search

akaihola / darker

Apply black reformatting to Python files only in regions changed since a given commit. For a practical usage example, see the blog post at https://dev.to/akaihola/improving-python-code-incrementally-3f7a
https://pypi.org/project/darker/
Other
638 stars 55 forks source link

Add dependabot for dependency upgrades #763

Closed clintonsteiner closed 5 days ago

clintonsteiner commented 1 month ago
akaihola commented 1 month ago

Thanks @clintonsteiner!

So does dependabot work fine with packages which use setuptools and setup.cfg? I remember participating in the discussion of dependabot/dependabot-core#2133, but it might be that the issue concerns only the depenedency graph feature on GitHub.

clintonsteiner commented 1 month ago

https://github.com/clintonsteiner/darker/actions/runs/11605270324/job/32315372582 Testing in fork now appears to work, must enable in code security though image

clintonsteiner commented 4 weeks ago

I'd like to get rid of the constraints-oldest and move to pyproject.toml

I was unable to make dependabot acknowledge both files and seems a pain to manage both

akaihola commented 3 weeks ago

767

I'd like to get rid of the constraints-oldest and move to pyproject.toml

I was unable to make dependabot acknowledge both files and seems a pain to manage both

I noticed you closed #767 – did you find a work-around?

I wanted to move away from setup.cfg as well, and uv nowadays provides --resolution=lowest, equivalent to what I've used constraints-oldest.txt for.

But: Due to missing raw HTML support on PyPI, we still depend on setup.py to strip the contributor table from README.rst in the distribution packages. This is the only reason we're still using setup.py and setup.cfg. I've been looking into different ways of solving this (e.g. configuring PyPI or GitHub to use a different file for the project front page), but haven't found an elegant solution yet.