From f14d7cae286c646fa1b915e348380af5db36affb Mon Sep 17 00:00:00 2001 From: Marcelo Duarte Date: Tue, 27 Jan 2026 03:18:58 -0300 Subject: [PATCH] Upgrade CI and dev tools --- .github/workflows/build.yml | 8 ++++---- .github/workflows/ci.yml | 16 ++++++++++++---- .github/workflows/codeql.yml | 2 +- .github/workflows/coverage.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/scorecards.yml | 2 +- .pre-commit-config.yaml | 2 +- README.md | 2 +- pyproject.toml | 11 ++++++----- src/msilib/include/_msi.h | 9 ++++++++- 10 files changed, 36 insertions(+), 20 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 94cce33..845b1a5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -23,7 +23,7 @@ jobs: - name: Set up Python uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: - python-version: "3.13" + python-version: "3.14" - name: Extra includes id: includes @@ -77,16 +77,16 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: repository: marcelotduarte/python-msilib - name: Set up Python uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: - python-version: "3.13" + python-version: "3.14" - - uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6 + - uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0 with: enable-cache: true cache-dependency-glob: "pyproject.toml" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4b61a2d..e312d78 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -58,6 +58,12 @@ jobs: os: [windows] os-version: [latest, 11-arm] python-version: ["3.13", "3.13t", "3.14", "3.14t"] + exclude: # provisional + - os-version: 11-arm + python-version: "3.13t" + - os-version: 11-arm + python-version: "3.14t" + defaults: run: shell: bash @@ -70,7 +76,7 @@ jobs: egress-policy: audit - name: Fetch only the required files for testing - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: sparse-checkout: | pyproject.toml @@ -81,7 +87,7 @@ jobs: with: python-version: ${{ matrix.python-version }} - - uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6 + - uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0 with: activate-environment: true cache-dependency-glob: "pyproject.toml" @@ -124,7 +130,9 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: true - name: Download coverage data uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 @@ -134,7 +142,7 @@ jobs: - name: Coverage comment id: coverage_comment - uses: py-cov-action/python-coverage-comment-action@e623398c19eb3853a5572d4a516e10b15b5cefbc # v3.39 + uses: py-cov-action/python-coverage-comment-action@7188638f871f721a365d644f505d1ff3df20d683 # v3.40 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} MERGE_COVERAGE_FILES: true diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 5515a76..ad48427 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -46,7 +46,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 2d93d24..a3adfc3 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -34,7 +34,7 @@ jobs: egress-policy: audit - name: Post comment - uses: py-cov-action/python-coverage-comment-action@e623398c19eb3853a5572d4a516e10b15b5cefbc # v3.39 + uses: py-cov-action/python-coverage-comment-action@7188638f871f721a365d644f505d1ff3df20d683 # v3.40 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_PR_RUN_ID: ${{ github.event.workflow_run.id }} diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 1fd08c2..48b6a89 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -22,6 +22,6 @@ jobs: egress-policy: audit - name: Checkout Repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Dependency Review uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2 diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index dc2ff6f..0dcfcb9 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -41,7 +41,7 @@ jobs: egress-policy: audit - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 955837f..9998a4d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -3,7 +3,7 @@ ci: skip: [shellcheck] default_language_version: - python: python3.12 + python: python3.14 repos: - repo: https://github.com/pre-commit/pre-commit-hooks diff --git a/README.md b/README.md index 40684d8..b64f20b 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ Read and write Microsoft Installer files. This library is legacy code borrowed from Python 3.12, intended to allow -cx_Freeze's `bdist_msi` command to continue working in Python 3.13 and 3.14. +cx_Freeze's `bdist_msi` command to continue working in Python 3.13+. [![PyPI version](https://img.shields.io/pypi/v/python-msilib)](https://pypi.org/project/python-msilib/) [![PyPi Downloads](https://img.shields.io/pypi/dm/python-msilib)](https://pypistats.org/packages/python-msilib) diff --git a/pyproject.toml b/pyproject.toml index 379844b..ab8e9f3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -2,7 +2,7 @@ requires = [ # setuptools 77.0.3+ supports PEP 639 # setuptools 78.1.1 fix path traversal vulnerability - "setuptools>=78.1.1,<=80.9.0", + "setuptools>=78.1.1,<81", ] build-backend = "setuptools.build_meta" @@ -44,11 +44,11 @@ email = "loewis@users.noreply.github.com" [project.optional-dependencies] dev = [ "bump-my-version==1.2.6", - "cibuildwheel==3.3.0", + "cibuildwheel==3.3.1", "pre-commit==4.5.1", ] tests = [ - "coverage==7.13.1", + "coverage==7.13.2", "pytest==9.0.2", ] @@ -225,12 +225,13 @@ ignore = [ [tool.ruff.lint.per-file-ignores] "src/msilib/__init__.py" = [ - "S101", # Use of `assert` detected - "S608", "A002", + "A005", "ANN201", "ERA001", "PLW0603", # global + "S101", # Use of `assert` detected + "S608", ] "src/msilib/schema.py" = [ "E501", # Line too long diff --git a/src/msilib/include/_msi.h b/src/msilib/include/_msi.h index 0b6bdf7..a19052b 100644 --- a/src/msilib/include/_msi.h +++ b/src/msilib/include/_msi.h @@ -2,9 +2,16 @@ preserve [clinic start generated code]*/ -// Add _PyArg_NoPositional and _PyArg_BadArgument +// Add _PyArg_NoPositional and _PyArg_BadArgument (Python 3.13.0b2+) #define Py_BUILD_CORE +#if PY_VERSION_HEX >= 0x030D00B2 #include +#endif + +// Compatible _PyCFunction_CAST (Python 3.10) +#ifndef _PyCFunction_CAST +#define _PyCFunction_CAST(func) ((PyCFunctionObject*)func) +#endif #define _MSI_SENTINEL { NULL, NULL }