ozi-project / ozi Goto Github PK
View Code? Open in Web Editor NEWPython project packaging for Meson.
Home Page: https://oziproject.dev
License: Other
Python project packaging for Meson.
Home Page: https://oziproject.dev
License: Other
The lint checkpoint, and checkpoints in general, are to check that a project can be packaged, released, and published. Twine will fail to upload bad readme text and we should not be letting this happen.
This can't catch every issue see https://pypi.org/project/restructuredtext-lint/:
While a document may lint cleanly locally, there can be issues when submitted it to [PyPI](http://pypi.python.org/). Here are some common problems:
Usage of non-builtin lexers (e.g. bibtex) will pass locally but not be recognized/parsable on [PyPI](http://pypi.python.org/)
This is due to [PyPI](http://pypi.python.org/) not having a non-builtin lexer installed
Please avoid non-builtin lexers to avoid complications
For more information, see [#27](https://github.com/twolfson/restructuredtext-lint/issues/27)
Relative hyperlinks will not work (e.g. ./UNLICENSE)
According to Stack Overflow, hyperlinks must use a scheme (e.g. http, https) and that scheme must be whitelisted
http://stackoverflow.com/a/16594755
Please use absolute hyperlinks (e.g. https://github.com/twolfson/restructuredtext-lint/blob/master/UNLICENSE)
However, these are fair restrictions to have on a shared README file.
It takes over 300 seconds to run checkpoints per python version.
Describe the solution you'd like
Rewrite OZI-Project/checkpoint
and the corresponding template to use tox-gh
entrypoints as intended. That is, just running a single workflow job per Python version and running the default checkpoints. This will also entail adding some workflow output that is basically the tail of the meson test
output per checkpoint.
This is not merging due to style changes in black 24.1.0
Originally posted by @rjdbcm in #118 (comment)
OZI doesn't provide a Project-URL user input.
Add a --project-url
(Multiple use) argument to ozi-new
None
File __main__.py
has 578 lines of code (exceeds 250 allowed). Consider refactoring.
https://codeclimate.com/github/OZI-Project/OZI/ozi/fix/__main__.py#issue_659c1d6d26b87c0001000104
Config writing should never edit build folder files in place. This was discovered with StepSecurity.
OZI does not support Markdown in ozi-new project ...
Provide a Markdown README template and allow users to select the Description-Content-Type
with --description-content-type
where the default is text/x-rst
The alternative would be to not support Markdown, however, this would potentially decrease utility to end-users as Markdown project documentation is already commonplace.
It looks like we are waiting on the rust components of the toolchain to support CPython 3.13.
In dist:
pydantic-core - via python-semantic-release(dist:semantic-release)
In test:
crosshair-tool - via hypothesis(test:plugin-only:hypothesis)
There are also component utilities that depend on the pre-CPython 3.13 CFFI.
In lint:
cmarkgfm - via readme-renderer[md](lint:readme-renderer)
The Download-URL header in PKG-INFO is not provided by ozi-new
.
Add a --download-url
argument (single use).
Add a --ci-user
argument (single use) defaulting to the result of git config --get user.name
if --ci-provider=github
.
Add a project.ci_user dependent on project.ci_provider.
Add a Download-URL output dependent on project.ci_provider.
Add dependency on GitPython
Is your feature request related to a problem? Please describe.
ozi/templates/license/**
contains several duplicate license texts.
Describe the solution you'd like
I would like to have a collection of root license templates to extend as necessary.
Function walk_build_definition
has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring.
https://codeclimate.com/github/OZI-Project/OZI/ozi/fix/__main__.py#issue_659c1d6d26b87c0001000107
Function maintainer_email
has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
https://codeclimate.com/github/OZI-Project/OZI/ozi/new/__main__.py#issue_659c1d6d26b87c00010000ff
Is your feature request related to a problem? Please describe.
The PyPI version (0.2) of mesonpep517 has a number of issues.
Options don't pass through build
properly for one.
Describe the solution you'd like
Use our vendored version with a few fixes.
Alternatives to consider
Our Python distribution support keys are incorrect.
There is only ever a single bugfix release.
See: https://devguide.python.org/versions/ for more information.
security
to security2
bugfix2
to security1
bugfix1
to bugfix
security
to security2
bugfix2
to security1
bugfix1
to bugfix
security
to security2
bugfix2
to security1
bugfix1
to bugfix
security
to security2
bugfix2
to security1
bugfix1
to bugfix
security
to security2
bugfix2
to security1
bugfix1
to bugfix
Allow positional argument input to the meson setup step in OZI-Project/checkpoint.
This bug was introduced during a refactor of the main meson.build
and is a regression as it is not intended behavior.
File spec.py
has 760 lines of code (exceeds 250 allowed). Consider refactoring.
https://codeclimate.com/github/OZI-Project/OZI/ozi/spec.py#issue_659c1d6d26b87c00010000f5
Tracking issue for:
ozi-new
created projects with names like X.X*
, X-X*
or X_X*
completely breaks our wheel builds.
This issue is likely caused by mesonpep517 and demonstrated in our own OZI.build
and ozi-template
repos.
OZI drafts empty wheels without warning in a dirty repository or untagged commit.
python -m build -w
The above command creates a wheel with the correct version scheme in dist/
with the correct metadata, however, the package sources are totally absent. This is the exact command used in the default OZI continuous integration toolchain. It violates the principle of least surprise to not raise an error in this case.
I would like it if OZI's backend wheel entrypoint would fail with an error instead.
At minimum it should warn the user. I kind of like that any build has to be tagged as full release or prerelease to actually make something. The checkpoints run on a local version and then the commit gets tagged which lets the rest of the packaging stuff work as normal. It packages the binary as expected based on the local version source that got checkpointed and signed then the actual package is signed. It kind of scares me that it does feel somewhat arcane when running the same commands outside of a tagged commit just gives you an empty package.
Describe the bug
pyc_wheel
has an unfixed zipslip vulnerability.
We should vendor the fixed fork we maintain @OZI-Project/fork.
Describe the bug
Building an sdist in Github CI fails with various permissions issues due to the way we construct wheels. We need to update PKG-INFO for meson dist
based sdist build. I thought I would be able to fix this by merging PKG-INFO during the CI build but setuptools_scm still sees changes. I am currently considering that this might be due to the artifact folder not being included into .gitignore
.
Now, personally I am fine with defaulting to only wheel releases being published to PyPI as they are built from the git tag/release distribution. Therefore, I am creating this issue for posterity as I am satisfied with the state of OZI being a wheel-only platform.
Function walk_build_definition
has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring.
https://codeclimate.com/github/OZI-Project/OZI/ozi/fix/__main__.py#issue_659c1d6d26b87c0001000107
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.