.copier-answers.yml

+# Changes here will be overwritten by Copier
+_commit: v0.3.3
+_src_path: https://gitlab.softwareheritage.org/swh/devel/swh-py-template.git
+description: Software Heritage deposit server
+distribution_name: swh-deposit
+have_cli: true
+have_workers: true
+package_root: swh/deposit
+project_name: swh.deposit
+python_minimal_version: '3.7'
+readme_format: rst

.git-blame-ignore-revs

-# Enable black
+# python: Reformat code with black
 f5426d6722826972e2d611d4e7040abbf40c49a1
-
-# python: Reformat code with black 22.3.0
 8a006aeebf7d0cf52abc71b07cd560cbd098349e
+7b0fac22d29db6ad27cb650f835cae2f8786ad70
+# isort
+9c0d0496369828c8fad882d5d676978fb76105f8

.gitignore

+*.egg-info/
 *.pyc
-*.sw?
-*~
-/.coverage
-/.coverage.*
+.coverage
 .eggs/
+.hypothesis
+.mypy_cache
+.tox
 __pycache__
-*.egg-info/
-version.txt
 build/
 dist/
-/analysis.org
-/swh/deposit/fixtures/private_data.yaml
-/swh/deposit.json
-/test.json
-/swh/test
-db.sqlite3
-/.noseids
-*.tgz
-*.zip
-*.tar.gz
-*.tar.bz2
-*.tar.lzma
-.tox/
-.mypy_cache/
-.hypothesis/
+# these are symlinks created by a hook in swh-docs' main sphinx conf.py
+docs/README.rst
+docs/README.md
+# this should be a symlink for people who want to build the sphinx doc
+# without using tox, generally created by the swh-env/bin/update script
+docs/Makefile.sphinx

.pre-commit-config.yaml

+exclude: ^swh/deposit/tests/data/atom/.*$
+
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.3.0
+    rev: v5.0.0
     hooks:
       - id: trailing-whitespace
       - id: check-json
       - id: check-yaml
 
+  - repo: https://github.com/python/black
+    rev: 25.1.0
+    hooks:
+      - id: black
+
+  - repo: https://github.com/PyCQA/isort
+    rev: 6.0.0
+    hooks:
+      - id: isort
+
   - repo: https://github.com/pycqa/flake8
-    rev: 5.0.4
+    rev: 7.1.1
     hooks:
       - id: flake8
-        additional_dependencies: [flake8-bugbear==22.9.23]
+        additional_dependencies: [flake8-bugbear==24.12.12, flake8-pyproject]
 
   - repo: https://github.com/codespell-project/codespell
-    rev: v2.2.2
+    rev: v2.4.1
     hooks:
       - id: codespell
         name: Check source code spelling
         args: [-L sur]
-        stages: [commit]
+        stages: [pre-commit]
+      - id: codespell
+        name: Check commit message spelling
+        stages: [commit-msg]
 
   - repo: local
     hooks:
@@ -29,13 +44,13 @@ repos:
         pass_filenames: false
         language: system
         types: [python]
-
-  - repo: https://github.com/PyCQA/isort
-    rev: 5.10.1
-    hooks:
-      - id: isort
-
-  - repo: https://github.com/python/black
-    rev: 22.10.0
-    hooks:
-      - id: black
+      - id: twine-check
+        name: twine check
+        description: call twine check when pushing an annotated release tag
+        entry: bash -c "ref=$(git describe) &&
+          [[ $ref =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]] &&
+          (python3 -m build --sdist && twine check $(ls -t dist/* | head -1)) || true"
+        pass_filenames: false
+        stages: [pre-push]
+        language: python
+        additional_dependencies: [twine, build]

CODE_OF_CONDUCT.md

@@ -6,7 +6,7 @@ In the interest of fostering an open and welcoming environment, we as Software
 Heritage contributors and maintainers pledge to making participation in our
 project and our community a harassment-free experience for everyone, regardless
 of age, body size, disability, ethnicity, sex characteristics, gender identity
-and expression, level of experience, education, socio-economic status,
+and expression, level of experience, education, socioeconomic status,
 nationality, personal appearance, race, religion, or sexual identity and
 orientation.
 

MANIFEST.in

-include Makefile
-include requirements*.txt
-include version.txt
-recursive-include swh/deposit/static *
-recursive-include swh/deposit/fixtures *
-recursive-include swh/deposit/templates *
-recursive-include swh/deposit/tests/data *
-recursive-include swh/deposit/tests/*/data *
-recursive-include swh/deposit/xsd *
-recursive-include swh py.typed
-include tox.ini
-include pytest.ini

README.rst

-docs/README.rst
\ No newline at end of file

README.rst

+Software Heritage - Deposit
+===========================
+
+Simple Web-Service Offering Repository Deposit (S.W.O.R.D) is an interoperability
+standard for digital file deposit.
+
+This repository is both the `SWORD v2`_ Server and a deposit command-line client
+implementations.
+
+This implementation allows interaction between a client (a repository) and a server (SWH
+repository) to deposit software source code archives and associated metadata.
+
+Description
+-----------
+
+Most of the software source code artifacts present in the SWH Archive are gathered by
+the mean of `loader`_ workers run by the SWH project from source code
+origins identified by `lister`_ workers. This is a pull mechanism: it's
+the responsibility of the SWH project to gather and collect source code artifacts that
+way.
+
+Alternatively, SWH allows its partners to push source code artifacts and metadata
+directly into the Archive with a push-based mechanism. By using this possibility
+different actors, holding software artifacts or metadata, can preserve their assets
+without having to pass through an intermediate collaborative development platform, which
+is already harvested by SWH (e.g GitHub, Gitlab, etc.).
+
+This mechanism is the ``deposit``.
+
+The main idea is the deposit is an authenticated access to an API allowing the user to
+provide source code artifacts -- with metadata -- to be ingested in the SWH Archive. The
+result of that is a `SWHID`_ that can be used to uniquely
+and persistently identify that very piece of source code.
+
+This unique identifier can then be used to `reference the source code
+<https://hal.archives-ouvertes.fr/hal-02446202>`_ (e.g. in a `scientific paper
+<https://www.softwareheritage.org/2020/05/26/citing-software-with-style/>`_) and
+retrieve it using the `vault`_ feature of the SWH Archive platform.
+
+The differences between a piece of code uploaded using the deposit rather than simply
+asking SWH to archive a repository using the `save code now`_ feature
+are:
+
+- a deposited artifact is provided from one of the SWH partners which is regarded as a
+  trusted authority,
+- a deposited artifact requires metadata properties describing the source code artifact,
+- a deposited artifact has a codemeta_ metadata entry attached to it,
+- a deposited artifact has the same visibility on the SWH Archive than a collected
+  repository,
+- a deposited artifact can be searched with its provided url property on the SWH
+  Archive,
+- the deposit API uses the `SWORD v2`_ API, thus requires some tooling to send deposits
+  to SWH. These tools are provided with this repository.
+
+
+See the `User Manual`_ page for more details on how to use the deposit client
+command line tools to push a deposit in the SWH Archive.
+
+See the `API Documentation`_ reference pages of the SWORDv2 API implementation
+in ``swh.deposit`` if you want to do upload deposits using HTTP requests.
+
+Read the `Deposit metadata`_ chapter to get more details on what metadata
+are supported when doing a deposit.
+
+See `Running swh-deposit locally`_ if you want to hack the code of the ``swh.deposit`` module.
+
+See `Production deployment`_ if you want to deploy your own copy of the
+`swh.deposit` stack.
+
+
+.. _codemeta: https://codemeta.github.io/
+.. _SWORD v2: http://swordapp.org/sword-v2/
+.. _loader: https://docs.softwareheritage.org/devel/glossary.html#term-loader
+.. _lister: https://docs.softwareheritage.org/devel/glossary.html#term-lister
+.. _SWHID: https://docs.softwareheritage.org/devel/swh-model/persistent-identifiers.html#persistent-identifiers
+.. _vault: https://docs.softwareheritage.org/devel/swh-vault/index.html#swh-vault
+.. _save code now: https://archive.softwareheritage.org/save/
+.. _User Manual: https://docs.softwareheritage.org/devel/swh-deposit/api/user-manual.html#deposit-user-manual
+.. _API Documentation: https://docs.softwareheritage.org/devel/swh-deposit/api/api-documentation.html#deposit-api-specifications
+.. _Deposit metadata: https://docs.softwareheritage.org/devel/swh-deposit/api/metadata.html#deposit-metadata
+.. _Running swh-deposit locally: https://docs.softwareheritage.org/devel/swh-deposit/internals/dev-environment.html#swh-deposit-dev-env
+.. _Production deployment: https://docs.softwareheritage.org/devel/swh-deposit/internals/prod-environment.html#swh-deposit-prod-env
\ No newline at end of file

docs/.gitignore

 _build/
 apidoc/
 *-stamp
-

docs/Makefile

-include ../../swh-docs/Makefile.sphinx
+include Makefile.sphinx
 
 APIDOC_EXCLUDES += ../swh/*/settings/*
 

docs/README.rst

-Software Heritage - Deposit
-===========================
-
-Simple Web-Service Offering Repository Deposit (S.W.O.R.D) is an interoperability
-standard for digital file deposit.
-
-This repository is both the `SWORD v2`_ Server and a deposit command-line client
-implementations.
-
-This implementation allows interaction between a client (a repository) and a server (SWH
-repository) to deposit software source code archives and associated metadata.
-
-Description
------------
-
-Most of the software source code artifacts present in the SWH Archive are gathered by
-the mean of :term:`loader <loader>` workers run by the SWH project from sourve code
-origins identified by :term:`lister <lister>` workers. This is a pull mechanism: it's
-the responsibility of the SWH project to gather and collect source code artifacts that
-way.
-
-Alternatively, SWH allows its partners to push source code artifacts and metadata
-directly into the Archive with a push-based mechanism. By using this possibility
-different actors, holding software artifacts or metadata, can preserve their assets
-without having to pass through an intermediate collaborative development platform, which
-is already harvested by SWH (e.g GitHub, Gitlab, etc.).
-
-This mechanism is the ``deposit``.
-
-The main idea is the deposit is an authenticated access to an API allowing the user to
-provide source code artifacts -- with metadata -- to be ingested in the SWH Archive. The
-result of that is a :ref:`SWHID <persistent-identifiers>` that can be used to uniquely
-and persistently identify that very piece of source code.
-
-This unique identifier can then be used to `reference the source code
-<https://hal.archives-ouvertes.fr/hal-02446202>`_ (e.g. in a `scientific paper
-<https://www.softwareheritage.org/2020/05/26/citing-software-with-style/>`_) and
-retrieve it using the :ref:`vault <swh-vault>` feature of the SWH Archive platform.
-
-The differences between a piece of code uploaded using the deposit rather than simply
-asking SWH to archive a repository using the :swh_web:`save code now <save/>` feature
-are:
-
-- a deposited artifact is provided from one of the SWH partners which is regarded as a
-  trusted authority,
-- a deposited artifact requires metadata properties describing the source code artifact,
-- a deposited artifact has a codemeta_ metadata entry attached to it,
-- a deposited artifact has the same visibility on the SWH Archive than a collected
-  repository,
-- a deposited artifact can be searched with its provided url property on the SWH
-  Archive,
-- the deposit API uses the `SWORD v2`_ API, thus requires some tooling to send deposits
-  to SWH. These tools are provided with this repository.
-
-See the :ref:`deposit-user-manual` page for more details on how to use the deposit client
-command line tools to push a deposit in the SWH Archive.
-
-See the :ref:`deposit-api-specifications` reference pages of the SWORDv2 API implementation
-in `swh.deposit` if you want to do upload deposits using HTTP requests.
-
-Read the :ref:`deposit-metadata` chapter to get more details on what metadata
-are supported when doing a deposit.
-
-See :ref:`swh-deposit-dev-env` if you want to hack the code of the ``swh.deposit`` module.
-
-See :ref:`swh-deposit-prod-env` if you want to deploy your own copy of the
-`swh.deposit` stack.
-
-
-.. _codemeta: https://codemeta.github.io/
-.. _SWORD v2: http://swordapp.org/sword-v2/

docs/README.rst

+../README.rst
\ No newline at end of file

docs/api/metadata.rst

@@ -104,7 +104,7 @@ Using Atom with CodeMeta
               <codemeta:identifier> article id </codemeta:identifier>
             </codemeta:referencePublication>
             <codemeta:isPartOf>
-                <codemeta:type> Collaboration/Projet </codemeta:type>
+                <codemeta:type> Collaboration/Project </codemeta:type>
                 <codemeta:name> project name</codemeta:name>
                 <codemeta:identifier> id </codemeta:identifier>
             </codemeta:isPartOf>

docs/api/register-account.rst

@@ -11,6 +11,11 @@ Register account
 
 .. _swh-deposit-register-account-as-deposit-client:
 
+Becoming a deposit client is very easy, just write to deposit@softwareheritage.org
+to setup the deposit partner agreement. With the agreement signed you can follow the
+steps below.
+
+
 As a deposit client
 -------------------
 

docs/index.rst

@@ -18,4 +18,12 @@ Reference Documentation
    :maxdepth: 2
 
    cli
-   /apidoc/swh.deposit
+
+.. only:: standalone_package_doc
+
+   Indices and tables
+   ------------------
+
+   * :ref:`genindex`
+   * :ref:`modindex`
+   * :ref:`search`

docs/specs/protocol-reference.rst

@@ -421,7 +421,7 @@ Schema
 ------
 
 Here is an XML schema to summarize the syntax described in this document:
-https://forge.softwareheritage.org/source/swh-deposit/browse/master/swh/deposit/xsd/swh.xsd
+https://gitlab.softwareheritage.org/swh/devel/swh-deposit/-/blob/master/swh/deposit/xsd/swh.xsd
 
 
 

docs/specs/spec-meta-deposit.rst

@@ -91,7 +91,7 @@ The metadata may be on an origin, identified by the origin's URL:
 Graph objects
 ^^^^^^^^^^^^^
 
-It may also reference an object in the `SWH graph <data-model>`: contents,
+It may also reference an object in the :ref:`SWH graph <data-model>`: contents,
 directories, revisions, releases, and snapshots:
 
 .. code:: xml
@@ -111,7 +111,7 @@ directories, revisions, releases, and snapshots:
   </swh:deposit>
 
 
-The value of the ``swhid`` attribute must be a `SWHID <persistent-identifiers>`,
+The value of the ``swhid`` attribute must be a :ref:`SWHID <persistent-identifiers>`,
 with any context qualifiers in this list:
 
 * ``origin``

mypy.ini

-[mypy]
-namespace_packages = True
-warn_unused_ignores = True
-
-
-# support for django magic: https://github.com/typeddjango/django-stubs
-plugins = mypy_django_plugin.main
-
-[mypy.plugins.django-stubs]
-django_settings_module = swh.deposit.settings.testing
-
-
-# 3rd party libraries without stubs (yet)
-
-[mypy-celery.*]
-ignore_missing_imports = True
-
-[mypy-iso8601.*]
-ignore_missing_imports = True
-
-[mypy-pkg_resources.*]
-ignore_missing_imports = True
-
-[mypy-psycopg2.*]
-ignore_missing_imports = True
-
-[mypy-pytest.*]
-ignore_missing_imports = True
-
-[tenacity.*]
-ignore_missing_imports = True
-
-[mypy-rest_framework.*]
-ignore_missing_imports = True
-
-[mypy-xmlschema.*]
-ignore_missing_imports = True
-
-[mypy-xmltodict.*]
-ignore_missing_imports = True
-
-[mypy-swh.loader.tar.*]
-ignore_missing_imports = True
-
-[mypy-swh.storage.*]
-ignore_missing_imports = True

pyproject.toml

+[project]
+name = "swh.deposit"
+authors = [
+    {name="Software Heritage developers", email="swh-devel@inria.fr"},
+]
+
+description = "Software Heritage deposit server"
+readme = {file = "README.rst", content-type = "text/x-rst"}
+requires-python = ">=3.7"
+classifiers = [
+    "Programming Language :: Python :: 3",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: GNU General Public License v3 (GPLv3)",
+    "Operating System :: OS Independent",
+    "Development Status :: 5 - Production/Stable",
+]
+dynamic = ["version", "dependencies", "optional-dependencies"]
+
+[tool.setuptools.packages.find]
+include = ["swh.*"]
+
+[tool.setuptools.dynamic]
+dependencies = {file = ["requirements.txt", "requirements-swh.txt"]}
+
+[tool.setuptools.dynamic.optional-dependencies]
+server = {file = ["requirements-server.txt", "requirements-swh-server.txt"]}
+azure = {file = ["requirements-azure.txt"]}
+testing = {file = [
+    "requirements-test.txt",
+    "requirements-server.txt",
+    "requirements-swh-server.txt",
+    "requirements-azure.txt",
+    ]}
+
+[project.entry-points."swh.cli.subcommands"]
+"swh.deposit" = "swh.deposit.cli"
+
+[project.entry-points."swh.workers"]
+"swh.deposit" = "swh.deposit.loader:register"
+
+[project.urls]
+"Homepage" = "https://gitlab.softwareheritage.org/swh/devel/swh-deposit"
+"Bug Reports" = "https://gitlab.softwareheritage.org/swh/devel/swh-deposit/-/issues"
+"Funding" = "https://www.softwareheritage.org/donate"
+"Documentation" = "https://docs.softwareheritage.org/devel/swh-deposit/"
+"Source" = "https://gitlab.softwareheritage.org/swh/devel/swh-deposit.git"
+
+[build-system]
+requires = ["setuptools", "setuptools-scm"]
+build-backend = "setuptools.build_meta"
+
+[tool.setuptools_scm]
+fallback_version = "0.0.1"
+
 [tool.black]
-target-version = ['py37']
+target-version = ['py39', 'py310', 'py311', 'py312']
 
 [tool.isort]
 multi_line_output = 3
@@ -9,3 +63,49 @@ use_parentheses = true
 ensure_newline_before_comments = true
 line_length = 88
 force_sort_within_sections = true
+known_first_party = ['swh']
+
+[tool.django-stubs]
+django_settings_module = "swh.deposit.settings.development"
+
+[tool.mypy]
+namespace_packages = true
+warn_unused_ignores = true
+explicit_package_bases = true
+# ^ Needed for mypy to detect py.typed from swh packages installed
+# in editable mode
+
+plugins = [
+    "mypy_django_plugin.main",
+]
+
+# 3rd party libraries without stubs (yet)
+[[tool.mypy.overrides]]
+module = [
+    "storages.backends.azure_storage.*"
+]
+ignore_missing_imports = true
+
+[tool.flake8]
+select = ["C", "E", "F", "W", "B950"]
+ignore = [
+    "E203", # whitespaces before ':' <https://github.com/psf/black/issues/315>
+    "E231", # missing whitespace after ','
+    "E501", # line too long, use B950 warning from flake8-bugbear instead
+    "W503" # line break before binary operator <https://github.com/psf/black/issues/52>
+]
+max-line-length = 88
+
+[tool.pytest.ini_options]
+addopts = """
+    -p no:flask
+    -p no:pytest_swh_scheduler
+    -p no:pytest_swh_storage
+    -p no:pytest_swh_core
+    --ignore=swh/deposit/settings
+    --strict-markers
+"""
+norecursedirs = "build docs .*"
+asyncio_mode = "strict"
+consider_namespace_packages = true
+DJANGO_SETTINGS_MODULE = "swh.deposit.settings.testing"