build(deps): bump actions/setup-python from 5 to 6#3
Closed
dependabot[bot] wants to merge 16 commits into
Closed
Conversation
- MIT license with pgpkg contributors attribution - CONTRIBUTING.md covering dev setup, pre-commit, running tests, and PR flow - .dockerignore to keep images lean (excludes .venv, dist, site, tests)
Add entries for: .venv variants, ruff/mypy/pytype caches, htmlcov, dist/, build/, site/, .mkdocs_cache/, *.whl, pip-wheel-metadata/, .idea/, .DS_Store, and project-local setup guides
tracking.py: rewrite tracking_ddl(), current_version(), and record_applied() to use sql.SQL().format() with sql.Identifier() for every dynamic schema and table reference — no bare f-strings in SQL. api.py: apply the same fix to _read_live_version_safe(), which previously used an f-string to embed config.tracking_schema and config.tracking_table directly in the SELECT query. Also register an atexit handler in _config_and_catalog_from_artifact() to clean up the temporary directory created during artifact expansion.
catalog: guard against duplicate edges and self-loop incrementals; tighten iteration to skip non-SQL files explicitly. executor: propagate autocommit guard earlier; clarify bootstrap vs incremental skip logic with inline comment. planner: add deterministic tie-breaking to Dijkstra heap entries; rename internal variable for clarity. config: validate tracking schema/table values are non-empty strings; move circular-import guard comment to the import itself. artifact: strengthen integrity check error messages with artifact path context; add missing newline normalisation to pre/post concatenation.
- info: add --json flag for machine-readable project metadata output - bundle: new command wrapping build_artifact for raw tar.zst output - verify, graph, plan: wire up _cmd_* handlers that were defined but previously disconnected from _dispatch - wheel: default --cli-name to '<project>-migrator' when not supplied - general: use _highest_released helper for makemigration defaults
Pass --out-dir dist to uv build in: - the README template emitted by scaffold_wrapper() - examples/sample_wrapper/README.md Update sample_wrapper __init__.py and cli.py to match the template output from wrapper.py (add missing __future__ annotations import).
py.typed: create empty PEP 561 marker and force-include it in the hatchling wheel target so the 'Typing :: Typed' classifier holds. pyproject.toml: - dynamic = ["version"] with [tool.hatch.version] path so __version__ in __init__.py is the single source of truth - full classifiers, keywords, license-files, and authors block - optional-dependencies: diff extra (results), dev group with pre-commit, pytest, ruff, ty, mkdocs-material, twine, testcontainers - [tool.ruff], [tool.ruff.lint], [tool.ruff.format] sections - [tool.pytest.ini_options] with strict markers and -ra - [tool.coverage.run/report] for branch coverage - [tool.ty.environment] pinned to python 3.11 - sdist includes: remove PROJECT_PLAN.md (gitignored dev artefact)
Hooks: - pre-commit-hooks v5.0.0: check-merge-conflict, check-yaml (--unsafe - local ruff check --fix and ruff format for Python/pyi files - local ty check src tests (pass_filenames: false for whole-project check)
conftest.py: - import SkipTest from unittest (not pytest) to satisfy ty and B904 - staged_project fixture: create a hand-crafted 0.1.0->0.2.0 incremental so graph/plan tests don't require results to be installed unit/test_versioning.py: use sorted(..., key=version_sort_key) instead of pairwise < comparison to avoid None comparisons with ty. unit/test_cli.py: add test_info_json (validates --json output parses as valid JSON with expected keys), test_versions_with_staged (ensures both versions appear), test_bundle_command (produces a non-empty artifact). unit/test_config.py, test_staging.py: align assertions with current module behaviour after the config/staging refactors. integration/test_tracking.py: add None-check on fetchone() result in test_ensure_tracking_idempotent to satisfy ty.
cli.md: document all commands including info, versions, graph, plan, verify, and bundle which were missing from the initial draft. index.md: add bundle to the feature bullet list. quickstart.md, wrapper.md: correct uv build invocation to use --out-dir dist so artifacts land in the local dist/ directory.
The docs-pages CI workflow injects:
PGPKG_REPO_URL = ${{ github.server_url }}/${{ github.repository }}
PGPKG_SITE_URL = ${{ steps.pages.outputs.base_url }}
Local builds (and the CI validation build) use the empty-string defaults,
which is valid and does not trigger a --strict warning.
- Add pip/uv install snippet - Document the sql/ layout convention and stageversion/makemigration workflow - List all CLI commands including bundle and verify - Add Python API one-liner example - Note the diff extra dependency for makemigration/verify
ci.yml — three jobs on every push/PR:
quality: pre-commit + ty on Python 3.13
unit: pytest tests/unit on matrix 3.11/3.12/3.13
integration-build-docs: integration tests, uv build, twine check,
mkdocs build --strict, upload dist/ artifact
Uses astral-sh/setup-uv@v5 with caching throughout.
publish-pypi.yml — OIDC trusted publishing to TestPyPI and PyPI:
Triggered on GitHub release (publishes to PyPI) or manual
workflow_dispatch with repository choice (testpypi | pypi).
No API tokens required — uses pypa/gh-action-pypi-publish@release/v1.
docs-pages.yml — MkDocs → GitHub Pages on push to main/master:
Injects PGPKG_REPO_URL and PGPKG_SITE_URL from GitHub context so the
Deploy job runs on both main and master branches.
dependabot.yml — weekly updates for github-actions and pip deps
(grouped as python-dependencies).
These files are local-only development artefacts and should never be published to GitHub. Adding them to .gitignore and removing PROJECT_PLAN.md from git tracking.
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5 to 6. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5...v6) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
Bot
deleted the
dependabot/github_actions/actions/setup-python-6
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps actions/setup-python from 5 to 6.
Release notes
Sourced from actions/setup-python's releases.
... (truncated)
Commits
a309ff8Bump urllib3 from 2.6.0 to 2.6.3 in /tests/data (#1264)bfe8cc5Upgrade@actionsdependencies to Node 24 compatible versions (#1259)4f41a90Bump urllib3 from 2.5.0 to 2.6.0 in /tests/data (#1253)83679a8Bump@types/nodefrom 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel ...bfc4944Bump prettier from 3.5.3 to 3.6.2 (#1234)97aeb3eBump requests from 2.32.2 to 2.32.4 in /tests/data (#1130)443da59Bump actions/publish-action from 0.3.0 to 0.4.0 & Documentation update for pi...cfd55cagraalpy: add graalpy early-access and windows builds (#880)bba65e5Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md (#1094)18566f8Improve wording and "fix example" (remove 3.13) on testing against pre-releas...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)