Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Deptry, split dev into dev and docs recipes, address bandit security issues #1806

Merged
merged 17 commits into from
Jun 27, 2024
Merged

Add Deptry, split dev into dev and docs recipes, address bandit security issues #1806

merged 17 commits into from
Jun 27, 2024

Conversation

Zeitsperre
Copy link
Collaborator

@Zeitsperre Zeitsperre commented Jun 26, 2024
edited
Loading

Pull Request Checklist:

  • This PR addresses an already opened issue (for bug fixes / features)
    • This PR fixes #xyz
  • Tests for the changes have been added (for bug fixes / features)
    • (If applicable) Documentation has been added / updated (for bug fixes / features)
  • CHANGES.rst has been updated (with summary of main changes)
    • Link to issue (:issue:number) and pull request (:pull:number) has been added

What kind of change does this PR introduce?

  • Adds the deptry package to the linters for performing dependency analyses (unused or missing)
  • Pinned a few linting dependencies
  • Splits the dev dependencies into dev and docs (both can be installed with all)
  • Enables flake8-bandit like checks in ruff, fixes a few security-related checks
  • xclim.testing.utils now have more secure URL auditing checks

Does this PR introduce a breaking change?

Yes, a new dependency has been added (deptry).

Also, xclim no longer bundles the documentation dependencies with the dev recipe. Splitting this reduces the number of dependencies needed to run the tests and also helps us know which dependencies are needed and where (determined with the aid of deptry).

Other information:

https://deptry.com/
https://docs.astral.sh/ruff/rules/#flake8-bandit-s

@Zeitsperre Zeitsperre requested a review from aulemahal June 26, 2024 17:33
@Zeitsperre Zeitsperre self-assigned this Jun 26, 2024
@github-actions github-actions bot added information For development/intsructional purposes sdba Issues concerning the sdba submodule. CI Automation and Contiunous Integration API Interfacing and User Concerns docs Improvements to documenation indicators Climate indices and indicators labels Jun 26, 2024
@Zeitsperre Zeitsperre marked this pull request as ready for review June 26, 2024 19:43
aulemahal
aulemahal requested changes Jun 26, 2024
View reviewed changes
Copy link
Collaborator

@aulemahal aulemahal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The meta changes look good, as far as I understand, thanks!

However, I think the change in convert_units_to is to strict. It would yield incomprehensible error messages to the user.

CHANGES.rst Outdated Show resolved Hide resolved
xclim/core/units.py Outdated Show resolved Hide resolved
@Zeitsperre Zeitsperre requested a review from aulemahal June 27, 2024 18:28
aulemahal
aulemahal reviewed Jun 27, 2024
View reviewed changes
xclim/core/units.py Outdated Show resolved Hide resolved
aulemahal
aulemahal approved these changes Jun 27, 2024
View reviewed changes
Copy link
Collaborator

@aulemahal aulemahal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A suggestion to make the error message even more explicit, but otherwise, this is good to go!

@github-actions github-actions bot added the approved Approved for additional tests label Jun 27, 2024
@coveralls
Copy link

Coverage Status

coverage: 90.649% (+0.05%) from 90.595%
when pulling 8c83c69 on deptry
into a375d78 on main.

@coveralls
Copy link

Coverage Status

coverage: 90.639% (+0.04%) from 90.595%
when pulling 59fa5c1 on deptry
into a375d78 on main.

@coveralls
Copy link

Coverage Status

coverage: 90.649% (+0.05%) from 90.595%
when pulling a2d84f1 on deptry
into e8d2f36 on main.

@coveralls
Copy link

Coverage Status

coverage: 90.649% (+0.05%) from 90.595%
when pulling 87f35da on deptry
into 23fd681 on main.

@Zeitsperre Zeitsperre merged commit 4df240c into main Jun 27, 2024
19 checks passed
@Zeitsperre Zeitsperre deleted the deptry branch June 27, 2024 20:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aulemahal aulemahal aulemahal approved these changes

Assignees

@Zeitsperre Zeitsperre

Labels
API Interfacing and User Concerns approved Approved for additional tests CI Automation and Contiunous Integration docs Improvements to documenation indicators Climate indices and indicators information For development/intsructional purposes sdba Issues concerning the sdba submodule.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Zeitsperre @coveralls @aulemahal