🚀 Add/improve GitHub Actions workflows

- Fix Python version compatibility (remove 3.7, consistent with project requirements)
- Add comprehensive CI pipeline with testing, linting, and security checks
- Add automated PyPI publishing with trusted publishing
- Update dependencies and configurations for consistency
- Improve caching and use latest action versions

Author: DeepPythonist

.github/workflows/ci.yml

@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        python-version: [3.7, 3.8, 3.9, "3.10", "3.11", "3.12"]
+        python-version: [3.8, 3.9, "3.10", "3.11", "3.12"]
 
     steps:
     - uses: actions/checkout@v4
@@ -22,10 +22,10 @@ jobs:
         python-version: ${{ matrix.python-version }}
 
     - name: Cache pip dependencies
-      uses: actions/cache@v3
+      uses: actions/cache@v4
       with:
         path: ~/.cache/pip
-        key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
+        key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt', '**/pyproject.toml') }}
         restore-keys: |
           ${{ runner.os }}-pip-
     
@@ -56,7 +56,7 @@ jobs:
         pytest --cov=pyhetznerserver --cov-report=xml --cov-report=term-missing
     
     - name: Upload coverage to Codecov
-      uses: codecov/codecov-action@v3
+      uses: codecov/codecov-action@v4
       with:
         file: ./coverage.xml
         flags: unittests
@@ -80,11 +80,11 @@ jobs:
     
     - name: Run Bandit security linter
       run: |
-        bandit -r pyhetznerserver/ -f json -o bandit-report.json || true
+        bandit -r pyhetznerserver/ -ll
     
     - name: Run Safety check
       run: |
-        safety check --json --output safety-report.json || true
+        safety check
 
   build:
     runs-on: ubuntu-latest
@@ -111,7 +111,7 @@ jobs:
         twine check dist/*
     
     - name: Upload build artifacts
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
       with:
         name: dist
         path: dist/ 

.github/workflows/publish.yml

@@ -49,12 +49,15 @@ jobs:
     - name: Install build dependencies
       run: |
         python -m pip install --upgrade pip
-        pip install build
+        pip install build twine
     
     - name: Build package
       run: |
         python -m build
     
+    - name: Check package
+      run: |
+        twine check dist/*
+    
     - name: Publish to PyPI (Trusted Publishing)
-      if: github.event_name == 'release' && github.event.action == 'published' || github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
       uses: pypa/gh-action-pypi-publish@release/v1 

pyproject.toml

@@ -44,8 +44,7 @@ classifiers = [
 ]
 requires-python = ">=3.8"
 dependencies = [
-    "requests>=2.28.0",
-    "typing-extensions>=4.0.0; python_version<'3.8'"
+    "requests>=2.28.0"
 ]
 
 [project.optional-dependencies]
@@ -82,7 +81,7 @@ exclude = ["tests*"]
 
 [tool.black]
 line-length = 100
-target-version = ['py37', 'py38', 'py39', 'py310', 'py311']
+target-version = ['py38', 'py39', 'py310', 'py311', 'py312']
 include = '\.pyi?$'
 extend-exclude = '''
 /(
@@ -108,7 +107,7 @@ use_parentheses = true
 ensure_newline_before_comments = true
 
 [tool.mypy]
-python_version = "3.7"
+python_version = "3.8"
 warn_return_any = true
 warn_unused_configs = true
 disallow_untyped_defs = true

requirements.txt

@@ -1,2 +1 @@
-requests>=2.28.0
-typing-extensions>=4.0.0 
+requests>=2.28.0