merge

Author: huard

.cruft.json

@@ -1,6 +1,6 @@
 {
   "template": "https://github.com/Ouranosinc/cookiecutter-pypackage",
-  "commit": "2b31b0f76a180ad93e5a49fe5744306fefb48c9c",
+  "commit": "a58a1f8dfd7610c4f0e7517c68fcd7c60279f5a8",
   "context": {
     "cookiecutter": {
       "full_name": "David Huard",
@@ -10,11 +10,10 @@
       "project_slug": "ravenpy",
       "project_short_description": "A Python wrapper to setup and run the hydrologic modelling framework Raven.",
       "pypi_username": "CSHS-CWRA",
-      "version": "0.18.3-dev.1",
+      "version": "0.19.1",
       "use_pytest": "y",
       "use_black": "y",
       "use_conda": "y",
-      "add_pyup_badge": "n",
       "make_docs": "y",
       "add_translations": "y",
       "command_line_interface": "Click",
@@ -23,7 +22,7 @@
       "generated_with_cruft": "y",
       "__gh_slug": "https://github.com/CSHS-CWRA/RavenPy",
       "_template": "https://github.com/Ouranosinc/cookiecutter-pypackage",
-      "_commit": "2b31b0f76a180ad93e5a49fe5744306fefb48c9c"
+      "_commit": "a58a1f8dfd7610c4f0e7517c68fcd7c60279f5a8"
     }
   },
   "directory": null,

.flake8

@@ -17,6 +17,7 @@ ignore =
 	D,
 	E,
 	F,
+	RST210,
 	W503
 per-file-ignores =
 rst-roles =

.github/dependabot.yml

@@ -8,7 +8,7 @@ updates:
   - package-ecosystem: github-actions
     directory: .github/workflows
     schedule:
-      interval: monthly
+      interval: "quarterly"
     groups:
       actions:
         patterns:
@@ -17,7 +17,7 @@ updates:
   - package-ecosystem: pip
     directory: /
     schedule:
-      interval: monthly
+      interval: "quarterly"
     groups:
       ci:
         patterns:

.github/workflows/bump-version.yml

@@ -19,15 +19,15 @@ on:
       - .zenodo.json
       - AUTHORS.rst
       - CHANGELOG.rst
-      - CI/**/*.in
-      - CI/**/*.py
-      - CI/**/*.txt
+      - CI/**.in
+      - CI/**.txt
       - CODE_OF_CONDUCT.md
       - CONTRIBUTING.rst
       - Makefile
       - .readthedocs.yml
       - docs/*.py
-      - docs/*.rst
+      - docs/**.rst
+      - docs/notebooks/**.ipynb
       - environment-docs.yml
       - environment-dev.yml
       - pyproject.toml
@@ -47,30 +47,35 @@ jobs:
       contents: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
         with:
           disable-sudo: true
           egress-policy: block
           allowed-endpoints: >
             files.pythonhosted.org:443
             github.com:443
             pypi.org:443
+
       - name: Checkout Repository (no persist-credentials)
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           persist-credentials: false
           fetch-depth: 0
+
       - name: Set up Python3
         uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
         with:
           python-version: "3.x"
+
       - name: Config Commit Bot
         run: |
           git config --local user.email "bumpversion[bot]@ouranos.ca"
           git config --local user.name "bumpversion[bot]"
+
       - name: Install CI libraries
         run: |
           python -m pip install --require-hashes -r CI/requirements_ci.txt
+
       - name: Conditional Bump Version
         run: |
           CURRENT_VERSION=$(bump-my-version show current_version)
@@ -82,6 +87,7 @@ jobs:
             bump-my-version bump patch
           fi
           echo "new_version=$(bump-my-version show current_version)"
+
       - name: Push Changes
         uses: ad-m/github-push-action@d91a481090679876dfc4178fef17f286781251df # v0.8.0
         with:

.github/workflows/cache-cleaner.yml

@@ -16,14 +16,15 @@ jobs:
       actions: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
         with:
           disable-sudo: true
           egress-policy: block
           allowed-endpoints: >
             api.github.com:443
             github.com:443
             objects.githubusercontent.com:443
+            release-assets.githubusercontent.com:443
 
       - name: Checkout Repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

.github/workflows/codeql.yml

@@ -53,7 +53,7 @@ jobs:
         # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
         with:
           disable-sudo: true
           egress-policy: audit
@@ -65,7 +65,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19
+        uses: github/codeql-action/init@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3.29.5
         with:
           languages: ${{ matrix.language }}
           build-mode: ${{ matrix.build-mode }}
@@ -94,6 +94,6 @@ jobs:
           exit 1
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19
+        uses: github/codeql-action/analyze@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3.29.5
         with:
           category: "/language:${{matrix.language}}"

.github/workflows/dependency-review.yml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
         with:
           disable-sudo: true
           egress-policy: block

.github/workflows/first-pull-request.yml

@@ -16,7 +16,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
         with:
           disable-sudo: true
           egress-policy: block

.github/workflows/label.yml

@@ -23,7 +23,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
         with:
           disable-sudo: true
           egress-policy: block

.github/workflows/main.yml

@@ -7,7 +7,7 @@ on:
   pull_request:
 
 env:
-  RAVEN_TESTING_DATA_BRANCH: master
+  RAVEN_TESTDATA_BRANCH: v2025.6.12
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
         with:
           disable-sudo: true
           egress-policy: block
@@ -68,29 +68,14 @@ jobs:
             tox-env: 'py3.10-coverage-upstream'
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
         with:
-          egress-policy: block
-          allowed-endpoints: >
-            api.github.com:443
-            azure.archive.ubuntu.com:80
-            coveralls.io:443
-            esm.ubuntu.com:443
-            files.pythonhosted.org:443
-            github.com:443
-            motd.ubuntu.com:443
-            objects.githubusercontent.com:443
-            packages.microsoft.com:443
-            pavics.ouranos.ca:443
-            pypi.org:443
-            raw.githubusercontent.com:443
-            test.opendap.org:80
-
+          disable-sudo: false
+          egress-policy: audit
       - name: Checkout Repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           persist-credentials: false
-
       - name: Set up Python${{ matrix.python-version }}
         uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
         with:
@@ -117,14 +102,32 @@ jobs:
       - name: Install CI libraries
         run: |
           python3 -m pip install --require-hashes -r CI/requirements_ci.txt
+
+      - name: Environment caching (macOS)
+        if: matrix.os == 'macos-latest'
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+        with:
+          path: |
+            .tox
+            ~/Library/Caches/raven-testdata
+          key: ${{ hashFiles('src/ravenpy/testing/registry.txt') }}-${{ env.RAVEN_TESTDATA_BRANCH }}-${{ matrix.os }}
+      - name: Environment caching (Ubuntu)
+        if: matrix.os == 'ubuntu-latest'
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+        with:
+          path: |
+            .tox
+            ~/.cache/raven-testdata
+          key: ${{ hashFiles('src/ravenpy/testing/registry.txt') }}-${{ env.RAVEN_TESTDATA_BRANCH }}-${{ matrix.os }}
+
       - name: Test with tox and report coverage
         run: |
           if [ "${{ matrix.tox-env }}" != "false" ]; then
-            python3 -m tox -e ${{ matrix.tox-env }}
+            python3 -m tox -e ${{ matrix.tox-env }}-prefetch
           elif [ "${{ matrix.python-version }}" != "3.13" ]; then
-            python3 -m tox -e py${{ matrix.python-version }}-coverage
+            python3 -m tox -e py${{ matrix.python-version }}-prefetch-coverage
           else
-            python3 -m tox -e py${{ matrix.python-version }}
+            python3 -m tox -e py${{ matrix.python-version }}-prefetch
           fi
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -148,21 +151,10 @@ jobs:
         shell: bash -l {0}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
         with:
           disable-sudo: true
-          egress-policy: block
-          allowed-endpoints: >
-            api.github.com:443
-            conda.anaconda.org:443
-            coveralls.io:443
-            files.pythonhosted.org:443
-            github.com:443
-            objects.githubusercontent.com:443
-            pavics.ouranos.ca:443
-            pypi.org:443
-            raw.githubusercontent.com:443
-            test.opendap.org:80
+          egress-policy: audit
       - name: Checkout Repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
@@ -172,7 +164,7 @@ jobs:
         run: |
           sed -i 's/climpred >=2.4.0/xesmf/' environment.yml
       - name: Setup Conda (Micromamba) with Python${{ matrix.python-version }}
-        uses: mamba-org/setup-micromamba@0dea6379afdaffa5d528b3d1dabc45da37f443fc # v2.0.4
+        uses: mamba-org/setup-micromamba@b09ef9b599704322748535812ca03efb2625677b # v2.0.5
         with:
           cache-downloads: true
           cache-environment: true
@@ -187,13 +179,32 @@ jobs:
         run: |
           micromamba list
           python -m pip check || true
+      - name: Cache test data (macOS)
+        if: matrix.os == 'macos-latest'
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+        with:
+          path: |
+            ~/Library/Caches/raven-testdata
+          key: ${{ hashFiles('src/ravenpy/testing/registry.txt') }}-${{ env.RAVEN_TESTDATA_BRANCH }}-conda-${{ matrix.os }}
+      - name: Cache test data (Ubuntu)
+        if: matrix.os == 'ubuntu-latest'
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+        with:
+          path: |
+            ~/.cache/raven-testdata
+          key: ${{ hashFiles('src/ravenpy/testing/registry.txt') }}-${{ env.RAVEN_TESTDATA_BRANCH }}-conda-${{ matrix.os }}
+
+      - name: Prefetch RavenPy test data
+        run: |
+          python -c "import ravenpy.testing.utils as rtu; rtu.populate_testing_data()"
+
       - name: Test RavenPy
         run: |
           python -m pytest --numprocesses=logical --cov=src/ravenpy --cov-report=lcov
       - name: Report Coverage
         uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b # v2.3.6
         with:
-          flag-name: run-conda_${{ matrix.python-version }}_${{ matrix.os }}
+          flag-name: run-${{ matrix.python-version }}-${{ matrix.os }}-conda
           parallel: true
 
   finish:
@@ -204,14 +215,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
         with:
           disable-sudo: true
-          egress-policy: block
-          allowed-endpoints: >
-            coveralls.io:443
-            github.com:443
-            objects.githubusercontent.com:443
+          egress-policy: audit
       - name: Coveralls Finished
         uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b # v2.3.6
         with: