mirror of
https://github.com/saymrwulf/cryptography.git
synced 2026-05-14 20:37:55 +00:00
7d62332542
* ci: Update GitHub owned actions to be referenced by SHA. Work automated using StepSecurity Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> * ci: create hash-pinned requirements files for build and publish processes Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> * ci: change ci files to install build and publish dependencies using hashes Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> * ci: fix path to requirements files Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> * ci: rebuild the requirement.txt files using `--allow-unsafe` The flag is needed to create hash-pinned requirements for pip and setup-tools. Find more information about this at these issues from [pip-tools](https://github.com/jazzband/pip-tools/issues/806) and from [pip](https://github.com/pypa/pip/issues/6459). Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> * refactor(workflows): move build requirements files to a separated folder Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> * fix(workflow): requirements download was erasing work from previous steps Using the actions/checkout to download the requirements.txt was erasing some necessary files that came from previous steps. Thus, this commit changes moves the checkout action to the beginnig of the jobs. Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> * ci: remove reference to inexistent input in pypi-publish.yml * docs(workflows): remove comment related to a line already delated from code Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> * refactor(workflows): use a workflow-level env var to define path to build requirements file Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> * fix(workflows): refer to env vars using ${{ }} sintax Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> * refactor(workflows): move build and publish requirements files Moved from .github/workflows/requirements/ to .github/requirements/ Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> * docs(workflows): add comments on requirements files explaining their relation Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> * ci(workflows): update build dependencies to match exactly the ones at pyproject.toml Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> * ci: remove unnecessary parameter When calling actions/checkout , we were passing the `ref` parameter as `github.ref`, but it will likely be always main, or the vary same value as the default for this parameter. * Update dependabot config to cover build/publish dependencies --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com> Co-authored-by: StepSecurity Bot <bot@stepsecurity.io>
155 lines
No EOL
4.2 KiB
TOML
155 lines
No EOL
4.2 KiB
TOML
[build-system]
|
|
# These requirements must be kept sync with the requirements on ./github/requirements/build-requirements files
|
|
requires = [
|
|
# First version of setuptools to support pyproject.toml configuration
|
|
"setuptools>=61.0.0",
|
|
"wheel",
|
|
# Must be kept in sync with `project.dependencies`
|
|
"cffi>=1.12; platform_python_implementation != 'PyPy'",
|
|
"setuptools-rust>=0.11.4",
|
|
]
|
|
build-backend = "setuptools.build_meta"
|
|
|
|
[project]
|
|
name = "cryptography"
|
|
version = "42.0.0.dev1"
|
|
authors = [
|
|
{name = "The Python Cryptographic Authority and individual contributors", email = "cryptography-dev@python.org"}
|
|
]
|
|
description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers."
|
|
readme = "README.rst"
|
|
license = {text = "Apache-2.0 OR BSD-3-Clause"}
|
|
classifiers = [
|
|
"Development Status :: 5 - Production/Stable",
|
|
"Intended Audience :: Developers",
|
|
"License :: OSI Approved :: Apache Software License",
|
|
"License :: OSI Approved :: BSD License",
|
|
"Natural Language :: English",
|
|
"Operating System :: MacOS :: MacOS X",
|
|
"Operating System :: POSIX",
|
|
"Operating System :: POSIX :: BSD",
|
|
"Operating System :: POSIX :: Linux",
|
|
'Operating System :: Microsoft :: Windows',
|
|
"Programming Language :: Python",
|
|
"Programming Language :: Python :: 3",
|
|
"Programming Language :: Python :: 3 :: Only",
|
|
"Programming Language :: Python :: 3.7",
|
|
"Programming Language :: Python :: 3.8",
|
|
"Programming Language :: Python :: 3.9",
|
|
"Programming Language :: Python :: 3.10",
|
|
"Programming Language :: Python :: 3.11",
|
|
"Programming Language :: Python :: Implementation :: CPython",
|
|
"Programming Language :: Python :: Implementation :: PyPy",
|
|
"Topic :: Security :: Cryptography",
|
|
]
|
|
requires-python = ">=3.7"
|
|
dependencies = [
|
|
# Must be kept in sync with `build-system.requires`
|
|
"cffi >=1.12",
|
|
]
|
|
|
|
[project.urls]
|
|
homepage = "https://github.com/pyca/cryptography"
|
|
documentation = "https://cryptography.io/"
|
|
source = "https://github.com/pyca/cryptography/"
|
|
issues = "https://github.com/pyca/cryptography/issues"
|
|
changelog = "https://cryptography.io/en/latest/changelog/"
|
|
|
|
[tool.setuptools]
|
|
zip-safe = false
|
|
package-dir = {"" = "src"}
|
|
|
|
[tool.setuptools.packages.find]
|
|
where = ["src"]
|
|
include = ["cryptography*"]
|
|
|
|
[project.optional-dependencies]
|
|
ssh = ["bcrypt >=3.1.5"]
|
|
|
|
# All the following are used for our own testing.
|
|
nox = ["nox"]
|
|
test = [
|
|
"pytest >=6.2.0",
|
|
"pytest-benchmark",
|
|
"pytest-cov",
|
|
"pytest-xdist",
|
|
"pretend",
|
|
]
|
|
test-randomorder = ["pytest-randomly"]
|
|
docs = ["sphinx >=5.3.0", "sphinx-rtd-theme >=1.1.1"]
|
|
docstest = ["pyenchant >=1.6.11", "twine >=1.12.0", "sphinxcontrib-spelling >=4.0.1"]
|
|
sdist = ["build"]
|
|
pep8test = ["black", "ruff", "mypy", "check-sdist"]
|
|
|
|
[tool.black]
|
|
line-length = 79
|
|
target-version = ["py37"]
|
|
|
|
[tool.pytest.ini_options]
|
|
addopts = "-r s --capture=no --strict-markers --benchmark-disable"
|
|
console_output_style = "progress-even-when-capture-no"
|
|
markers = [
|
|
"skip_fips: this test is not executed in FIPS mode",
|
|
"supported: parametrized test requiring only_if and skip_message",
|
|
]
|
|
|
|
[tool.mypy]
|
|
show_error_codes = true
|
|
check_untyped_defs = true
|
|
no_implicit_reexport = true
|
|
warn_redundant_casts = true
|
|
warn_unused_ignores = true
|
|
warn_unused_configs = true
|
|
strict_equality = true
|
|
|
|
[[tool.mypy.overrides]]
|
|
module = [
|
|
"pretend"
|
|
]
|
|
ignore_missing_imports = true
|
|
|
|
[tool.coverage.run]
|
|
branch = true
|
|
relative_files = true
|
|
source = [
|
|
"cryptography",
|
|
"tests/",
|
|
]
|
|
|
|
[tool.coverage.paths]
|
|
source = [
|
|
"src/cryptography",
|
|
"*.nox/*/lib*/python*/site-packages/cryptography",
|
|
"*.nox\\*\\Lib\\site-packages\\cryptography",
|
|
"*.nox/pypy/site-packages/cryptography",
|
|
]
|
|
tests =[
|
|
"tests/",
|
|
"*tests\\",
|
|
]
|
|
|
|
[tool.coverage.report]
|
|
exclude_lines = [
|
|
"@abc.abstractmethod",
|
|
"@typing.overload",
|
|
"if typing.TYPE_CHECKING",
|
|
]
|
|
|
|
[tool.ruff]
|
|
# UP006: Minimum Python 3.9
|
|
# UP007, UP038: Minimum Python 3.10
|
|
ignore = ['N818', 'UP006', 'UP007', 'UP038']
|
|
select = ['E', 'F', 'I', 'N', 'W', 'UP', 'RUF']
|
|
line-length = 79
|
|
|
|
[tool.ruff.isort]
|
|
known-first-party = ["cryptography", "cryptography_vectors", "tests"]
|
|
|
|
[tool.check-sdist]
|
|
git-only = [
|
|
"vectors/*",
|
|
"release.py",
|
|
"ci-constraints-requirements.txt",
|
|
".gitattributes",
|
|
".gitignore",
|
|
] |