From 59357d6ffcddf48a8ab217f5cd64464166ff3d9c Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 11:48:17 -0600 Subject: [PATCH 01/13] . --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index a827476c..405b3fdb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -289,7 +289,7 @@ extend-ignore = [ "RET", "RSE102", "RUF001", - "RUF003", # greek characters are used in this project e.g. for allotropes, not an issue + "RUF003", # greek characters are used in this project e.g. for allotropes "RUF005", # this one is not micropython compatible # "S101", # Use assert - removed from global ignore, now controlled by per-file-ignores below "S110", From 5a58856e6ac511190f3b68cf7a82e7663dfd394c Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 11:57:00 -0600 Subject: [PATCH 02/13] . --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 405b3fdb..b8a41e20 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -309,7 +309,7 @@ extend-ignore = [ "TRY201", "TRY300", "TRY301", - "PYI024", # PYI024 Use `typing.NamedTuple` instead of `collections.namedtuple + "PYI024", # PYI024 Use `typing.NamedTuple` instead of `collections.namedtuple personal preference ] [tool.ruff.lint.mccabe] From db2bcf6a61c1a2caff31cca5e0d747dbc712ae17 Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 11:59:45 -0600 Subject: [PATCH 03/13] . --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index b8a41e20..405b3fdb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -309,7 +309,7 @@ extend-ignore = [ "TRY201", "TRY300", "TRY301", - "PYI024", # PYI024 Use `typing.NamedTuple` instead of `collections.namedtuple personal preference + "PYI024", # PYI024 Use `typing.NamedTuple` instead of `collections.namedtuple ] [tool.ruff.lint.mccabe] From 3f586bd5b729492925f00809179301f18dc1f049 Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 12:08:20 -0600 Subject: [PATCH 04/13] Restrict --- .github/workflows/publish-testpypi.yml | 28 +++++++++++++++++--------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/.github/workflows/publish-testpypi.yml b/.github/workflows/publish-testpypi.yml index 41c2731b..30791190 100644 --- a/.github/workflows/publish-testpypi.yml +++ b/.github/workflows/publish-testpypi.yml @@ -1,31 +1,39 @@ name: Publish to TestPyPI - on: push: tags: - 'v*' - permissions: id-token: write contents: read - jobs: test: uses: ./.github/workflows/quality.yml - + publish: needs: test runs-on: ubuntu-latest if: startsWith(github.ref, 'refs/tags/v') - + environment: + name: pypi steps: + - name: Checkout to verify branch + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Check if tag is on release branch + run: | + if ! git branch -r --contains ${{ github.ref }} | grep -q 'origin/release'; then + echo "Tag is not on release branch" + exit 1 + fi + - name: Download distributions uses: actions/download-artifact@v4 with: name: distributions path: dist/ - - - name: Upload to TestPyPI - uses: pypa/gh-action-pypi-publish@release/v1 - with: - repository-url: https://test.pypi.org/legacy/ + + - name: Upload to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 \ No newline at end of file From 9ff738be4d67f9ae922ee74256f7559dddf3ac98 Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 12:09:02 -0600 Subject: [PATCH 05/13] . --- fluids/__init__.py | 2 +- pyproject.toml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/fluids/__init__.py b/fluids/__init__.py index 65056a4a..02352b5d 100644 --- a/fluids/__init__.py +++ b/fluids/__init__.py @@ -168,7 +168,7 @@ def all_submodules(with_numerics=True): return new_submodules -__version__ = "1.2.6" +__version__ = "1.2.7" try: fluids_dir = os.path.dirname(__file__) diff --git a/pyproject.toml b/pyproject.toml index 405b3fdb..e5083406 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ backend-path = ["_custom_build"] [project] name = "fluids" -version = "1.2.6" +version = "1.2.7" description = "Fluid dynamics component of Chemical Engineering Design Library (ChEDL)" readme = "README.rst" requires-python = ">=3.9" @@ -132,7 +132,7 @@ dev = [ [project.urls] Homepage = "https://github.com/CalebBell/fluids" -Download = "https://github.com/CalebBell/fluids/tarball/1.2.6" +Download = "https://github.com/CalebBell/fluids/tarball/1.2.7" [tool.setuptools] packages = ["fluids"] From aba00fc7dcd79c4cf1aa52114925d3d903d7fa4f Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 12:15:41 -0600 Subject: [PATCH 06/13] v1.2.8 --- .github/workflows/publish-testpypi.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish-testpypi.yml b/.github/workflows/publish-testpypi.yml index 30791190..90a892e3 100644 --- a/.github/workflows/publish-testpypi.yml +++ b/.github/workflows/publish-testpypi.yml @@ -36,4 +36,6 @@ jobs: path: dist/ - name: Upload to PyPI - uses: pypa/gh-action-pypi-publish@release/v1 \ No newline at end of file + uses: pypa/gh-action-pypi-publish@release/v1 + with: + repository-url: https://test.pypi.org/legacy/ \ No newline at end of file From dc77303da4e39a3a6bd367f2b318599421b75efc Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 12:32:30 -0600 Subject: [PATCH 07/13] Another shoul dnot release --- .github/workflows/publish-testpypi.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/publish-testpypi.yml b/.github/workflows/publish-testpypi.yml index 90a892e3..fe839cf3 100644 --- a/.github/workflows/publish-testpypi.yml +++ b/.github/workflows/publish-testpypi.yml @@ -22,12 +22,12 @@ jobs: with: fetch-depth: 0 - - name: Check if tag is on release branch - run: | - if ! git branch -r --contains ${{ github.ref }} | grep -q 'origin/release'; then - echo "Tag is not on release branch" - exit 1 - fi + # - name: Check if tag is on release branch + # run: | + # if ! git branch -r --contains ${{ github.ref }} | grep -q 'origin/release'; then + # echo "Tag is not on release branch" + # exit 1 + # fi - name: Download distributions uses: actions/download-artifact@v4 From 621237a5c5008d62e0e8065f8c2414d8c285afd1 Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 12:39:17 -0600 Subject: [PATCH 08/13] . --- .github/workflows/publish-testpypi.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-testpypi.yml b/.github/workflows/publish-testpypi.yml index fe839cf3..b331d60e 100644 --- a/.github/workflows/publish-testpypi.yml +++ b/.github/workflows/publish-testpypi.yml @@ -21,7 +21,7 @@ jobs: uses: actions/checkout@v4 with: fetch-depth: 0 - + # The release branch check can be added but it isn't security, it is just for user assistance # - name: Check if tag is on release branch # run: | # if ! git branch -r --contains ${{ github.ref }} | grep -q 'origin/release'; then From ef7888912c9138d638e9a9918808947cee024f7e Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 12:44:41 -0600 Subject: [PATCH 09/13] 1.2.9 test --- .github/workflows/publish-testpypi.yml | 14 +------------- fluids/__init__.py | 2 +- pyproject.toml | 4 ++-- 3 files changed, 4 insertions(+), 16 deletions(-) diff --git a/.github/workflows/publish-testpypi.yml b/.github/workflows/publish-testpypi.yml index b331d60e..57a6c83b 100644 --- a/.github/workflows/publish-testpypi.yml +++ b/.github/workflows/publish-testpypi.yml @@ -16,19 +16,7 @@ jobs: if: startsWith(github.ref, 'refs/tags/v') environment: name: pypi - steps: - - name: Checkout to verify branch - uses: actions/checkout@v4 - with: - fetch-depth: 0 - # The release branch check can be added but it isn't security, it is just for user assistance - # - name: Check if tag is on release branch - # run: | - # if ! git branch -r --contains ${{ github.ref }} | grep -q 'origin/release'; then - # echo "Tag is not on release branch" - # exit 1 - # fi - + steps: - name: Download distributions uses: actions/download-artifact@v4 with: diff --git a/fluids/__init__.py b/fluids/__init__.py index 02352b5d..58e55ce5 100644 --- a/fluids/__init__.py +++ b/fluids/__init__.py @@ -168,7 +168,7 @@ def all_submodules(with_numerics=True): return new_submodules -__version__ = "1.2.7" +__version__ = "1.2.9" try: fluids_dir = os.path.dirname(__file__) diff --git a/pyproject.toml b/pyproject.toml index e5083406..6a9d4734 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ backend-path = ["_custom_build"] [project] name = "fluids" -version = "1.2.7" +version = "1.2.9" description = "Fluid dynamics component of Chemical Engineering Design Library (ChEDL)" readme = "README.rst" requires-python = ">=3.9" @@ -132,7 +132,7 @@ dev = [ [project.urls] Homepage = "https://github.com/CalebBell/fluids" -Download = "https://github.com/CalebBell/fluids/tarball/1.2.7" +Download = "https://github.com/CalebBell/fluids/tarball/1.2.9" [tool.setuptools] packages = ["fluids"] From 1fc59196bcb012b50048bec4358f97a7dd52bc5c Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 14:35:13 -0600 Subject: [PATCH 10/13] 1.2.10 test --- .github/workflows/publish-testpypi.yml | 6 +++--- fluids/__init__.py | 2 +- pyproject.toml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/publish-testpypi.yml b/.github/workflows/publish-testpypi.yml index 57a6c83b..c71bd725 100644 --- a/.github/workflows/publish-testpypi.yml +++ b/.github/workflows/publish-testpypi.yml @@ -1,8 +1,8 @@ name: Publish to TestPyPI on: - push: - tags: - - 'v*' + release: + types: [published] + permissions: id-token: write contents: read diff --git a/fluids/__init__.py b/fluids/__init__.py index 58e55ce5..191ec2f6 100644 --- a/fluids/__init__.py +++ b/fluids/__init__.py @@ -168,7 +168,7 @@ def all_submodules(with_numerics=True): return new_submodules -__version__ = "1.2.9" +__version__ = "1.2.10" try: fluids_dir = os.path.dirname(__file__) diff --git a/pyproject.toml b/pyproject.toml index 6a9d4734..4f911d5c 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ backend-path = ["_custom_build"] [project] name = "fluids" -version = "1.2.9" +version = "1.2.10" description = "Fluid dynamics component of Chemical Engineering Design Library (ChEDL)" readme = "README.rst" requires-python = ">=3.9" @@ -132,7 +132,7 @@ dev = [ [project.urls] Homepage = "https://github.com/CalebBell/fluids" -Download = "https://github.com/CalebBell/fluids/tarball/1.2.9" +Download = "https://github.com/CalebBell/fluids/tarball/1.2.10" [tool.setuptools] packages = ["fluids"] From 28631aeec0404c2ffe2cad5be72cb278e8b3e0fb Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 14:52:41 -0600 Subject: [PATCH 11/13] bump --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 4f911d5c..e4ad499e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -309,7 +309,7 @@ extend-ignore = [ "TRY201", "TRY300", "TRY301", - "PYI024", # PYI024 Use `typing.NamedTuple` instead of `collections.namedtuple + "PYI024", # PYI024 Use `typing.NamedTuple` instead of `collections.namedtuple - personal preference ] [tool.ruff.lint.mccabe] From ed589d791fe569a26103211b0403488310574f3e Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 15:17:33 -0600 Subject: [PATCH 12/13] Very painful process --- .github/workflows/publish-testpypi.yml | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish-testpypi.yml b/.github/workflows/publish-testpypi.yml index c71bd725..8a2b5d47 100644 --- a/.github/workflows/publish-testpypi.yml +++ b/.github/workflows/publish-testpypi.yml @@ -11,12 +11,36 @@ jobs: uses: ./.github/workflows/quality.yml publish: + # This job publishes to TestPyPI when a GitHub release is created with a tag starting with 'v' on the release branch. + # + # Requirements: + # - Repository admin must create a release with a tag starting with 'v' (e.g., v1.2.3) + # - The tag must be created on the 'release' branch + # - The release branch is protected by rulesets requiring all changes go through PR review + # + # Security notes: + # - The tag and branch checks in this job are soft checks (can be bypassed by modifying workflow) + # - Real security enforcement comes from the 'pypi' environment which requires manual approval by org admin + # - This provides a final gate before any code is published to TestPyPI needs: test runs-on: ubuntu-latest if: startsWith(github.ref, 'refs/tags/v') environment: name: pypi - steps: + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 # Need full history to check branch ancestry + + - name: Check if tag is on release branch + run: | + if ! git branch -r --contains ${{ github.ref }} | grep -q 'origin/release'; then + echo "Error: Tag is not on release branch" + exit 1 + fi + echo "Tag verified to be on release branch" + - name: Download distributions uses: actions/download-artifact@v4 with: From 65f15b9d0eda09c07d86cd875797a1ab5f04a991 Mon Sep 17 00:00:00 2001 From: Caleb Bell Date: Sat, 25 Oct 2025 15:53:46 -0600 Subject: [PATCH 13/13] 1.3.0 attemped direct release to pypi --- ...{publish-testpypi.yml => publish-pypi.yml} | 10 +++--- changelog.md | 36 +++++++++++++++++++ fluids/__init__.py | 2 +- pyproject.toml | 4 +-- 4 files changed, 43 insertions(+), 9 deletions(-) rename .github/workflows/{publish-testpypi.yml => publish-pypi.yml} (83%) diff --git a/.github/workflows/publish-testpypi.yml b/.github/workflows/publish-pypi.yml similarity index 83% rename from .github/workflows/publish-testpypi.yml rename to .github/workflows/publish-pypi.yml index 8a2b5d47..a305f1db 100644 --- a/.github/workflows/publish-testpypi.yml +++ b/.github/workflows/publish-pypi.yml @@ -1,4 +1,4 @@ -name: Publish to TestPyPI +name: Publish to PyPI on: release: types: [published] @@ -11,7 +11,7 @@ jobs: uses: ./.github/workflows/quality.yml publish: - # This job publishes to TestPyPI when a GitHub release is created with a tag starting with 'v' on the release branch. + # This job publishes to PyPI when a GitHub release is created with a tag starting with 'v' on the release branch. # # Requirements: # - Repository admin must create a release with a tag starting with 'v' (e.g., v1.2.3) @@ -21,7 +21,7 @@ jobs: # Security notes: # - The tag and branch checks in this job are soft checks (can be bypassed by modifying workflow) # - Real security enforcement comes from the 'pypi' environment which requires manual approval by org admin - # - This provides a final gate before any code is published to TestPyPI + # - This provides a final gate before any code is published to PyPI needs: test runs-on: ubuntu-latest if: startsWith(github.ref, 'refs/tags/v') @@ -48,6 +48,4 @@ jobs: path: dist/ - name: Upload to PyPI - uses: pypa/gh-action-pypi-publish@release/v1 - with: - repository-url: https://test.pypi.org/legacy/ \ No newline at end of file + uses: pypa/gh-action-pypi-publish@release/v1 \ No newline at end of file diff --git a/changelog.md b/changelog.md index aaa4dc08..6072a06e 100644 --- a/changelog.md +++ b/changelog.md @@ -2,6 +2,42 @@ ## [Unreleased] +## [1.3.0] - 2025-10-25 + +### Added + +- Project is now PEP 517 compliant and doesn't use deprecated setup.py commands anymore +- GitHub Actions workflow for publishing to PyPI using environment protection +- `uv` package manager integration across CI workflows for faster dependency resolution +- New consolidated `quality.yml` workflow for linting and testing +- New `build_third_party_packagers.yml` workflow consolidating cx_Freeze, PyInstaller, Nuitka, and py2exe testing +- Pre-commit hooks configuration +- Justfile with extensive development automation commands - github actions have been refactored use this where possible, making them locally debuggable + +### Changed + +- **Breaking**: Dropped Python 3.8 support; minimum Python version is now 3.9 +- Migrated from setup.py to pyproject.toml-only configuration (PEP 517) +- Consolidated multiarch CI workflows with reduced test matrix for improved performance +- Simplified third-party packager testing into single consolidated workflow +- Moved coverage configuration from .coveragerc to pyproject.toml +- Moved pytest configuration from pytest.ini to pyproject.toml +- Moved mypy configuration from mypy.ini to pyproject.toml +- Moved Ruff configuration from .ruff.toml to pyproject.toml +- Reorganized development requirements into pyproject.toml optional dependencies + +### Removed + +- Removed setup.py (replaced by pyproject.toml) +- Removed standalone configuration files: .coveragerc, pytest.ini, mypy.ini, .ruff.toml +- Removed separate workflow files: build_cxfreeze_library.yml, build_nuitka_library.yml, build_py2exe_library.yml, build_pyinstaller_library.yml +- Removed pre-commit.yml and security.yml workflows (consolidated into quality.yml) +- Removed separate requirements files (test, docs, multiarch) - now in pyproject.toml + +### Security + +- Implemented PyPI publishing workflow with manual approval gate + ## [1.2.0] - 2025-10-19 ### Added diff --git a/fluids/__init__.py b/fluids/__init__.py index 191ec2f6..642f1b7d 100644 --- a/fluids/__init__.py +++ b/fluids/__init__.py @@ -168,7 +168,7 @@ def all_submodules(with_numerics=True): return new_submodules -__version__ = "1.2.10" +__version__ = "1.3.0" try: fluids_dir = os.path.dirname(__file__) diff --git a/pyproject.toml b/pyproject.toml index e4ad499e..88f8a1dc 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ backend-path = ["_custom_build"] [project] name = "fluids" -version = "1.2.10" +version = "1.3.0" description = "Fluid dynamics component of Chemical Engineering Design Library (ChEDL)" readme = "README.rst" requires-python = ">=3.9" @@ -132,7 +132,7 @@ dev = [ [project.urls] Homepage = "https://github.com/CalebBell/fluids" -Download = "https://github.com/CalebBell/fluids/tarball/1.2.10" +Download = "https://github.com/CalebBell/fluids/tarball/1.3.0" [tool.setuptools] packages = ["fluids"]