Compare revisions

Antoine Lambert · Jayesh · Jérémy Bobbio (Lunar) · Antoine Lambert · Antoine Lambert · Antoine Lambert
--- a/.copier-answers.yml
+++ b/.copier-answers.yml
+# Changes here will be overwritten by Copier
+_commit: v0.3.3
+_src_path: https://gitlab.softwareheritage.org/swh/devel/swh-py-template.git
+description: Software Heritage authentication utilities
+distribution_name: swh-auth
+have_cli: true
+have_workers: false
+package_root: swh/auth
+project_name: swh.auth
+python_minimal_version: '3.7'
+readme_format: rst
--- a/.git-blame-ignore-revs
+++ b/.git-blame-ignore-revs
-# python: Reformat code with black 22.3.0
+# python: Reformat code with black
 a30d9355cdd906eb4045eabfac921e6d665c4c98
+b7bb1b6add4358cfa271da64516e489f4c2afa56
--- a/.gitignore
+++ b/.gitignore
 *.egg-info/
 *.pyc
-*.sw?
-*~
 .coverage
 .eggs/
+.hypothesis
 .mypy_cache
 .tox
 __pycache__
 build/
 dist/
-version.txt
-.mypy_cache/
+# these are symlinks created by a hook in swh-docs' main sphinx conf.py
+docs/README.rst
+docs/README.md
+# this should be a symlink for people who want to build the sphinx doc
+# without using tox, generally created by the swh-env/bin/update script
+docs/Makefile.sphinx
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
 repos:
  - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.3.0
+    rev: v5.0.0
    hooks:
      - id: trailing-whitespace
      - id: check-json
      - id: check-yaml

+  - repo: https://github.com/python/black
+    rev: 25.1.0
+    hooks:
+      - id: black
+
+  - repo: https://github.com/PyCQA/isort
+    rev: 6.0.0
+    hooks:
+      - id: isort
+
  - repo: https://github.com/pycqa/flake8
-    rev: 5.0.4
+    rev: 7.1.1
    hooks:
      - id: flake8
-        additional_dependencies: [flake8-bugbear==22.9.23]
+        additional_dependencies: [flake8-bugbear==24.12.12, flake8-pyproject]

  - repo: https://github.com/codespell-project/codespell
-    rev: v2.2.2
+    rev: v2.4.1
    hooks:
      - id: codespell
        name: Check source code spelling
-        stages: [commit]
+        stages: [pre-commit]
+      - id: codespell
+        name: Check commit message spelling
+        stages: [commit-msg]

  - repo: local
    hooks:
@@ -28,13 +41,13 @@ repos:
        pass_filenames: false
        language: system
        types: [python]
-
-  - repo: https://github.com/PyCQA/isort
-    rev: 5.10.1
-    hooks:
-      - id: isort
-
-  - repo: https://github.com/python/black
-    rev: 22.10.0
-    hooks:
-      - id: black
+      - id: twine-check
+        name: twine check
+        description: call twine check when pushing an annotated release tag
+        entry: bash -c "ref=$(git describe) &&
+          [[ $ref =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]] &&
+          (python3 -m build --sdist && twine check $(ls -t dist/* | head -1)) || true"
+        pass_filenames: false
+        stages: [pre-push]
+        language: python
+        additional_dependencies: [twine, build]
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -6,7 +6,7 @@ In the interest of fostering an open and welcoming environment, we as Software
 Heritage contributors and maintainers pledge to making participation in our
 project and our community a harassment-free experience for everyone, regardless
 of age, body size, disability, ethnicity, sex characteristics, gender identity
-and expression, level of experience, education, socio-economic status,
+and expression, level of experience, education, socioeconomic status,
 nationality, personal appearance, race, religion, or sexual identity and
 orientation.


--- a/MANIFEST.in
+++ b/MANIFEST.in
-include Makefile
-include requirements*.txt
-include version.txt
-include README.md
-recursive-include swh py.typed
-include conftest.py
--- a/README.rst
+++ b/README.rst
-docs/README.rst
\ No newline at end of file
--- a/README.rst
+++ b/README.rst
+Software Heritage - Authentication
+==================================
+
+``swh-auth`` is a set of utility libraries related to user authentication
+in applications and services based on the use of `Keycloak`_ and `OpenID Connect`_.
+
+`Keycloak`_ is an open source software enabling single sign-on (SSO) with identity
+and access management.
+
+`OpenID Connect`_ (OIDC) is an authentication layer on top of `OAuth 2.0`_, widely
+used in modern web applications and services.
+
+``swh-auth`` notably offers the following features:
+
+- the ``swh.auth.keycloak.KeycloakOpenIDConnect`` class to ease the
+  interaction with a Keycloak server
+
+- a ``pytest`` plugin with the ``keycloak_oidc`` fixture to mock Keycloak
+  responses in unit tests
+
+- generic backends, views and middlewares to easily plug OpenID Connect authentication
+  in any `Django`_ or `Django REST framework`_ application
+
+
+.. _Keycloak: https://www.keycloak.org/
+
+.. _OpenID Connect: https://openid.net/connect/
+
+.. _OAuth 2.0: https://oauth.net/2/
+
+.. _Django: https://www.djangoproject.com/
+
+.. _Django REST framework: https://www.django-rest-framework.org/
\ No newline at end of file
--- a/docs/Makefile
+++ b/docs/Makefile
-include ../../swh-docs/Makefile.sphinx
+include Makefile.sphinx
--- a/docs/README.rst
+++ b/docs/README.rst
-Software Heritage - Authentication
-==================================
-
-``swh-auth`` is a set of utility libraries related to user authentication
-in applications and services based on the use of `Keycloak`_ and `OpenID Connect`_.
-
-`Keycloak`_ is an open source software enabling single sign-on (SSO) with identity
-and access management.
-
-`OpenID Connect`_ (OIDC) is an authentication layer on top of `OAuth 2.0`_, widely
-used in modern web applications and services.
-
-``swh-auth`` notably offers the following features:
-
- the ``swh.auth.keycloak.KeycloakOpenIDConnect`` class to ease the
-  interaction with a Keycloak server
-
- a ``pytest`` plugin with the ``keycloak_oidc`` fixture to mock Keycloak
-  responses in unit tests
-
- generic backends, views and middlewares to easily plug OpenID Connect authentication
-  in any `Django`_ or `Django REST framework`_ application
-
-
-.. _Keycloak: https://www.keycloak.org/
-
-.. _OpenID Connect: https://openid.net/connect/
-
-.. _OAuth 2.0: https://oauth.net/2/
-
-.. _Django: https://www.djangoproject.com/
-
-.. _Django REST framework: https://www.django-rest-framework.org/
\ No newline at end of file
--- a/docs/README.rst
+++ b/docs/README.rst
+../README.rst
\ No newline at end of file
--- a/mypy.ini
+++ b/mypy.ini
-[mypy]
-namespace_packages = True
-warn_unused_ignores = True
-
-# support for django magic: https://github.com/typeddjango/django-stubs
-plugins = mypy_django_plugin.main, mypy_drf_plugin.main
-
-[mypy.plugins.django-stubs]
-django_settings_module = swh.auth.tests.django.app.apptest.settings
-
-# 3rd party libraries without stubs (yet)
-
-[mypy-jose.*]
-ignore_missing_imports = True
-
-[mypy-keycloak.*]
-ignore_missing_imports = True
-
-[mypy-pkg_resources.*]
-ignore_missing_imports = True
-
-[mypy-pytest.*]
-ignore_missing_imports = True
--- a/pyproject.toml
+++ b/pyproject.toml
+[project]
+name = "swh.auth"
+authors = [
+    {name="Software Heritage developers", email="swh-devel@inria.fr"},
+]
+
+description = "Software Heritage authentication utilities"
+readme = {file = "README.rst", content-type = "text/x-rst"}
+requires-python = ">=3.7"
+classifiers = [
+    "Programming Language :: Python :: 3",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: GNU General Public License v3 (GPLv3)",
+    "Operating System :: OS Independent",
+    "Development Status :: 3 - Alpha",
+]
+dynamic = ["version", "dependencies", "optional-dependencies"]
+
+[tool.setuptools.packages.find]
+include = ["swh.*"]
+
+[tool.setuptools.dynamic]
+dependencies = {file = ["requirements.txt", "requirements-swh.txt"]}
+
+[tool.setuptools.dynamic.optional-dependencies]
+django = {file = ["requirements-django.txt"]}
+starlette = {file = ["requirements-starlette.txt"]}
+testing = {file = [
+    "requirements-test.txt",
+    "requirements-django.txt",
+    "requirements-starlette.txt",
+    ]}
+
+[project.entry-points."swh.cli.subcommands"]
+"swh.auth" = "swh.auth.cli"
+
+[project.urls]
+"Homepage" = "https://gitlab.softwareheritage.org/swh/devel/swh-auth"
+"Bug Reports" = "https://gitlab.softwareheritage.org/swh/devel/swh-auth/-/issues"
+"Funding" = "https://www.softwareheritage.org/donate"
+"Documentation" = "https://docs.softwareheritage.org/devel/swh-auth/"
+"Source" = "https://gitlab.softwareheritage.org/swh/devel/swh-auth.git"
+
+[build-system]
+requires = ["setuptools", "setuptools-scm"]
+build-backend = "setuptools.build_meta"
+
+[tool.setuptools_scm]
+fallback_version = "0.0.1"
+
 [tool.black]
-target-version = ['py37']
+target-version = ['py39', 'py310', 'py311', 'py312']

 [tool.isort]
 multi_line_output = 3
@@ -9,3 +59,42 @@ use_parentheses = true
 ensure_newline_before_comments = true
 line_length = 88
 force_sort_within_sections = true
+known_first_party = ['swh']
+
+[tool.django-stubs]
+django_settings_module = "swh.auth.tests.django.app.apptest.settings"
+
+[tool.mypy]
+namespace_packages = true
+warn_unused_ignores = true
+explicit_package_bases = true
+# ^ Needed for mypy to detect py.typed from swh packages installed
+# in editable mode
+
+plugins = ["mypy_django_plugin.main",
+           "mypy_drf_plugin.main"]
+
+# 3rd party libraries without stubs (yet)
+[[tool.mypy.overrides]]
+module = [
+    "aiocache.*",
+]
+ignore_missing_imports = true
+
+[tool.flake8]
+select = ["C", "E", "F", "W", "B950"]
+ignore = [
+    "E203", # whitespaces before ':' <https://github.com/psf/black/issues/315>
+    "E231", # missing whitespace after ','
+    "E501", # line too long, use B950 warning from flake8-bugbear instead
+    "W503" # line break before binary operator <https://github.com/psf/black/issues/52>
+]
+max-line-length = 88
+
+[tool.pytest.ini_options]
+addopts = "-p no:flask"
+norecursedirs = "build docs .*"
+asyncio_mode = "strict"
+consider_namespace_packages = true
+DJANGO_SETTINGS_MODULE = "swh.auth.tests.django.app.apptest.settings"
+
--- a/pytest.ini
+++ b/pytest.ini
-[pytest]
-addopts = -p no:flask
-norecursedirs = build docs .*
-DJANGO_SETTINGS_MODULE = swh.auth.tests.django.app.apptest.settings
-asyncio_mode = strict
--- a/requirements-django.txt
+++ b/requirements-django.txt
-django < 3
+django
 djangorestframework
 sentry-sdk
--- a/requirements-starlette.txt
+++ b/requirements-starlette.txt
+starlette
+httpx
+aiocache
--- a/requirements-test.txt
+++ b/requirements-test.txt
 django-stubs
 djangorestframework-stubs
-pytest
+pytest >= 8.1
 pytest-django
 pytest-mock
 requests_mock
+swh.core[testing]
 types-click
+types-jwcrypto
 types-pytz
 types-pyyaml
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,5 +2,5 @@
 # should match https://pypi.python.org/pypi names. For the full spec or
 # dependency lines, see https://pip.readthedocs.org/en/1.1/requirements.html
 click
-python-keycloak >= 0.19.0
+python-keycloak >= 5.3.1
 pyyaml
--- a/setup.cfg
+++ b/setup.cfg
-[flake8]
-# E203: whitespaces before ':' <https://github.com/psf/black/issues/315>
-# E231: missing whitespace after ','
-# E501: line too long, use B950 warning from flake8-bugbear instead
-# W503: line break before binary operator <https://github.com/psf/black/issues/52>
-select = C,E,F,W,B950
-ignore = E203,E231,E501,W503
-max-line-length = 88
--- a/setup.py
+++ b/setup.py
-#!/usr/bin/env python3
-# Copyright (C) 2019-2021  The Software Heritage developers
-# See the AUTHORS file at the top-level directory of this distribution
-# License: GNU General Public License version 3, or any later version
-# See top-level LICENSE file for more information
-
-from io import open
-from os import path
-
-from setuptools import find_packages, setup
-
-here = path.abspath(path.dirname(__file__))
-
-# Get the long description from the README file
-with open(path.join(here, "README.rst"), encoding="utf-8") as f:
-    long_description = f.read()
-
-
-def parse_requirements(*names):
-    requirements = []
-    for name in names:
-        if name:
-            reqf = "requirements-%s.txt" % name
-        else:
-            reqf = "requirements.txt"
-
-        if not path.exists(reqf):
-            return requirements
-
-        with open(reqf) as f:
-            for line in f.readlines():
-                line = line.strip()
-                if not line or line.startswith("#"):
-                    continue
-                requirements.append(line)
-    return requirements
-
-
-setup(
-    name="swh.auth",
-    description="Software Heritage Authentication Utilities",
-    long_description=long_description,
-    long_description_content_type="text/markdown",
-    python_requires=">=3.7",
-    author="Software Heritage developers",
-    author_email="swh-devel@inria.fr",
-    url="https://forge.softwareheritage.org/source/swh-auth/",
-    packages=find_packages(),  # packages's modules
-    install_requires=parse_requirements(None, "swh"),
-    tests_require=parse_requirements("test"),
-    setup_requires=["setuptools-scm"],
-    use_scm_version=True,
-    extras_require={
-        "django": parse_requirements("django"),
-        "testing": parse_requirements("test"),
-    },
-    include_package_data=True,
-    entry_points="""
-        [swh.cli.subcommands]
-        auth=swh.auth.cli
-    """,
-    classifiers=[
-        "Programming Language :: Python :: 3",
-        "Intended Audience :: Developers",
-        "License :: OSI Approved :: GNU General Public License v3 (GPLv3)",
-        "Operating System :: OS Independent",
-        "Development Status :: 3 - Alpha",
-    ],
-    project_urls={
-        "Bug Reports": "https://forge.softwareheritage.org/maniphest",
-        "Funding": "https://www.softwareheritage.org/donate",
-        "Source": "https://forge.softwareheritage.org/source/swh-<module>",
-        "Documentation": "https://docs.softwareheritage.org/devel/swh-<module>/",
-    },
-)
No results found