From df08580554e16779f6f2fb74f38b5e386cedd5ed Mon Sep 17 00:00:00 2001 From: Tomuta Gabriel Date: Thu, 22 Jan 2026 12:53:07 +0200 Subject: [PATCH 1/7] Extract setup in another action --- .github/actions/ci-setup/action.yml | 28 ++++++++++ .github/workflows/build.yml | 82 +++++------------------------ .github/workflows/documentation.yml | 14 ++--- .github/workflows/release.yml | 13 ++--- 4 files changed, 46 insertions(+), 91 deletions(-) create mode 100644 .github/actions/ci-setup/action.yml diff --git a/.github/actions/ci-setup/action.yml b/.github/actions/ci-setup/action.yml new file mode 100644 index 0000000..537a720 --- /dev/null +++ b/.github/actions/ci-setup/action.yml @@ -0,0 +1,28 @@ +name: "CI common setup" +description: "Setup python and install the Python SDK" +inputs: + python-version: + description: "Set the version of the python to be installed" + required: false + default: "3.10" + extras: + description: "Optional extras to install (e.g., 'dev', 'docs', or empty for none)" + required: false + default: "dev" +runs: + using: "composite" + steps: + - name: Set up Python ${{ inputs.python-version }} + uses: actions/setup-python@v5 + with: + python-version: ${{ inputs.python-version }} + + - name: Install dependencies + run: | + python3 -m pip install --upgrade pip + if [ -n "${{ inputs.extras }}" ]; then + pip install .[${{ inputs.extras }}] + else + pip install . + fi + shell: bash diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 935d01b..a93ad26 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -19,19 +19,11 @@ jobs: python: ['3.9', '3.10', '3.11', '3.12', '3.13'] os: ['ubuntu-latest', 'windows-latest', 'macos-latest'] steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up Python ${{ matrix.python }} - uses: actions/setup-python@v5 + - uses: actions/checkout@v4 + - uses: ./.github/actions/ci-setup with: python-version: ${{ matrix.python }} - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - pip install .[dev] - - name: Print packages run: python3 -m pip list @@ -42,18 +34,8 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.10' - - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - pip install .[dev] + - uses: actions/checkout@v4 + - uses: ./.github/actions/ci-setup - name: Run unit tests id: check @@ -74,18 +56,8 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.10' - - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - pip install .[dev] + - uses: actions/checkout@v4 + - uses: ./.github/actions/ci-setup - name: Run coverage id: check @@ -106,18 +78,8 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.10' - - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - pip install .[dev] + - uses: actions/checkout@v4 + - uses: ./.github/actions/ci-setup - name: Run lint id: check @@ -138,18 +100,8 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.10' - - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - pip install .[dev] + - uses: actions/checkout@v4 + - uses: ./.github/actions/ci-setup - name: Run pep8 codestyle check id: check @@ -170,18 +122,8 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.10' - - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - pip install .[docs] + - uses: actions/checkout@v4 + - uses: ./.github/actions/ci-setup - name: Generate documentation run: | diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml index 015be2e..daca788 100644 --- a/.github/workflows/documentation.yml +++ b/.github/workflows/documentation.yml @@ -11,21 +11,13 @@ jobs: build-docs: runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v4 + - uses: actions/checkout@v4 with: fetch-depth: 0 fetch-tags: true - - - name: Set up Python - uses: actions/setup-python@v5 + - uses: ./.github/actions/ci-setup with: - python-version: '3.10' - - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - pip install .[docs] + extras: docs - name: Generate documentation run: | diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3586fa2..d20f9e1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,17 +24,10 @@ jobs: steps: - uses: actions/checkout@v4 + - uses: ./.github/actions/ci-setup - - name: "Set up Python" - uses: actions/setup-python@v3 - with: - python-version: '3.10' - - - name: "Install dependencies" - run: | - python3 -m pip install --upgrade pip - python3 -m pip install .[dev] - python3 -m pip install --upgrade twine build + - name: "Upgrade dependencies" + run: python3 -m pip install --upgrade twine build - name: "Build package" run: | From 9f06e7d48efb33d955578dcf4eef61f48752db1c Mon Sep 17 00:00:00 2001 From: Tomuta Gabriel Date: Thu, 22 Jan 2026 12:59:39 +0200 Subject: [PATCH 2/7] Fix check docs job --- .github/workflows/build.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a93ad26..800d5ff 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -124,6 +124,8 @@ jobs: steps: - uses: actions/checkout@v4 - uses: ./.github/actions/ci-setup + with: + extras: docs - name: Generate documentation run: | From 8cab1eea6b5d4809eb7fb017437495addd79edbb Mon Sep 17 00:00:00 2001 From: Tomuta Gabriel Date: Thu, 22 Jan 2026 13:14:37 +0200 Subject: [PATCH 3/7] Add weekly job --- .github/workflows/weekly.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 .github/workflows/weekly.yml diff --git a/.github/workflows/weekly.yml b/.github/workflows/weekly.yml new file mode 100644 index 0000000..36c76f8 --- /dev/null +++ b/.github/workflows/weekly.yml @@ -0,0 +1,10 @@ +name: Weekly Build + +on: + schedule: + - cron: '0 0 * * 0' # Runs every Sunday at midnight UTC + workflow_dispatch: + +jobs: + build: + uses: ./.github/workflows/build.yml From 922a530039eb5d36281d322f80925be1f5d2450a Mon Sep 17 00:00:00 2001 From: Tomuta Gabriel Date: Thu, 22 Jan 2026 13:19:28 +0200 Subject: [PATCH 4/7] Add dependabot job for checking actions versions --- .github/dependabot.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..4c5aa08 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,8 @@ +version: 2 +updates: + # Enable version updates for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + open-pull-requests-limit: 10 From 2bf0041926c54d888cf510abd21cc52578691904 Mon Sep 17 00:00:00 2001 From: Tomuta Gabriel Date: Thu, 22 Jan 2026 14:41:50 +0200 Subject: [PATCH 5/7] Add weekly job to check for new python versions --- .github/workflows/weekly.yml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/.github/workflows/weekly.yml b/.github/workflows/weekly.yml index 36c76f8..ad1df6e 100644 --- a/.github/workflows/weekly.yml +++ b/.github/workflows/weekly.yml @@ -5,6 +5,32 @@ on: - cron: '0 0 * * 0' # Runs every Sunday at midnight UTC workflow_dispatch: +env: + LATEST_KNOWN_PYTHON: '3.13' + jobs: build: uses: ./.github/workflows/build.yml + + check-python-version: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Check for new Python versions + run: | + latest=$(curl -s https://endoflife.date/api/python.json | \ + jq -r '[.[] | select(.cycle | test("^3\\.[0-9]+$"))] | .[0].cycle') + + echo "Latest stable Python: $latest" + echo "Known latest: $LATEST_KNOWN_PYTHON" + + if [ "$latest" != "$LATEST_KNOWN_PYTHON" ]; then + echo "::warning::New Python version $latest is available! Manual update is required." + + echo "## :warning: New Python Version Available" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "Python **$latest** has been released (currently testing up to $LATEST_KNOWN_PYTHON)." >> $GITHUB_STEP_SUMMARY + else + echo "Python version is up to date." + fi From b88d54adc7d803d9b0e866157b2851049a920a33 Mon Sep 17 00:00:00 2001 From: Tomuta Gabriel Date: Thu, 22 Jan 2026 14:51:17 +0200 Subject: [PATCH 6/7] Change action versions to hashes --- .github/actions/ci-setup/action.yml | 2 +- .github/workflows/build.yml | 22 +++++++++++----------- .github/workflows/documentation.yml | 8 ++++---- .github/workflows/release.yml | 14 +++++++------- .github/workflows/weekly.yml | 2 +- 5 files changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/actions/ci-setup/action.yml b/.github/actions/ci-setup/action.yml index 537a720..336238e 100644 --- a/.github/actions/ci-setup/action.yml +++ b/.github/actions/ci-setup/action.yml @@ -13,7 +13,7 @@ runs: using: "composite" steps: - name: Set up Python ${{ inputs.python-version }} - uses: actions/setup-python@v5 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 with: python-version: ${{ inputs.python-version }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 800d5ff..0d27529 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -19,7 +19,7 @@ jobs: python: ['3.9', '3.10', '3.11', '3.12', '3.13'] os: ['ubuntu-latest', 'windows-latest', 'macos-latest'] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: ./.github/actions/ci-setup with: python-version: ${{ matrix.python }} @@ -34,7 +34,7 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: ./.github/actions/ci-setup - name: Run unit tests @@ -43,7 +43,7 @@ jobs: continue-on-error: true - name: Upload unit test report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: unit-test-report path: reports/utest @@ -56,7 +56,7 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: ./.github/actions/ci-setup - name: Run coverage @@ -65,7 +65,7 @@ jobs: continue-on-error: true - name: Upload coverage report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: coverage-report path: reports/coverage @@ -78,7 +78,7 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: ./.github/actions/ci-setup - name: Run lint @@ -87,7 +87,7 @@ jobs: continue-on-error: true - name: Upload lint report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: pylint-report path: reports/pylint @@ -100,7 +100,7 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: ./.github/actions/ci-setup - name: Run pep8 codestyle check @@ -109,7 +109,7 @@ jobs: continue-on-error: true - name: Upload codestyle report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: codestyle-report path: reports/codestyle @@ -122,7 +122,7 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: ./.github/actions/ci-setup with: extras: docs @@ -134,7 +134,7 @@ jobs: cd .. - name: Upload documentation - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: docs_html path: docs/build/html diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml index daca788..c3e3917 100644 --- a/.github/workflows/documentation.yml +++ b/.github/workflows/documentation.yml @@ -11,7 +11,7 @@ jobs: build-docs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 fetch-tags: true @@ -26,10 +26,10 @@ jobs: cd .. - name: Setup Pages - uses: actions/configure-pages@v5 + uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0 - name: Upload artifact - uses: actions/upload-pages-artifact@v3 + uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1 with: path: docs/build_versioned @@ -45,4 +45,4 @@ jobs: steps: - name: Deploy to GitHub Pages id: deployment - uses: actions/deploy-pages@v4 + uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d20f9e1..b421a7f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: ./.github/actions/ci-setup - name: "Upgrade dependencies" @@ -34,31 +34,31 @@ jobs: python3 -m build - name: "Upload dist as artifact" - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: dist-artifact path: dist/ - name: "Download artifacts for unit tests" - uses: actions/download-artifact@v4.1.7 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: unit-test-report path: reports/unit-test-report - name: "Download artifacts for coverage" - uses: actions/download-artifact@v4.1.7 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: coverage-report path: reports/coverage-report - name: "Download artifacts for lint" - uses: actions/download-artifact@v4.1.7 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: pylint-report path: reports/pylint-report - name: "Download artifacts for codestyle" - uses: actions/download-artifact@v4.1.7 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: codestyle-report path: reports/codestyle-report @@ -93,7 +93,7 @@ jobs: steps: - name: "Download dist artifact" - uses: actions/download-artifact@v4 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 with: name: dist-artifact path: dist diff --git a/.github/workflows/weekly.yml b/.github/workflows/weekly.yml index ad1df6e..66fe354 100644 --- a/.github/workflows/weekly.yml +++ b/.github/workflows/weekly.yml @@ -15,7 +15,7 @@ jobs: check-python-version: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Check for new Python versions run: | From 85b10730c6ed15bac2e6a710d8103ca5e9978d5e Mon Sep 17 00:00:00 2001 From: Tomuta Gabriel Date: Mon, 9 Feb 2026 17:33:06 +0200 Subject: [PATCH 7/7] Fix findings --- .github/actions/ci-setup/action.yml | 2 +- .github/workflows/build.yml | 12 ++++++------ .github/workflows/documentation.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/weekly.yml | 2 +- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/actions/ci-setup/action.yml b/.github/actions/ci-setup/action.yml index 336238e..99d4473 100644 --- a/.github/actions/ci-setup/action.yml +++ b/.github/actions/ci-setup/action.yml @@ -2,7 +2,7 @@ name: "CI common setup" description: "Setup python and install the Python SDK" inputs: python-version: - description: "Set the version of the python to be installed" + description: "Set the Python version to be installed" required: false default: "3.10" extras: diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0d27529..ee0d3c4 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -19,7 +19,7 @@ jobs: python: ['3.9', '3.10', '3.11', '3.12', '3.13'] os: ['ubuntu-latest', 'windows-latest', 'macos-latest'] steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: ./.github/actions/ci-setup with: python-version: ${{ matrix.python }} @@ -34,7 +34,7 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: ./.github/actions/ci-setup - name: Run unit tests @@ -56,7 +56,7 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: ./.github/actions/ci-setup - name: Run coverage @@ -78,7 +78,7 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: ./.github/actions/ci-setup - name: Run lint @@ -100,7 +100,7 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: ./.github/actions/ci-setup - name: Run pep8 codestyle check @@ -122,7 +122,7 @@ jobs: needs: setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: ./.github/actions/ci-setup with: extras: docs diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml index c3e3917..e242681 100644 --- a/.github/workflows/documentation.yml +++ b/.github/workflows/documentation.yml @@ -11,7 +11,7 @@ jobs: build-docs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 fetch-tags: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b421a7f..7278a4d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: ./.github/actions/ci-setup - name: "Upgrade dependencies" diff --git a/.github/workflows/weekly.yml b/.github/workflows/weekly.yml index 66fe354..3739ecd 100644 --- a/.github/workflows/weekly.yml +++ b/.github/workflows/weekly.yml @@ -15,7 +15,7 @@ jobs: check-python-version: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Check for new Python versions run: |