Modernize repo

[leplatrem]

• [x] Replaced setup.cfg and setup.py by pyproject.toml
• [x] Replaced flake8 by ruff
• [x] Use requirements.in instead of list in setup.py
• [x] Use version from git tag (setuptools-scm)
• [x] Publish to Pypi on git tag
• [x] Add config to categorize changes in autogenerated changelog
• [x] Add Github actions to dependabot
• [x] Update release instructions
• [x] Rename master to main
• [x] Replace tox with GH actions
• [x] Move package to src
• [x] Force labels on pull-requests (for better changelog)

Things lost with this PR:

• No more changelog (now on GH releases)
• Description on Pypi does not contain changelog anymore

[leplatrem]

Thanks for your feeback @jenstroeger! really appreciated!

particular some of the git hooks we use for checking code 🤓

I'm not a big fan of mandatory pre-commit hooks, I would be in favor of letting devs do that on their own

A few thoughts:

• Add a CODEOWNERS file.

👍

Add a SECURITY policy file.

👍

Have you considered formatting with black?

We do it with ruff already 😉

The goal of this PR is to reduce the amount of efforts related to maintenance. This repository is very low in our pile of things we maintain, and removing manual work for releasing is a tiny improvement. I'm wondering whether we should add a warning/disclaimer about this best effort maintenance in an issue template or something....

[jenstroeger]

@leplatrem still seeing errors with CODEOWNERS file:

Unknown owner on line 1: make sure the team @Cornices/cornice exists, is publicly visible, and has write access to the repository
*        @Cornices/cornice