@ -25,23 +25,15 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@v2
with:
egress-policy: audit

- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
uses: actions/checkout@v6

- name: Install Python
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: 3.13

- name: Install Poetry
run: pip install poetry

- name: Install Dependencies
run: poetry install --no-root --with docs
- name: Install the latest version of uv
uses: astral-sh/setup-uv@v7

- name: Deploy website
run: poetry run mkdocs gh-deploy --theme material --force --no-history
run: uv run mkdocs gh-deploy --theme material --force --no-history
43 changes: 17 additions & 26 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,33 +13,25 @@ on:
jobs:
pypi:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@v2
with:
egress-policy: audit

- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Build goosebit package ${{ github.event_name != 'pull_request' && 'and push to PyPI' || '' }}
uses: JRubics/poetry-publish@7100bd02517e9f82452e6247849042f6c74dde04 # v2.0
with:
pypi_token: ${{ github.event_name == 'pull_request' && 'none' || secrets.PYPI_API_KEY }}
poetry_publish_options: ${{ github.event_name == 'pull_request' && '--dry-run' || '' }}

- name: Build goosebit-simple-stats package ${{ github.event_name != 'pull_request' && 'and push to PyPI' || '' }}
uses: JRubics/poetry-publish@7100bd02517e9f82452e6247849042f6c74dde04 # v2.0
with:
pypi_token: ${{ github.event_name == 'pull_request' && 'none' || secrets.PYPI_API_KEY }}
poetry_publish_options: --skip-existing ${{ github.event_name == 'pull_request' && '--dry-run' || '' }}
package_directory: plugins/goosebit_simple_stats

- name: Build goosebit-forwarded-header package ${{ github.event_name != 'pull_request' && 'and push to PyPI' || '' }}
uses: JRubics/poetry-publish@7100bd02517e9f82452e6247849042f6c74dde04 # v2.0
with:
pypi_token: ${{ github.event_name == 'pull_request' && 'none' || secrets.PYPI_API_KEY }}
poetry_publish_options: --skip-existing ${{ github.event_name == 'pull_request' && '--dry-run' || '' }}
package_directory: plugins/goosebit_forwarded_header
- name: Checkout
uses: actions/checkout@v6
- name: Install uv
uses: astral-sh/setup-uv@v7
- name: Install Python 3.13
run: uv python install 3.13
- name: Build
run: uv build
- name: Publish
run: uv publish
# TODO: Set-up trusted publishing https://docs.astral.sh/uv/guides/integration/github/#publishing-to-pypi

docker:
needs: pypi
Expand Down Expand Up @@ -119,9 +111,8 @@ jobs:
with:
egress-policy: audit

- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- uses: actions/checkout@v6
- name: Publish GH release
uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda # v2.2.1
uses: softprops/action-gh-release@v2
with:
generate_release_notes: true
10 changes: 5 additions & 5 deletions .github/workflows/scorecard.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,17 +25,17 @@ jobs:

steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@v2
with:
egress-policy: audit

- name: "Checkout code"
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
uses: actions/checkout@v6
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
uses: ossf/scorecard-action@v2
with:
results_file: results.sarif
results_format: sarif
Expand All @@ -47,7 +47,7 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v3.pre.node20
uses: actions/upload-artifact@v6
with:
name: SARIF file
path: results.sarif
Expand All @@ -56,6 +56,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard (optional).
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
uses: github/codeql-action/upload-sarif@v4
with:
sarif_file: results.sarif
20 changes: 8 additions & 12 deletions .github/workflows/unit-tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,29 +13,25 @@ jobs:
pull-requests: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
uses: step-security/harden-runner@v2
with:
egress-policy: audit

- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: "3.13"
cache: pip
- name: Install poetry
uses: abatilo/actions-poetry@e78f54a89cb052fff327414dd9ff010b5d2b4dbd # v3.0.1
- name: Install dependencies
run: poetry install --with tests
- uses: actions/checkout@v6
- name: Install the latest version of uv
uses: astral-sh/setup-uv@v7
- name: Install Python 3.14
run: uv python install 3.14
- name: Run tests
env:
REPORT_OUTPUT: md_report.md
shell: bash
run: |
echo "REPORT_FILE=${REPORT_OUTPUT}" >> "$GITHUB_ENV"
poetry run pytest -v --md-report --md-report-flavor gfm --md-report-color never \
uv run pytest -v --md-report --md-report-flavor gfm --md-report-color never \
--md-report-exclude-outcomes passed skipped xpassed --md-report-output "$REPORT_OUTPUT" tests/unit
- name: Render the report to the PR when tests fail
uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0
uses: marocchino/sticky-pull-request-comment@v2
if: failure()
with:
header: test-report
Expand Down
48 changes: 18 additions & 30 deletions .pre-commit-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
default_language_version:
python: python3.13 # mypy pydantic-core doesn't compile with python3.14
ci:
skip:
- poetry-lock
- uv-lock
- pytest
repos:
- repo: https://github.com/python-poetry/poetry
rev: 2.2.1
- repo: https://github.com/astral-sh/uv-pre-commit
rev: 0.9.27
hooks:
- id: poetry-check
- id: poetry-lock
- id: poetry-install
- id: uv-lock
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v6.0.0
hooks:
Expand All @@ -22,50 +22,38 @@ repos:
name: check-yaml for other YAML files
exclude: ^mkdocs\.yml$
- id: check-added-large-files
- repo: https://github.com/psf/black
rev: 25.9.0
- repo: https://github.com/astral-sh/ruff-pre-commit
rev: v0.14.14
hooks:
- id: black
- repo: https://github.com/pycqa/isort
rev: 6.0.1
hooks:
- id: isort
name: isort (python)
- id: ruff-check
- id: ruff-format
- repo: https://github.com/pre-commit/mirrors-mypy
rev: v1.18.2
rev: v1.19.1
hooks:
- id: mypy
additional_dependencies:
[
anyio==4.11.0,
fastapi==0.117.1,
joserfc==1.3.4,
pydantic==2.11.9,
pydantic-settings==2.10.1,
pytest-asyncio==1.2.0,
types-pyyaml==6.0.12.20250915,
joserfc==1.6.1,
pydantic-settings==2.12.0,
pytest-asyncio==1.3.0,
]
- repo: local
hooks:
- id: pytest
name: pytest
entry: env poetry run pytest tests
entry: uv run pytest tests/unit
language: system
types: [python]
pass_filenames: false
always_run: true
- repo: https://github.com/pycqa/flake8
rev: 7.3.0 # You can specify the version of Flake8 you want to use
hooks:
- id: flake8
additional_dependencies: []
- repo: https://github.com/biomejs/pre-commit
rev: "v2.2.0"
rev: "v2.3.13"
hooks:
- id: biome-check
additional_dependencies: ["@biomejs/[email protected]"]
- repo: https://github.com/rbubley/mirrors-prettier
rev: "v3.6.2"
rev: "v3.8.1"
hooks:
- id: prettier
files: \.(html|md|yml|yaml)$
Expand All @@ -75,6 +63,6 @@ repos:
- id: djlint-reformat-jinja
- id: djlint-jinja
- repo: https://github.com/gitleaks/gitleaks
rev: v8.28.0
rev: v8.30.0
hooks:
- id: gitleaks
19 changes: 11 additions & 8 deletions .readthedocs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,20 @@
version: 2

# Set the version of Python and other tools you might need
# https://docs.readthedocs.com/platform/stable/build-customization.html#install-dependencies-with-uv
build:
os: ubuntu-20.04
tools: { python: "3.11" }
os: ubuntu-24.04
tools:
python: "3.13"
jobs:
pre_create_environment:
- asdf plugin add poetry
- asdf install poetry latest
- asdf global poetry latest
- poetry config virtualenvs.create false
post_install:
- VIRTUAL_ENV=$READTHEDOCS_VIRTUALENV_PATH poetry install --only docs
- asdf plugin add uv
- asdf install uv latest
- asdf global uv latest
create_environment:
- uv venv "${READTHEDOCS_VIRTUALENV_PATH}"
install:
- UV_PROJECT_ENVIRONMENT="${READTHEDOCS_VIRTUALENV_PATH}" uv sync --frozen --group docs

mkdocs:
configuration: mkdocs.yml
Loading
Loading