chore: packaging metadata, CI cleanup, and community health docs#1
Merged
Conversation
Migrate every distribution's license metadata to the PEP 639 SPDX form (license = "MIT" plus license-files = ["LICENSE.md"]) and bump the build requirement to hatchling>=1.27, the first release that supports it. Drop the now-redundant "License :: OSI Approved :: MIT License" classifier, which recent build and publish tooling rejects when a license expression is also present. While here, enrich the metadata: add the "Topic :: Internet :: WWW/HTTP" and "Typing :: Typed" classifiers, Documentation and Issues project URLs, the "pipeline" keyword, and a sharper core summary. Add the standard GitHub community-health files so external contributors have a clear on-ramp: bug-report and feature-request issue forms with a security contact link, a pull-request template wired to the project's quality gates, a Dependabot config covering GitHub Actions and uv dependencies, plus CONTRIBUTING.md and SECURITY.md. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
- Bump CI actions (checkout v6, setup-uv v8) and fold Python setup into setup-uv; add a least-privilege contents:read permissions block. - Add CODE_OF_CONDUCT.md (Contributor Covenant 2.1). - Link CONTRIBUTING/SECURITY/CODE_OF_CONDUCT from the README. - Add the openapi keyword to dexpace-sdk-core. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
OmarAlJarrah
changed the title
OmarAlJarrah
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The repo gave a newcomer almost nothing to go on: the GitHub description was blank, there were no topics, and the package manifests still declared their license with the old
License ::classifier that twine and recent build backends now warn about. This PR cleans up the public-facing config so the project is ready to be found and, eventually, published.Packaging metadata
All five manifests move to PEP 639 SPDX licensing (
license = "MIT"pluslicense-files) and drop the deprecated classifier. That needshatchling>=1.27to parse the new fields, so I pinned it. While in there I added theTopic :: Internet :: WWW/HTTPandTyping :: Typedclassifiers,DocumentationandIssuesproject URLs, and anopenapikeyword on core.I built every package and ran
twine checkon all ten artifacts; they pass, and the core wheel now shipsLicense-Expression: MITwithLICENSE.mdbundled underlicenses/.Community health
New
CONTRIBUTING.md,SECURITY.md, andCODE_OF_CONDUCT.md(Contributor Covenant 2.1), plus bug and feature issue templates, a PR template, and a Dependabot config that watches both GitHub Actions and uv. The README now links the three docs from its Contributing and Security sections.CI
Bumped
actions/checkoutto v6 andastral-sh/setup-uvto v8, and let setup-uv handle the interpreter via its ownpython-versioninput instead of a separatesetup-pythonstep. Addedpermissions: contents: readso the workflow has no more access than it needs.Changes made on GitHub itself
These are settings rather than files, so they aren't in the diff but are already live:
SECURITY.mdrelies on.Checks
pytest(646 passing),mypy --strict,ruff check, andruff format --checkare all green on 3.12 through 3.14.