You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: action.yaml
+1-2Lines changed: 1 addition & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -6,10 +6,9 @@ inputs:
6
6
description: "Target branch for the pull request"
7
7
required: true
8
8
default: "main"
9
-
10
9
project_file_name:
11
10
description: "The filename to the project file that lists your dependencies, relative to the repository root. Defaults to 'pyproject.toml' Curretnly only pyproject.toml is supported but others may be added."
12
-
required: false
11
+
required: true
13
12
default: "pyproject.toml"
14
13
token:
15
14
description: "GitHub token with repo permissions to create pull requests"
Copy file name to clipboardExpand all lines: readme.md
+17-23Lines changed: 17 additions & 23 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,6 +5,11 @@ It also contains released versions of the schedule in various formats that that
5
5
6
6
## Using the action
7
7
8
+
To use the action you can copy the yaml below, and paste it into `.github/workflows/update-spec-0.yaml`. The arguments bewlow are filled with heir default value, in most cases you won't have to fill them. All except for `token` are optional.
9
+
10
+
Whenever the action is triggered it will open a PR in your repository that will update the dependencies of SPEC 0 to the new lower bound. For this you will have to provide it with a PAT that has write permissions in the `contents` and `pull request` scopes. Please refer to the GitHub documentation for instructions on how to do this [here](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens).
11
+
12
+
8
13
```yaml
9
14
name: Update SPEC 0 dependencies
10
15
@@ -17,37 +22,26 @@ on:
17
22
- cron: "0 0 2 */3 *"
18
23
19
24
permissions:
20
-
contents: write
21
-
pull-requests: write
25
+
contents: write
26
+
pull-requests: write
22
27
23
28
jobs:
24
-
update:
29
+
update:
25
30
runs-on: ubuntu-latest
26
31
steps:
27
-
- uses: scientific-python/spec-zero-tools@main
28
-
with:
29
-
token: ${{ secrets.GH_PAT }}
30
-
target_branch: main
31
-
tool: pixi
32
-
```
33
-
34
-
Whenever the action is triggered it will open a PR in your repository that will update the dependencies of SPEC 0 to the new lower bound. For this you will have to provide it with a PAT that has write permissions in the `contents` and `pull request` scopes. Please refer to the GitHub documentation for instructions on how to do this [here](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens).
32
+
- uses: scientific-python/spec-zero-tools@v1
33
+
with:
34
+
token: ${{ secrets.GH_PAT }}
35
+
project_file_name: "pyproject.toml"
36
+
target_branch: 'main'
35
37
36
-
To help projects stay compliant with SPEC-0, we provide a `schedule.json` file that can be used by CI systems to determine new version boundaries.
37
38
38
-
Currently the action can take the following inputs:
| `token` | The token that the action will use to create and update the pull request. See [token](https://github.com/marketplace/actions/create-pull-request#token). | Yes |
43
-
| `tool` | Which tool to use for managing your dependencies. Currently `pixi` is the only option. | No |
44
-
| `target_branch` | The branch to open a PR against with the updated versions. Defaults to `main`. | No |
41
+
It should update any of the packages listed in the `dependency`, or `tool.pixi.*` tables.
45
42
46
43
## Limitations
47
44
48
-
This project is still in progress and thus it comes with some limitations we are working on. Hopefully this will be gone by the time you read this, but currently the limitations are:
45
+
1. since this action simply parses the toml to do the upgrade and leaves any other bounds in tackt, it is possible that the environment of the PR becomes unsolvable. For example if you have a numpy dependency like so: `numpy = ">=1.25.0,<2"` this will get updated in the PR to `numpy = "2.0.0,<2"` which is infeasable. Keeping the resulting environment is outside the scope of this action, so they might have to be adjusted manually.
46
+
2. Currently on `pyproject.toml` is supported by this action, though other manifest files could be considered upon request.
49
47
50
-
- Only `pixi` is supported
51
-
- if you have a higher bound than the one listed in SPEC 0 this is overwritten
52
-
- higher bounds are deleted instead of maintained.
0 commit comments