Apply suggestions from code review

savente93 · nabobalis · web-flow · commit ae30e054bb95 · 2025-08-20T08:37:47.000+02:00
Co-authored-by: Nabil Freij &lt;nabil.freij@gmail.com&gt;
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -4,7 +4,7 @@ on:
     branches: main
   pull_request:
     branches: main
-  # on demand
+  # On demand
   workflow_dispatch:
 
 jobs:
diff --git a/action.yaml b/action.yaml
@@ -44,7 +44,6 @@ runs:
           gh release download -R "scientific-python/spec0-action" --pattern schedule.json -O "$SCHEDULE_FILE"
         fi
 
-      # make user pixi is available
     - uses: prefix-dev/setup-pixi@v0.8.14
       name: Setup pixi
       with:
@@ -61,7 +60,6 @@ runs:
         # let's cleanup after ourselves so it doesn't end up in the PR
         rm "${{inputs.schedule_path}}"
 
-
     - name: Create Pull Request
       if: ${{ inputs.create_pr == 'true' }}
       uses: peter-evans/create-pull-request@v6
diff --git a/readme.md b/readme.md
@@ -1,13 +1,17 @@
 # SPEC-0 Versions Action
 
-This repository contains a Github Action to update python dependencies conform the SPEC 0 support schedule.
+This repository contains a Github Action to update Python dependencies such that they conform to the SPEC 0 support schedule.
 It also contains released versions of the schedule in various formats that that action can use to open PRs in your repository.
 
 ## Using the action
 
-To use the action you can copy the yaml below, and paste it into `.github/workflows/update-spec-0.yaml`. The arguments bewlow are filled with heir default value, in most cases you won't have to fill them. All except for `token` are optional. 
+To use the action you can copy the yaml below, and paste it into `.github/workflows/update-spec-0.yaml`.
+The arguments below are filled with their default value, in most cases you won't have to fill them.
+All except for `token` are optional. 
 
-Whenever the action is triggered it will open a PR in your repository that will update the dependencies of SPEC 0 to the new lower bound. For this you will have to provide it with a PAT that has write permissions in the `contents` and `pull request` scopes. Please refer to the GitHub documentation for instructions on how to do this [here](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens).
+Whenever the action is triggered it will open a PR in your repository that will update the dependencies of SPEC 0 to the new lower bound.
+For this you will have to provide it with a PAT that has write permissions in the `contents` and `pull request` scopes.
+Please refer to the GitHub documentation for instructions on how to do this [here](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens).
 
 
 ```yaml
@@ -29,7 +33,7 @@ jobs:
     update:
     runs-on: ubuntu-latest
     steps:
-        - uses: scientific-python/spec0-action@v1
+      - uses: scientific-python/spec0-action@v1
     with: 
         token: ${{ secrets.GH_PAT }}
         project_file_name: "pyproject.toml"
@@ -40,6 +44,8 @@ It should update any of the packages listed in the `dependency`, or `tool.pixi.*
 
 ## Limitations
 
-1. since this action simply parses the toml to do the upgrade and leaves any other bounds in tackt, it is possible that the environment of the PR becomes unsolvable. For example if you have a numpy dependency like so: `numpy = ">=1.25.0,<2"` this will get updated in the PR to `numpy = "2.0.0,<2"` which is infeasable. Keeping the resulting environment solvable is outside the scope of this action, so they might have to be adjusted manually. 
-2. Currently on `pyproject.toml` is supported by this action, though other manifest files could be considered upon request. 
+1. Since this action simply parses the toml to do the upgrade and leaves any other bounds intact, it is possible that the environment of the PR becomes unsolvable.
+   For example if you have a numpy dependency like so: `numpy = ">=1.25.0,<2"` this will get updated in the PR to `numpy = "2.0.0,<2"` which is infeasible. 
+   Keeping the resulting environment solvable is outside the scope of this action, so you might have to be adjusted manually.
+2. Currently only `pyproject.toml` is supported by this action, though other manifest files could be considered upon request. 
 
diff --git a/spec0_action/__init__.py b/spec0_action/__init__.py
@@ -19,7 +19,7 @@
 __all__ = ["read_schedule", "read_toml", "write_toml", "update_pyproject_toml"]
 
 def update_pyproject_dependencies(dependencies: dict, schedule: SupportSchedule):
-    # iterate by idx because we want to update it inplace
+    # Iterate by idx because we want to update it inplace
     for i in range(len(dependencies)):
         dep_str = dependencies[i]
         pkg, extras, spec = parse_pep_dependency(dep_str)
@@ -30,9 +30,7 @@ def update_pyproject_dependencies(dependencies: dict, schedule: SupportSchedule)
         new_lower_bound = Version(schedule["packages"][pkg])
         try:
             spec = tighten_lower_bound(spec or SpecifierSet(), new_lower_bound)
-            # will raise a value error if bound is already tigheter, in this case we just do nothing and  continue
-
-
+            # Will raise a value error if bound is already tighter, in this case we just do nothing and  continue
         except ValueError:
             continue
 
@@ -46,11 +44,11 @@ def update_pyproject_dependencies(dependencies: dict, schedule: SupportSchedule)
 
 def update_dependency_table(dep_table: dict, new_versions: dict):
     for pkg, pkg_data in dep_table.items():
-        # don't do anything for pkgs that aren't in our schedule
+        # Don't do anything for pkgs that aren't in our schedule
         if pkg not in new_versions:
             continue
 
-        # like pkg = ">x.y.z,<a"
+        # Like pkg = ">x.y.z,<a"
         if isinstance(pkg_data, str):
             if not is_url_spec(pkg_data):
                 spec = parse_version_spec(pkg_data)
@@ -61,12 +59,12 @@ def update_dependency_table(dep_table: dict, new_versions: dict):
                 dep_table[pkg] = repr_spec_set(spec)
 
             else:
-                # we don't do anything with url spec dependencies
+                # We don't do anything with url spec dependencies
                 continue
         else:
-            # table like in tests = {path = "."}
+            # Table like in tests = {path = "."}
             if "path" in pkg_data:
-                # we don't do anything with path dependencies
+                # We don't do anything with path dependencies
                 continue
 
             spec = SpecifierSet(pkg_data["version"])
diff --git a/spec0_action/parsing.py b/spec0_action/parsing.py
@@ -8,10 +8,10 @@
 from pathlib import Path
 from re import compile
 
-# we won't actually do anything with URLs we just need to detect them
+# We won't actually do anything with URLs we just need to detect them
 Url: TypeAlias = ParseResult
 
-# slightly modified version of https://packaging.python.org/en/latest/specifications/dependency-specifiers/#names
+# Slightly modified version of https://packaging.python.org/en/latest/specifications/dependency-specifiers/#names
 PEP_PACKAGE_IDENT_RE = compile(r"(?im)^([A-Z0-9][A-Z0-9._-]*)(\[[A-Z0-9._,-]+\])?(.*)$")
 
 
@@ -22,11 +22,11 @@ class SupportSchedule(TypedDict):
 
 def parse_version_spec(s: str) -> SpecifierSet:
     if s.strip() == "*":
-        # python version numeric components must be non-negative so this is ookay
+        # Python version numeric components must be non-negative so this is okay
         # see https://packaging.python.org/en/latest/specifications/version-specifiers/
         return SpecifierSet(">=0")
     try:
-        # if we can simply parse it return it
+        # If we can simply parse it return it
         return SpecifierSet(s)
     except InvalidSpecifier:
         try:
