Fast-forward cookiecutter (#407)

### What kind of change does this PR introduce? * Updates the template to the latest commit * GitHub Workflows now point to commits rather than tags * Dependabot will now only update on a monthly schedule * Dependencies have been updated and synchronized * `CODE_OF_CONDUCT.rst` file adapted to Contributor Covenant v2.1 ### Does this PR introduce a breaking change? Yes. * `CHANGES.rst` is now `CHANGELOG.rst` * The package now uses a `src` layout in lieu of a `flat` layout * Maintainer-specific directions are now found under `releasing.rst` > [!WARNING] > The changes to the package structure requires you to fully reinstall the library using `pip install -e .` > This is almost like installing a brand new library, except it's > virtually the same. ### Other information: https://packaging.python.org/en/latest/discussions/src-layout-vs-flat-layout/ https://keepachangelog.com/en/1.0.0/
Ouranosinc · May 23, 2024 · c676856 · c676856
2 parents 24a42fa + dc8bf59
commit c676856
Show file tree

Hide file tree

Showing 63 changed files with 457 additions and 284 deletions.
diff --git a/.cruft.json b/.cruft.json
@@ -1,6 +1,6 @@
 {
   "template": "/home/tjs/git/cookiecutter-pypackage",
-  "commit": "f391bbd6ee14ab2478c64a1f78b74bd9903cae81",
+  "commit": "f9e0b049711af2023e9a3f5df594f4dbc25b07c1",
   "checkout": null,
   "context": {
     "cookiecutter": {
@@ -22,6 +22,7 @@
       "create_author_file": "y",
       "open_source_license": "Not open source",
       "generated_with_cruft": "y",
+      "__gh_slug": "https://github.com/Ouranosinc/xscen",
       "_template": "/home/tjs/git/cookiecutter-pypackage"
     }
   },

diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -6,7 +6,7 @@
 - [ ] (If applicable) Documentation has been added / updated (for bug fixes / features).
 - [ ] (If applicable) Tests have been added.
 - [ ] This PR does not seem to break the templates.
-- [ ] CHANGES.rst has been updated (with summary of main changes).
+- [ ] CHANGELOG.rst has been updated (with summary of main changes).
   - [ ] Link to issue (:issue:`number`) and pull request (:pull:`number`) has been added.
 
 ### What kind of change does this PR introduce?

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -3,13 +3,11 @@ updates:
   - package-ecosystem: github-actions
     directory: /
     schedule:
-      interval: daily
-      time: '12:00'
+      interval: monthly
     open-pull-requests-limit: 10
 
   - package-ecosystem: pip
     directory: /
     schedule:
-      interval: daily
-      time: '12:00'
+      interval: monthly
     open-pull-requests-limit: 10
diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml
@@ -21,7 +21,7 @@ on:
       - .secrets.baseline
       - .yamllint.yaml
       - AUTHORS.rst
-      - CHANGES.rst
+      - CHANGELOG.rst
       - CONTRIBUTING.rst
       - MANIFEST.in
       - Makefile
@@ -33,10 +33,10 @@ on:
       - environment.yml
       - pyproject.toml
       - setup.py
+      - src/xscen/__init__.py
       - templates
       - tests/*.py
       - tox.ini
-      - xscen/__init__.py
 
 permissions:
   contents: read
@@ -58,10 +58,13 @@ jobs:
             files.pythonhosted.org:443
             github.com:443
             pypi.org:443
-      - uses: actions/[email protected]
+      - name: Checkout Repository (no persist-credentials)
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
         with:
           persist-credentials: false
-      - uses: actions/[email protected]
+          fetch-depth: 0
+      - name: Set up Python3
+        uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
         with:
           python-version: "3.x"
       - name: Config Commit Bot
@@ -74,7 +77,7 @@ jobs:
       - name: Current Version
         run: |
           bump-my-version show current_version
-          CURRENT_VERSION="$(grep -E '__version__' xscen/__init__.py | cut -d ' ' -f3)"
+          CURRENT_VERSION="$(grep -E '__version__' src/xscen/__init__.py | cut -d ' ' -f3)"
           echo "CURRENT_VERSION=${CURRENT_VERSION}" >> $GITHUB_ENV
       - name: Conditional Bump Version
         run: |
@@ -87,7 +90,7 @@ jobs:
           fi
           bump-my-version show-bump
       - name: Push Changes
-        uses: ad-m/[email protected]
+        uses: ad-m/github-push-action@d91a481090679876dfc4178fef17f286781251df # v0.8.0
         with:
           force: false
           github_token: ${{ secrets.BUMP_VERSION_TOKEN }}

diff --git a/.github/workflows/cache-cleaner.yml b/.github/workflows/cache-cleaner.yml
@@ -25,7 +25,8 @@ jobs:
             github.com:443
             objects.githubusercontent.com:443
 
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
 
       - name: Cleanup
         run: |

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -25,8 +25,8 @@ jobs:
             api.github.com:443
             github.com:443
 
-      - name: 'Checkout Repository'
+      - name: Checkout Repository
         uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
 
-      - name: 'Dependency Review'
-        uses: actions/dependency-review-action@0659a74c94536054bfa5aeb92241f70d680cc78e
+      - name: Dependency Review
+        uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2
diff --git a/.github/workflows/first-pull-request.yml b/.github/workflows/first-pull-request.yml
@@ -24,7 +24,8 @@ jobs:
           allowed-endpoints: >
             api.github.com:443
 
-      - uses: actions/[email protected]
+      - name: Verify Pull Request Opener
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         with:
           script: |
             // Get a list of all issues created by the PR opener

diff --git a/.github/workflows/label.yml b/.github/workflows/label.yml
@@ -31,6 +31,7 @@ jobs:
           allowed-endpoints: >
             api.github.com:44
 
-      - uses: actions/[email protected]
+      - name: Label Pull Request
+        uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0
         with:
           repo-token: "${{ secrets.GITHUB_TOKEN }}"
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -6,7 +6,7 @@ on:
       - main
     paths-ignore:
       - .cruft.json
-      - CHANGES.rst
+      - CHANGELOG.rst
       - README.rst
       - pyproject.toml
       - setup.cfg
@@ -40,10 +40,12 @@ jobs:
             files.pythonhosted.org:443
             github.com:443
             pypi.org:443
-      - uses: actions/[email protected]
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+      - name: Setup Python${{ matrix.python-version }}
+        uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
         with:
-          python-version: "3.x"
+          python-version: ${{ matrix.python-version }}
       - name: Install tox
         run: |
           python -m pip install tox
@@ -78,17 +80,22 @@ jobs:
         uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           egress-policy: audit
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
       - name: Setup Conda (Micromamba) with Python ${{ matrix.python-version }}
-        uses: mamba-org/[email protected]
+        uses: mamba-org/setup-micromamba@422500192359a097648154e8db4e39bdb6c6eed7 # v1.8.1
         with:
           cache-downloads: true
           environment-name: xscen-pypi
           create-args: >-
             esmf=${{ env.esmf-version }}
             mamba
             python=${{ matrix.python-version }}
+            babel
             tox
+      - name: Compile catalogs
+        run: |
+          make translate
       - name: Test with tox
         run: |
           python -m tox -e ${{ matrix.tox-build }}
@@ -142,9 +149,10 @@ jobs:
         uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           egress-policy: audit
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
       - name: Setup Conda (Micromamba) with Python ${{ matrix.python-version }}
-        uses: mamba-org/[email protected]
+        uses: mamba-org/setup-micromamba@422500192359a097648154e8db4e39bdb6c6eed7 # v1.8.1
         with:
           cache-downloads: true
           cache-environment: true

diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml
@@ -27,9 +27,10 @@ jobs:
             github.com:443
             pypi.org:443
             upload.pypi.org:443
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
       - name: Set up Python3
-        uses: actions/[email protected]
+        uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
         with:
           python-version: "3.x"
       - name: Install packaging libraries
@@ -40,4 +41,4 @@ jobs:
           make translate
           python -m build --sdist --wheel
       - name: Publish distribution 📦 to PyPI
-        uses: pypa/[email protected]
+        uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14
diff --git a/.github/workflows/remove-obsolete-cache.yml b/.github/workflows/remove-obsolete-cache.yml
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -36,20 +36,23 @@ jobs:
           allowed-endpoints: >
             api.github.com:443
             api.osv.dev:443
+            api.scorecard.dev:443
             api.securityscorecards.dev:443
             fulcio.sigstore.dev:443
             github.com:443
+            index.docker.io:443
             oss-fuzz-build-logs.storage.googleapis.com:443
             rekor.sigstore.dev:443
             tuf-repo-cdn.sigstore.dev:443
             www.bestpractices.dev:443
 
-      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
+      - name: Checkout Repository
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
         with:
           persist-credentials: false
 
       - name: Run analysis
-        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534
+        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
         with:
           results_file: results.sarif
           results_format: sarif
@@ -69,14 +72,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: Upload artifact
-        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118  # 3.23.0
+        uses: github/codeql-action/upload-sarif@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # 3.25.5
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/tag-testpypi.yml b/.github/workflows/tag-testpypi.yml
@@ -23,7 +23,7 @@ jobs:
       - name: Checkout code
         uses: actions/[email protected]
       - name: Create Release
-        uses: softprops/action-gh-release@v2
+        uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # 2.0.5
         env:
           # This token is provided by Actions, you do not need to create your own token
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -51,9 +51,10 @@ jobs:
             github.com:443
             pypi.org:443
             test.pypi.org:443
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
       - name: Set up Python3
-        uses: actions/[email protected]
+        uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
         with:
           python-version: "3.x"
       - name: Install packaging libraries
@@ -64,7 +65,7 @@ jobs:
           make translate
           python -m build --sdist --wheel
       - name: Publish distribution 📦 to Test PyPI
-        uses: pypa/[email protected]
+        uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14
         with:
           repository-url: https://test.pypi.org/legacy/
           skip-existing: true
diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml
@@ -5,7 +5,7 @@ on:
       - main
     paths-ignore:
       - .cruft.json
-      - CHANGES.rst
+      - CHANGELOG.rst
       - README.rst
       - pyproject.toml
       - setup.cfg

diff --git a/.gitignore b/.gitignore
@@ -87,6 +87,9 @@ target/
 # Jupyter Notebook
 .ipynb_checkpoints
 
+# Dask worker cache
+dask-worker-space/
+
 # pyenv
 .python-version