From 2cb70f00a661955f498146f9766495cbb727cd46 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Apr 2024 13:04:33 +0800 Subject: [PATCH 01/12] chore(deps): bump peaceiris/actions-gh-pages from 3 to 4 (#151) --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 4efa956..d7a2605 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -102,7 +102,7 @@ jobs: - name: Upload docs to github pages # only publish doc changes from main branch if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' - uses: peaceiris/actions-gh-pages@v3 + uses: peaceiris/actions-gh-pages@v4 with: github_token: ${{ secrets.GITHUB_TOKEN }} publish_dir: ./docs/_build/html From f5eee40a591e0c13b12f7761f4c088611a4a83a4 Mon Sep 17 00:00:00 2001 From: Peter Shen Date: Wed, 17 Apr 2024 09:28:57 -0400 Subject: [PATCH 02/12] feat: call reusable workflows from .github repo (#152) --- .github/workflows/release-drafter.yml | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 7c8d6e7..d25c13e 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -1,21 +1,11 @@ -# https://github.com/release-drafter/release-drafter name: Release Drafter on: push: branches: - "main" - pull_request: - types: [opened, reopened, synchronize] - pull_request_target: - types: [opened, reopened, synchronize] workflow_dispatch: jobs: - update_release_draft: - runs-on: ubuntu-latest - steps: - # Drafts your next Release notes as Pull Requests are merged into the default branch - - uses: release-drafter/release-drafter@v6 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + draft-release: + uses: commit-check/.github/.github/workflows/release-drafter.yml@main From c84a9df6f31c949580d1aab4d59e5a698bd0c200 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Wed, 17 Apr 2024 21:30:37 +0800 Subject: [PATCH 03/12] ci: pre-commit autoupdate (#150) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit updates: - [github.com/pre-commit/pre-commit-hooks: v4.5.0 → v4.6.0](https://github.com/pre-commit/pre-commit-hooks/compare/v4.5.0...v4.6.0) - [github.com/commit-check/commit-check: v0.7.3 → v0.7.4](https://github.com/commit-check/commit-check/compare/v0.7.3...v0.7.4) Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> --- .pre-commit-config.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index ffa800e..fd0bc19 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -7,7 +7,7 @@ ci: default_install_hook_types: [pre-commit, prepare-commit-msg] repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.5.0 + rev: v4.6.0 hooks: - id: check-yaml - id: check-toml @@ -32,7 +32,7 @@ repos: hooks: - id: codespell - repo: https://github.com/commit-check/commit-check - rev: v0.7.3 + rev: v0.7.4 hooks: - id: check-message # - id: check-branch # uncomment if you need. From da48649b485f1cc35b27d6eea8e6f076d78a9267 Mon Sep 17 00:00:00 2001 From: Peter Shen Date: Wed, 17 Apr 2024 23:03:20 -0400 Subject: [PATCH 04/12] feat: add issue templates (#154) --- .../{bug.yml => bug-report.yml} | 1 + .github/ISSUE_TEMPLATE/config.yml | 8 ++++ .github/ISSUE_TEMPLATE/feature-request.yml | 38 +++++++++++++++++++ 3 files changed, 47 insertions(+) rename .github/ISSUE_TEMPLATE/{bug.yml => bug-report.yml} (97%) create mode 100644 .github/ISSUE_TEMPLATE/config.yml create mode 100644 .github/ISSUE_TEMPLATE/feature-request.yml diff --git a/.github/ISSUE_TEMPLATE/bug.yml b/.github/ISSUE_TEMPLATE/bug-report.yml similarity index 97% rename from .github/ISSUE_TEMPLATE/bug.yml rename to .github/ISSUE_TEMPLATE/bug-report.yml index a9e720b..9c89022 100644 --- a/.github/ISSUE_TEMPLATE/bug.yml +++ b/.github/ISSUE_TEMPLATE/bug-report.yml @@ -1,5 +1,6 @@ name: Bug report description: something went wrong +labels: ["bug"] body: - type: markdown attributes: diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..375a8f2 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,8 @@ +# Documentation for this file can be found at: +# https://help.github.com/en/github/building-a-strong-community/configuring-issue-templates-for-your-repository + +blank_issues_enabled: false +contact_links: + - name: "(maintainers only) Blank issue" + url: https://github.com/commit-check/commit-check/issues/new/ + about: For maintainers only. diff --git a/.github/ISSUE_TEMPLATE/feature-request.yml b/.github/ISSUE_TEMPLATE/feature-request.yml new file mode 100644 index 0000000..6f24ab5 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature-request.yml @@ -0,0 +1,38 @@ +name: Feature request +description: Suggest an idea for this project +labels: ["enhancement"] + +body: + - type: markdown + attributes: + value: >- + Hi there! + + We'd appreciate it if you could search on commit-check's existing issues prior to filing + a feature request. + + - type: textarea + attributes: + label: What's the problem this feature will solve? + description: >- + What are you trying to do, that you are unable to achieve with commit-check as it currently stands? + validations: + required: true + + - type: textarea + attributes: + label: Describe the solution you'd like + description: >- + Clear and concise description of what you want to happen. Please use examples + of real world use cases that this would help with, and how it solves the + problem described above. + validations: + required: true + + - type: textarea + attributes: + label: Additional context + description: >- + Add any other context, links, etc. relevant to the feature request. + validations: + required: true From 7fafe303a627c7cb0e0b66e0d7632776a61e1f19 Mon Sep 17 00:00:00 2001 From: Peter Shen Date: Thu, 18 Apr 2024 11:15:14 +0800 Subject: [PATCH 05/12] docs: update CONTRIBUTING.md --- CONTRIBUTING.md | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 92cd278..b2b7160 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -9,9 +9,36 @@ Our development branch is `main`. When submitting pull requests, please adhere t * Add tests for any new features and bug fixes. * Put a reasonable amount of comments into the code. * Fork [commit-check](https://github.com/commit-check/commit-check) on your GitHub user account. -* Create branch from `main`, make your changes on the new branch and then create a PR against `main` branch of commit-check repository. +* Create a branch from `main`, make your changes on the new branch, and then create a PR against the `main` branch of the commit-check repository. * Separate unrelated changes into multiple pull requests for better review and management. By contributing any code or documentation to this repository (by raising pull requests or otherwise), you explicitly agree to the [License Agreement](https://github.com/commit-check/commit-check/blob/main/LICENSE). We appreciate your contributions to make Commit Check even better! + +## Development + +### Debug commit-check pre-commit hook + +```bash +pre-commit try-repo ./../commit-check/ check-message --verbose --hook-stage prepare-commit-msg --commit-msg-filename .git/COMMIT_EDITMSG +``` + +### Debug commit-check wheel package + +```bash +python3 -m pip install --upgrade pip +pip install -e ./../commit-check/ +commit-check -m +``` + +### Test commit-check pre-commit hook on GitHub + +```yaml +- repo: https://github.com/commit-check/commit-check + rev: the tag or revision # update it to test commit hash + hooks: + - id: check-message + - id: check-branch + - id: check-author-email +``` From e2ce0014f53819f20a94f5ce048f29b1b5272282 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Mon, 29 Apr 2024 18:51:54 -0400 Subject: [PATCH 06/12] ci: pre-commit autoupdate (#156) --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index fd0bc19..f967143 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -22,7 +22,7 @@ repos: args: [--max-line-length=100, --ignore=E501] exclude: ^commit_check/__init__.py - repo: https://github.com/pre-commit/mirrors-mypy - rev: v1.9.0 + rev: v1.10.0 hooks: - id: mypy additional_dependencies: [types-all] From 11de1099bcd8b251706cc334082dab7ec21fbb7b Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 08:23:05 +0800 Subject: [PATCH 07/12] ci: pre-commit autoupdate (#157) --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f967143..467425b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -28,7 +28,7 @@ repos: additional_dependencies: [types-all] exclude: ^testing/resources/ - repo: https://github.com/codespell-project/codespell - rev: v2.2.6 + rev: v2.3.0 hooks: - id: codespell - repo: https://github.com/commit-check/commit-check From f2ddd8ac55a7f8f861990b9cfb2b482319309ccc Mon Sep 17 00:00:00 2001 From: Peter Shen Date: Fri, 7 Jun 2024 01:00:04 +0800 Subject: [PATCH 08/12] Create attestations for final package (#158) --- .github/workflows/publish-package.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/publish-package.yml b/.github/workflows/publish-package.yml index 2fec59e..63d49bc 100644 --- a/.github/workflows/publish-package.yml +++ b/.github/workflows/publish-package.yml @@ -30,6 +30,11 @@ jobs: # Check distribution twine check dist/commit_check* + - name: Create attestations + - uses: actions/attest-build-provenance@v1 + with: + subject-path: "dist/commit_check*" + - name: Generate subject id: hash run: | From b84a336f91135800e1392d8f96f3bca4dd6dc89a Mon Sep 17 00:00:00 2001 From: Peter Shen Date: Fri, 7 Jun 2024 01:14:34 +0800 Subject: [PATCH 09/12] Drop python 3.7 and support 3.13.0-beta.1 in main CI (#159) * Drop python 3.7 and add 3.13 in main CI * Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d7a2605..8199536 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -60,7 +60,7 @@ jobs: strategy: fail-fast: false matrix: - py: ['3.7', '3.8', '3.9', '3.10', '3.11', '3.12'] + py: ['3.8', '3.9', '3.10', '3.11', '3.12', '3.13.0-beta.1'] os: ['windows-latest', 'ubuntu-latest', 'macos-latest'] runs-on: ${{ matrix.os }} steps: From 625d37dcdc214eb1c9bc917484d387b2480fb70a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 7 Jun 2024 01:19:16 +0800 Subject: [PATCH 10/12] chore(deps): bump slsa-framework/slsa-github-generator (#155) Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.10.0 to 2.0.0. - [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases) - [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md) - [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.10.0...v2.0.0) --- updated-dependencies: - dependency-name: slsa-framework/slsa-github-generator dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Peter Shen --- .github/workflows/publish-package.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-package.yml b/.github/workflows/publish-package.yml index 63d49bc..9c18002 100644 --- a/.github/workflows/publish-package.yml +++ b/.github/workflows/publish-package.yml @@ -64,7 +64,7 @@ jobs: id-token: write # To sign the provenance. contents: write # To add assets to a release. # Can't pin with hash due to how this workflow works. - uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0 + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0 with: base64-subjects: ${{ needs.publish.outputs.hashes }} upload-assets: true # Optional: Upload to a new release From 0ea2c9e2276a131b07d9c1923036bd794153c230 Mon Sep 17 00:00:00 2001 From: Peter Shen Date: Fri, 7 Jun 2024 01:21:54 +0800 Subject: [PATCH 11/12] Update publish-package.yml --- .github/workflows/publish-package.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-package.yml b/.github/workflows/publish-package.yml index 9c18002..fa576c4 100644 --- a/.github/workflows/publish-package.yml +++ b/.github/workflows/publish-package.yml @@ -31,7 +31,7 @@ jobs: twine check dist/commit_check* - name: Create attestations - - uses: actions/attest-build-provenance@v1 + uses: actions/attest-build-provenance@v1 with: subject-path: "dist/commit_check*" From 8c137f6248eb0a342ec2bbeb0f4716f5680654f6 Mon Sep 17 00:00:00 2001 From: Peter Shen Date: Fri, 7 Jun 2024 01:24:24 +0800 Subject: [PATCH 12/12] Update publish-package.yml --- .github/workflows/publish-package.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/publish-package.yml b/.github/workflows/publish-package.yml index fa576c4..f104e16 100644 --- a/.github/workflows/publish-package.yml +++ b/.github/workflows/publish-package.yml @@ -6,6 +6,10 @@ on: types: [published] workflow_dispatch: +permissions: + id-token: write + attestations: write + jobs: publish: runs-on: ubuntu-latest