Modernise packaging configuration #1626
Conversation
Pull Request Test Coverage Report for Build 1361060748Warning: This coverage report may be inaccurate.This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.
Details
💛 - Coveralls |
joshuagl
force-pushed
the
joshuagl/build
branch
from
e2c5f1c
to
92174b6
Compare
|
oops, with-sslib-master uses python3.x and failure means whole build failure... and github seems to have switched to 3.10 by default. #1628 should fix the immediate issue I think having a build that uses default python is good, but whether with-sslib-master should break build is debatable |
This is the PyPA recommend tool for building Python packages: https://packaging.python.org/guides/distributing-packages-using-setuptools/ Furthermore, direct invocation of setup.py is long ago deprecated: https://blog.ganssle.io/articles/2021/10/setup-py-deprecated.html Signed-off-by: Joshua Lock <jlock@vmware.com>
build, twine and wheel packages should all be installed in order to be able to build and release python-tuf -- add those dependencies to requirements-dev.txt Signed-off-by: Joshua Lock <jlock@vmware.com>
* List license files in a new metadata section * Remove .travis.yml from check-manifest section's ignore entry Signed-off-by: Joshua Lock <jlock@vmware.com>
Signed-off-by: Joshua Lock <jlock@vmware.com>
Update the MANIFEST.in to be explicit about what we choose to ship in our sdist. This _does not_ result in any additional files being included in our sdist, but does remove warnings from build. Signed-off-by: Joshua Lock <jlock@vmware.com>
Invoking setup.py directly is deprecated, see: https://blog.ganssle.io/articles/2021/10/setup-py-deprecated.html Therefore: * remove the executable bit from setup.py's permissions * remove the shebang entry from setup.py * update the comments in setup.py to recommend using build to create dists and pip to install them Signed-off-by: Joshua Lock <jlock@vmware.com>
Add a 'Documentation' entry to project_urls pointing to our stable docs on readthedocs.io. This will result in a 'Documentation' entry under the 'Project links' section on PyPI. Signed-off-by: Joshua Lock <jlock@vmware.com>
This is preferred and removes the crutch of invoking setup.py as a CLI tool for building dists. Signed-off-by: Joshua Lock <jlock@vmware.com>
We now use a static setup.cfg instead, update __init__.py and docs/RELEASE.md to point there. Signed-off-by: Joshua Lock <jlock@vmware.com>
Signed-off-by: Joshua Lock <jlock@vmware.com>
Per PEP 517 the pyproject.toml file lists tools required when building the project with build: https://pypa-build.readthedocs.io/en/stable/index.html Signed-off-by: Joshua Lock <jlock@vmware.com>
Signed-off-by: Joshua Lock <jlock@vmware.com>
Our sdist has typically included everything from git apart from the CI related files (.github/*, .fossa.yml, .readthedocs.yaml). Update our MANIFEST.in and the check-manifest section of setup.cfg to be explicit about this. Signed-off-by: Joshua Lock <jlock@vmware.com>
joshuagl
force-pushed
the
joshuagl/build
branch
from
65be022
to
de1a3af
Compare
There was a problem hiding this comment.
The changes look good but there was one caveat that we've discussed in the initial issue related to editable installs (#1161 (comment)).
Unless it was resolved by now keeping a minimal setup.py may still be needed.
|
Thanks for the review! I think that the issue was resolved. With pip 21.2.4 here I can |
Got it, my pip version seems to be older! |
setup.py was removed in favor of setup.cfg in theupdateframework#1626 and re-added later in theupdateframework#1832 to work around a Dependabot issue theupdateframework#1828. This issue seems to have been fixed upstream in dependabot/dependabot-core#5392. Fixes theupdateframework#2089 Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Please fill in the fields below to submit a pull request. The more information
that is provided, the better.
Fixes #1161
A grab-bag of modernisation in our packaging
Description of the changes being introduced by the pull request:
buildtool (addspyproject.toml)setup.pycompletely)Note: our sdist is effectively everything except the very few CI related files (.github/*, .fossa.yml, .readthedocs.yaml) – we could prune this back to be only the source we need to produce the wheel, but that is probably later work after we've cleaned up the documentation we keep in the repo (see #808)
Please verify and check that the pull request fulfills the following
requirements: