-
Notifications
You must be signed in to change notification settings - Fork 2
/
pyproject.toml
111 lines (99 loc) · 3.32 KB
/
pyproject.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
[project]
name = "pypi-attestations"
dynamic = ["version"]
description = "A library to convert between Sigstore Bundles and PEP-740 Attestation objects"
readme = "README.md"
license = { file = "LICENSE" }
authors = [{ name = "Trail of Bits", email = "opensource@trailofbits.com" }]
classifiers = [
"Programming Language :: Python :: 3",
"License :: OSI Approved :: Apache Software License",
]
dependencies = [
"cryptography",
"packaging",
"pyasn1 ~= 0.6",
"pydantic >= 2.10.0",
"sigstore >= 3.5.3, < 3.7",
"sigstore-protobuf-specs",
]
requires-python = ">=3.9"
[tool.setuptools.dynamic]
version = { attr = "pypi_attestations.__version__" }
[project.optional-dependencies]
doc = ["pdoc"]
test = ["pytest", "pytest-cov", "pretend", "coverage[toml]"]
lint = [
# NOTE: ruff is under active development, so we pin conservatively here
# and let Dependabot periodically perform this update.
"ruff ~= 0.2",
"mypy >= 1.0",
"types-html5lib",
"types-requests",
"types-toml",
"interrogate",
# linting relies on test deps, since we also typecheck our test suite
"pypi-attestations[test]",
]
dev = ["pypi-attestations[doc,test,lint]", "build"]
[project.urls]
Homepage = "https://pypi.org/project/pypi-attestations"
Documentation = "https://trailofbits.github.io/pypi-attestations/"
Issues = "https://github.com/trailofbits/pypi-attestations/issues"
Source = "https://github.com/trailofbits/pypi-attestations"
[tool.flit.module]
name = "pypi_attestations"
[tool.coverage.run]
# don't attempt code coverage for the CLI entrypoints
omit = ["src/pypi_attestations/_cli.py", "src/pypi_attestations/__main__.py"]
[tool.mypy]
mypy_path = "src"
packages = "pypi_attestations"
plugins = ["pydantic.mypy"]
python_version = "3.9"
allow_redefinition = true
check_untyped_defs = true
disallow_incomplete_defs = true
disallow_untyped_defs = true
ignore_missing_imports = true
no_implicit_optional = true
show_error_codes = true
sqlite_cache = true
strict_equality = true
warn_no_return = true
warn_redundant_casts = true
warn_return_any = true
warn_unreachable = true
warn_unused_configs = true
warn_unused_ignores = true
[tool.ruff]
line-length = 100
target-version = "py39"
[tool.ruff.lint]
select = ["E", "F", "I", "W", "UP", "ANN", "D", "COM", "ISC", "TCH", "SLF"]
# ANN101 and ANN102 are deprecated
# D203 and D213 are incompatible with D211 and D212 respectively.
# COM812 and ISC001 can cause conflicts when using ruff as a formatter.
# See https://docs.astral.sh/ruff/formatter/#conflicting-lint-rules.
ignore = ["ANN101", "ANN102", "D203", "D213", "COM812", "ISC001"]
# Needed since Pydantic relies on runtime type annotations, and we target Python versions
# < 3.10. See https://docs.astral.sh/ruff/rules/non-pep604-annotation/#why-is-this-bad
pyupgrade.keep-runtime-typing = true
[tool.ruff.lint.per-file-ignores]
"test/**/*.py" = [
"D", # no docstrings in tests
"S101", # asserts are expected in tests
"SLF001", # private APIs are expected in tests
"ANN401", # dynamic types are OK in tests
]
[tool.interrogate]
# don't enforce documentation coverage for packaging, testing, the virtual
# environment, or the CLI (which is documented separately).
exclude = [
"env",
"test",
"src/pypi_attestations/_cli.py",
"src/pypi_attestations/__main__.py",
]
ignore-semiprivate = true
fail-under = 100