merge main

.ci/Dockerfile

@@ -5,7 +5,7 @@ ARG HTTP_PROXY
 ARG HTTPS_PROXY
 ARG NO_PROXY
 
-FROM nvidia/cuda:11.4.3-devel-ubuntu20.04 AS python_base_cuda11.4
+FROM nvidia/cuda:12.3.2-devel-ubuntu20.04 AS python_base_cuda
 LABEL maintainer="Anomalib Development Team"
 
 # Setup proxies
@@ -59,17 +59,11 @@ RUN conda install python=3.10
 ## Anomalib Development Env
 #########################################################
 
-FROM python_base_cuda11.4 as anomalib_development_env
+FROM python_base_cuda as anomalib_development_env
 
 # Install all anomalib requirements
-COPY ./requirements/base.txt /tmp/anomalib/requirements/base.txt
-RUN pip install --no-cache-dir -r /tmp/anomalib/requirements/base.txt
+COPY ./pyproject.toml /tmp/anomalib/pyproject.toml
+RUN pip install --no-cache-dir .[full]
 
-COPY ./requirements/openvino.txt /tmp/anomalib/requirements/openvino.txt
-RUN pip install --no-cache-dir -r /tmp/anomalib/requirements/openvino.txt
-
-# Install other requirements related to development
-COPY ./requirements/dev.txt /tmp/anomalib/requirements/dev.txt
-RUN pip install --no-cache-dir -r /tmp/anomalib/requirements/dev.txt
 
 WORKDIR /home/user

.github/CODEOWNERS

@@ -7,8 +7,8 @@
 
 # CI/CD
 /.ci/                                                       @ashwinvaidya17
-/.devcontainer                                              @ashwinvaidya17 @yunchu
-/.github                                                    @ashwinvaidya17 @yunchu
+/.devcontainer                                              @ashwinvaidya17
+/.github                                                    @ashwinvaidya17
 /.dockerignore                                              @ashwinvaidya17
 
 # Docs
@@ -19,7 +19,7 @@
 /notebooks/100_datamodules                                  @djdameln
 /notebooks/200_models                                       @samet-akcay
 /notebooks/300_benchmarking                                 @ashwinvaidya17
-/notebooks/400_openvino                                     @samet-akcay @paularamo
+/notebooks/400_openvino                                     @samet-akcay
 /notebooks/500_use_cases                                    @paularamo
 /notebooks/README.md                                        @samet-akcay
 
@@ -71,11 +71,11 @@
 /tests/                                                     @samet-akcay @ashwinvaidya17
 
 # Misc
-/pyproject.toml                                             @samet-akcay @yunchu
+/pyproject.toml                                             @samet-akcay
 /README.md                                                  @samet-akcay @ashwinvaidya17 @djdameln
-/setup.py                                                   @samet-akcay @yunchu
+/setup.py                                                   @samet-akcay
 /third-party-programs.txt                                   @samet-akcay @ashwinvaidya17 @djdameln
-/tox.ini                                                    @samet-akcay @yunchu
+/tox.ini                                                    @samet-akcay
 
 # Tools
 /tools/benchmarking                                         @ashwinvaidya17

.github/dependabot.yml

@@ -0,0 +1,21 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: docker
+    directory: /.ci
+    schedule:
+      interval: weekly
+
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+
+  - package-ecosystem: pip
+    directory: /
+    schedule:
+      interval: weekly

.github/pull_request_template.md

@@ -21,3 +21,5 @@ Before you submit your pull request, please make sure you have completed the fol
 - [ ] 📋 I have summarized my changes in the [CHANGELOG](https://github.com/openvinotoolkit/anomalib/blob/main/CHANGELOG.md) and followed the guidelines for my type of change (skip for minor changes, documentation updates, and test enhancements).
 - [ ] 📚 I have made the necessary updates to the documentation (if applicable).
 - [ ] 🧪 I have written tests that support my changes and prove that my fix is effective or my feature works (if applicable).
+
+For more information about code review checklists, see the [Code Review Checklist](https://github.com/openvinotoolkit/anomalib/blob/main/docs/source/markdown/guides/developer/code_review_checklist.md).

.github/workflows/code_scan.yml

@@ -11,17 +11,17 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - name: CHECKOUT REPOSITORY
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: "3.10"
       - name: Install dependencies
         run: python -m pip install tox
       - name: Bandit Scanning
         run: tox -e bandit-scan
       - name: UPLOAD BANDIT REPORT
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: bandit-report
           path: .tox/bandit-report.txt
@@ -31,9 +31,9 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: "3.10"
       - name: Install dependencies
@@ -43,7 +43,7 @@ jobs:
           TRIVY_DOWNLOAD_URL: ${{ vars.TRIVY_DOWNLOAD_URL }}
         run: tox -vv -e trivy-scan
       - name: Upload Trivy results artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: trivy-results
           path: |

.github/workflows/nightly.yml

@@ -13,13 +13,20 @@ jobs:
     if: github.ref == 'refs/heads/main'
     steps:
       - name: CHECKOUT REPOSITORY
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
       - name: Install Tox
         run: pip install tox
       - name: Coverage
         run: tox -e nightly
       - name: Upload coverage result
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         with:
           name: coverage
           path: .tox/coverage.xml
+  md-dead-link-check:
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v4
+      - uses: AlexanderDokuchaev/[email protected]
+        with:
+          config: pyproject.toml

.github/workflows/pre_merge.yml

@@ -21,9 +21,9 @@ jobs:
     runs-on: [self-hosted, linux, x64, anomalib]
     steps:
       - name: CHECKOUT REPOSITORY
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
       - name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: "3.10"
       - name: Install Tox
@@ -42,9 +42,9 @@ jobs:
             tox-env: "py310"
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Install Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: ${{ matrix.python-version }}
       - name: Install Tox
@@ -75,3 +75,11 @@ jobs:
           else
             ./codecov -t "${CODECOV_TOKEN}"  --sha $COMMIT_ID -U $HTTP_PROXY -f .tox/coverage.xml
           fi
+
+  md-dead-link-check:
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v4
+      - uses: AlexanderDokuchaev/[email protected]
+        with:
+          config: pyproject.toml

.github/workflows/publish.yml

@@ -8,16 +8,27 @@ jobs:
   deploy:
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.10"
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
           pip install setuptools wheel twine
-      - name: Build and publish
-        env:
-          TWINE_USERNAME: __token__
-          TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
+
+      - name: Import GPG Key
+        run: |
+          echo "${{ secrets.GPG_PRIVATE_KEY }}" | base64 --decode | gpg --import --batch --yes --no-tty
+
+      - name: Build and sign distribution
         run: |
           python setup.py sdist bdist_wheel
-          twine upload dist/*
+          gpg --batch --yes --no-tty --pinentry-mode loopback --detach-sign -a dist/*.tar.gz
+          gpg --batch --yes --no-tty --pinentry-mode loopback --detach-sign -a dist/*.whl
+
+      - name: Upload to PyPI
+        run: twine upload dist/*
+        env:
+          TWINE_USERNAME: __token__
+          TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}

.github/workflows/upload_coverage.yml

@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Download artifact
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: ${{ github.event.workflow_run.artifact_url }}
           path: coverage

.pre-commit-config.yaml

@@ -30,9 +30,17 @@ repos:
     rev: "v1.7.0"
     hooks:
       - id: mypy
-        additional_dependencies: [types-PyYAML]
+        additional_dependencies: [types-PyYAML, types-setuptools]
         exclude: "tests"
 
+  # add bandit for security checks
+  - repo: https://github.com/PyCQA/bandit
+    rev: 1.7.7
+    hooks:
+      - id: bandit
+        args: ["-c", "pyproject.toml"]
+        additional_dependencies: ["bandit[toml]"]
+
   # notebooks.
   - repo: https://github.com/nbQA-dev/nbQA
     rev: 1.7.0

.readthedocs.yaml

@@ -29,6 +29,7 @@ formats:
 # See https://docs.readthedocs.io/en/stable/guides/reproducible-builds.html
 python:
   install:
-    - requirements: docs/requirements.txt
     - method: pip
       path: .
+      extra_requirements:
+        - dev