Merge pull request #246 from Ouranosinc/cookiecutter-update

Cookiecutter update

.cruft.json

@@ -1,12 +1,12 @@
 {
   "template": "https://github.com/Ouranosinc/cookiecutter-pypackage",
-  "commit": "5642574eb8ecd68019da5dfaeaa51c305a798825",
+  "commit": "b9dc57245a77dd3c465a444d4943884ee92157ea",
   "checkout": null,
   "context": {
     "cookiecutter": {
       "full_name": "Sarah-Claude Bourdeau-Goulet",
       "email": "[email protected]",
-      "github_username": "Sarahclaude",
+      "github_username": "Ouranosinc",
       "project_name": "figanos",
       "project_slug": "figanos",
       "project_short_description": "Outils pour produire des graphiques informatifs sur les impacts des changements climatiques.",
@@ -22,26 +22,7 @@
       "create_author_file": "y",
       "open_source_license": "Apache Software License 2.0",
       "generated_with_cruft": "y",
-      "__gh_slug": "https://github.com/Sarahclaude/figanos",
-      "__prompts__": {
-        "full_name": "Your full name",
-        "email": "Your email address",
-        "github_username": "Your GitHub username (or organization)",
-        "project_name": "The name of your project",
-        "project_short_description": "A short description of your project",
-        "pypi_username": "Your PyPI username (or organization)",
-        "version": "The version of your project",
-        "use_pytest": "Do you want to use pytest?",
-        "use_black": "Do you want to use Black for code formatting?",
-        "use_conda": "Do you want to add configurations for Anaconda package management?",
-        "add_pyup_badge": "Do you want to add a pyup.io badge? (not recommended)",
-        "make_docs": "Do you want to generate documentation files",
-        "add_translations": "Do you want to add translations?",
-        "command_line_interface": "Which command-line interface do you want to use?",
-        "create_author_file": "Do you want to create an AUTHORS.rst file?",
-        "open_source_license": "Which open-source license do you want to use?",
-        "generated_with_cruft": "Was this project generated with Cruft? (Add a '.cruft.json' file)"
-      },
+      "__gh_slug": "https://github.com/Ouranosinc/figanos",
       "_template": "https://github.com/Ouranosinc/cookiecutter-pypackage"
     }
   },

.flake8

@@ -6,9 +6,6 @@ exclude =
 	docs,
 	tests
 ignore =
-	AZ100,
-	AZ200,
-	AZ300,
 	C,
 	D,
 	E,

.github/dependabot.yml

@@ -1,7 +1,7 @@
 version: 2
 updates:
   - package-ecosystem: github-actions
-    directory: /
+    directory: /.github/workflows/
     schedule:
       interval: monthly
     open-pull-requests-limit: 10

.github/labeler.yml

@@ -13,10 +13,27 @@
     - any-glob-to-any-file:
       - '.editorconfig'
       - '.flake8'
-      - '.github/*.yml'
-      - '.github/workflows/*.yml'
       - '.pre-commit-config.yaml'
       - '.readthedocs.yml'
       - '.yamllint.yml'
-      - 'Makefile'
+      - '.github/workflows/*'
+      - 'docs/Makefile'
       - 'tox.ini'
+      - 'CI/**/*'
+      - 'Makefile'
+# label 'docs' all documentation-related steps and files
+'docs':
+  - changed-files:
+    - any-glob-to-any-file:
+      - '.readthedocs.yml'
+      - '.zenodo.json'
+      - 'docs/**/*'
+      - 'environment-docs.yml'
+      - 'AUTHORS.rst'
+      - 'CONTRIBUTING.rst'
+      - 'CODE_OF_CONDUCT.md'
+      - 'DISCUSSION_TEMPLATE/**/*'
+      - 'ISSUE_TEMPLATE/**/*'
+      - 'ISSUE_TEMPLATE.md'
+      - 'PULL_REQUEST_TEMPLATE.md'
+      - 'README.rst'

.github/workflows/bump-version.yml

@@ -19,6 +19,10 @@ on:
       - .zenodo.json
       - AUTHORS.rst
       - CHANGELOG.rst
+      - CI/**/*.in
+      - CI/**/*.py
+      - CI/**/*.txt
+      - CODE_OF_CONDUCT.md
       - CONTRIBUTING.rst
       - Makefile
       - .readthedocs.yml
@@ -64,14 +68,13 @@ jobs:
         run: |
           git config --local user.email "bumpversion[bot]@ouranos.ca"
           git config --local user.name "bumpversion[bot]"
-      - name: Install bump-my-version
-        run: |
-          python -m pip install "bump-my-version>=0.18.3"
       - name: Current Version
         run: |
-          bump-my-version show current_version
           CURRENT_VERSION="$(grep -E '__version__' src/figanos/__init__.py | cut -d ' ' -f3)"
           echo "CURRENT_VERSION=${CURRENT_VERSION}" >> $GITHUB_ENV
+      - name: Install CI libraries
+        run: |
+          python -m pip install --require-hashes -r CI/requirements_ci.txt
       - name: Conditional Bump Version
         run: |
           if [[ ${{ env.CURRENT_VERSION }} =~ -dev(\.\d+)? ]]; then

.github/workflows/dependency-review.yml

@@ -1,6 +1,7 @@
 # Dependency Review Action
 #
-# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
+# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR.
+# Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
 #
 # Source repository: https://github.com/actions/dependency-review-action
 # Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement

.github/workflows/first-pull-request.yml

@@ -5,10 +5,15 @@ on:
     types:
       - opened
 
+permissions:
+  contents: read
+
 jobs:
   welcome:
     name: Welcome
     runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
     steps:
       - name: Harden Runner
         uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
@@ -51,5 +56,5 @@ jobs:
               It appears that this is your first Pull Request. To give credit where it's due, we ask that you add your information to the \`AUTHORS.rst\` and \`.zenodo.json\`:
                - [ ] The relevant author information has been added to \`AUTHORS.rst\` and \`.zenodo.json\`.
 
-              Please make sure you've read our [contributing guide](CONTRIBUTING.rst). We look forward to reviewing your Pull Request shortly ✨`
+              Please make sure you've read our [contributing guide](https://github.com/Ouranosinc/figanos/blob/main/CONTRIBUTING.rst). We look forward to reviewing your Pull Request shortly ✨`
             })

.github/workflows/label.yml

@@ -20,8 +20,6 @@ jobs:
     name: Label
     runs-on: ubuntu-latest
     permissions:
-      checks: write
-      contents: read
       pull-requests: write
     steps:
       - name: Harden Runner

.github/workflows/main.yml

@@ -10,7 +10,7 @@ on:
       - README.rst
       - pyproject.toml
       - tests/test_figanos.py
-      - figanos/__init__.py
+      - src/figanos/__init__.py
   pull_request:
 
 concurrency:
@@ -40,28 +40,24 @@ jobs:
         uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
         with:
           python-version: ${{ matrix.python-version }}
-      - name: Install tox
+      - name: Install CI libraries
         run: |
-          python -m pip install tox
+          python -m pip install --require-hashes -r CI/requirements_ci.txt
       - name: Run linting suite
         run: |
           python -m tox -e lint
 
   test-pypi:
-    name: Test with Python${{ matrix.python-version }} (Python${{ matrix.python-version }} + tox)
+    name: Test with Python${{ matrix.python-version }} (tox)
     needs: lint
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        include:
-          - tox-env: "py39-coveralls"
-            python-version: "3.9"
-          - tox-env: "py310-coveralls"
-            python-version: "3.10"
-          - tox-env: "py311-coveralls"
-            python-version: "3.11"
-          - tox-env: "py312"
-            python-version: "3.12"
+        python-version:
+          - "3.9"
+          - "3.10"
+          - "3.11"
+          - "3.12"
     steps:
       - name: Harden Runner
         uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
@@ -77,13 +73,14 @@ jobs:
         run: |
           sudo apt-get update
           sudo apt-get install -y libgdal-dev
-      - name: Install tox
-        run: pip install tox
+      - name: Install CI libraries
+        run: |
+          python -m pip install --require-hashes -r CI/requirements_ci.txt
       - name: Test with tox
-        run: tox -e ${{ matrix.tox-env }}
+        run: tox
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          COVERALLS_FLAG_NAME: run-${{ matrix.tox-env }}
+          COVERALLS_FLAG_NAME: run-${{ matrix.python-version }}
           COVERALLS_PARALLEL: true
           COVERALLS_SERVICE_NAME: github
 
@@ -94,6 +91,7 @@ jobs:
     strategy:
       matrix:
         python-version:
+          - "3.9"
           - "3.12"
     defaults:
       run:
@@ -112,9 +110,8 @@ jobs:
           environment-file: environment-dev.yml
           create-args: >-
             python=${{ matrix.python-version }}
-      - name: Conda and Micromamba versions
+      - name: Micromamba version
         run: |
-          conda --version
           echo "micromamba $(micromamba --version)"
       - name: Install figanos
         run: |
@@ -126,7 +123,7 @@ jobs:
       - name: Test with pytest
         run: |
           python -m pytest --cov figanos
-      - name: Report coverage
+      - name: Report Coverage
         run: |
           python -m coveralls
         env:
@@ -136,20 +133,23 @@ jobs:
           COVERALLS_SERVICE_NAME: github
 
   finish:
-     needs:
+    needs:
       - test-pypi
       - test-conda
-     runs-on: ubuntu-latest
-     container: python:3-slim
-     steps:
-       - name: Harden Runner
-         uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
-         with:
-           egress-policy: audit
-       - name: Coveralls Finished
-         run: |
-          python -m pip install --upgrade coveralls
+    runs-on: ubuntu-latest
+    container: python:3-slim
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        with:
+          sparse-checkout: |
+            CI/requirements_ci.txt
+      - name: Install CI libraries
+        run: |
+          python -m pip install --require-hashes -r CI/requirements_ci.txt
+      - name: Coveralls finished
+        run: |
           python -m coveralls --finish
-         env:
-           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-           COVERALLS_SERVICE_NAME: github
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          COVERALLS_SERVICE_NAME: github

.github/workflows/publish-pypi.yml

@@ -33,9 +33,9 @@ jobs:
         uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
         with:
           python-version: "3.x"
-      - name: Install packaging libraries
+      - name: Install CI libraries
         run: |
-          python -m pip install flit
+          python -m pip install --require-hashes -r CI/requirements_ci.txt
       - name: Build a binary wheel and a source tarball
         run: |
           python -m flit build

.github/workflows/scorecard.yml

@@ -51,7 +51,7 @@ jobs:
         with:
           persist-credentials: false
 
-      - name: Run analysis
+      - name: Run Analysis
         uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
         with:
           results_file: results.sarif
@@ -71,7 +71,7 @@ jobs:
 
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
-      - name: Upload artifact
+      - name: Upload Artifact
         uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
         with:
           name: SARIF file
@@ -80,6 +80,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a  # 3.25.15
+        uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # 3.25.15
         with:
           sarif_file: results.sarif

.github/workflows/tag-testpypi.yml

@@ -57,9 +57,9 @@ jobs:
         uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
         with:
           python-version: "3.x"
-      - name: Install packaging libraries
+      - name: Install CI libraries
         run: |
-          python -m pip install flit
+          python -m pip install --require-hashes -r CI/requirements_ci.txt
       - name: Build a binary wheel and a source tarball
         run: |
           python -m flit build