0.9.3

.github/workflows/test.yml

@@ -0,0 +1,141 @@
+name: Test Suite
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main, develop ]
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.9", "3.10", "3.11", "3.12"]
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v5
+      with:
+        python-version: ${{ matrix.python-version }}
+
+    - name: Cache pip dependencies
+      uses: actions/cache@v4
+      with:
+        path: ~/.cache/pip
+        key: ${{ runner.os }}-pip-${{ hashFiles('**/pyproject.toml') }}
+        restore-keys: |
+          ${{ runner.os }}-pip-
+
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install -e .[test]
+        pip install -r requirements.txt
+
+    - name: Run tests with unittest (fallback)
+      run: |
+        python -m unittest discover tests -v
+
+    - name: Run tests with pytest (if available)
+      run: |
+        python -m pytest tests/ -v --tb=short
+      continue-on-error: true
+
+    - name: Run tests with coverage
+      run: |
+        python -m pytest tests/ --cov=vex --cov-report=xml --cov-report=term-missing
+      continue-on-error: true
+
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v4
+      with:
+        file: ./coverage.xml
+        flags: unittests
+        name: codecov-umbrella
+        fail_ci_if_error: false
+      continue-on-error: true
+
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.12"
+
+    - name: Install linting dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install flake8 black isort
+
+    - name: Run flake8
+      run: flake8 vex/ --count --select=E9,F63,F7,F82 --show-source --statistics
+      continue-on-error: true
+
+    - name: Run black (check only)
+      run: black --check --diff vex/
+      continue-on-error: true
+
+    - name: Run isort (check only)
+      run: isort --check-only --diff vex/
+      continue-on-error: true
+
+  security:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.12"
+
+    - name: Install security scanning tools
+      run: |
+        python -m pip install --upgrade pip
+        pip install safety bandit[toml]
+
+    - name: Run safety check
+      run: safety check --json --output safety-report.json
+      continue-on-error: true
+
+    - name: Run bandit security scan
+      run: bandit -r vex/ -f json -o bandit-report.json
+      continue-on-error: true
+
+  build:
+    runs-on: ubuntu-latest
+    needs: [test, lint]
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.12"
+
+    - name: Install build dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install build twine
+
+    - name: Build package
+      run: python -m build
+
+    - name: Check package
+      run: twine check dist/*
+
+    - name: Upload build artifacts
+      uses: actions/upload-artifact@v4
+      with:
+        name: dist
+        path: dist/
+

Makefile

@@ -0,0 +1,70 @@
+.PHONY: help test test-unit test-cov install install-dev lint clean build
+
+# Default target
+help:
+	@echo "Available targets:"
+	@echo "  help        - Show this help"
+	@echo "  install     - Install the package"
+	@echo "  install-dev - Install development dependencies"
+	@echo "  test        - Run tests with unittest"
+	@echo "  test-unit   - Run tests with unittest (verbose)"
+	@echo "  test-cov    - Run tests with coverage (requires pytest)"
+	@echo "  lint        - Run linting checks"
+	@echo "  clean       - Clean build artifacts"
+	@echo "  build       - Build the package"
+
+# Install the package
+install:
+	pip install -e .
+
+# Install development dependencies
+install-dev:
+	pip install -e .[test]
+	pip install -r requirements.txt
+
+# Run tests with unittest
+test:
+	python -m unittest discover tests -v
+
+# Run tests with unittest (verbose)
+test-unit:
+	python -m unittest discover tests -v
+
+# Run tests with coverage (requires pytest)
+test-cov:
+	python -m pytest tests/ --cov=vex --cov-report=term-missing --cov-report=html
+
+# Run linting checks
+lint:
+	@echo "Running flake8..."
+	-flake8 vex/ --count --select=E9,F63,F7,F82 --show-source --statistics
+	@echo "Running black (check only)..."
+	-black --check --diff vex/
+	@echo "Running isort (check only)..."
+	-isort --check-only --diff vex/
+
+# Clean build artifacts
+clean:
+	rm -rf build/
+	rm -rf dist/
+	rm -rf *.egg-info/
+	rm -rf htmlcov/
+	rm -rf .coverage
+	rm -rf .pytest_cache/
+	find . -type d -name __pycache__ -exec rm -rf {} +
+	find . -type f -name "*.pyc" -delete
+
+# Build the package
+build: clean
+	python -m build .
+
+# Upload the package
+upload: build
+	python -m twine upload dist/*
+
+# Run the test runner script
+run-tests:
+	python run_tests.py --verbose
+
+# Install and run tests
+test-all: install-dev test 

README.md

@@ -18,21 +18,12 @@ Install [vex-reader](https://pypi.org/project/vex-reader/) from PyPI:
 pip install vex-reader
 ```
 
-Development setup:
-
-```shell
-git clone https://github.com/vdanen/vex-reader.git
-cd vex-reader
-python3 -m venv venv
-source venv/bin/activate
-pip install --upgrade pip
-pip install -e .
-```
-
 ## Usage
 
-You can use the vex library in your own Python applications, or you can
-clone this repo and use the `vex-reader` command to parse VEX files.
+The best way to use vex-reader is to install the Python module.  It provides
+the `vex-reader` binary and you can import the library for use in your own
+applications.
+
 
 ```
 vex-reader --vex tests/cve-2002-2443.json
@@ -97,6 +88,25 @@ is undesirable (for testing, etc) you can pass the `--no-nvd` argument to
 prevent lookups. Currently, `vex-reader` requires the VEX file to parse to
 be on-disk.
 
+## Development
+
+Contributions to vex-reader are welcome.  Currently it works predominantly with
+Red Hat's VEX files and has limited success with othe VEX files (such as from
+Cisco).  If `vex-reader` fails to parse the VEX file you're feeding it, you can
+either submit a patch or open an issue and link to the VEX file you're trying
+to parse.
+
+### Development setup:
+
+```shell
+git clone https://github.com/vdanen/vex-reader.git
+cd vex-reader
+python3 -m venv venv
+source venv/bin/activate
+pip install --upgrade pip
+pip install -e .
+```
+
 When working from the git repository for development, use:
 
 ```