Lots of version bumps

* Add support for python 3.12;
* This necessitated some library updates, so update basically everything
  to the extent that python versions 3.8-3.12 remain supported;
* Add python 3.12 to GitHub workflows;
* Adjust `shutil.rmtree()` calls; in python 3.12, the `onerror` argument
  becomes changes type and becomes deprecated -- luckily, we don't use
  it, so it's easy to paper over;
* Minor formatting changes to placate the latest version of black;
* Add some test annotations to `test_util.py` because pylint now is
  smart enough to think some code is unreachable (although it is because
  of the testing context).

This should be enough to silence all of the outstanding dependabot PRs.

.github/workflows/ci.yml

@@ -22,7 +22,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [ubuntu-latest, windows-latest, macos-latest]
-        python-version: [3.8, 3.9, "3.10", 3.11]
+        python-version: [3.8, 3.9, "3.10", 3.11, 3.12]
         include:
           - os: ubuntu-latest
             path: ~/.cache/pypoetry
@@ -86,7 +86,7 @@ jobs:
     - name: Set up Python
       uses: actions/setup-python@db9987b4c1f10f0404fa60ee629f675fafbd6763
       with:
-        python-version: 3.11
+        python-version: 3.12
     - name: Install dependencies
       run: |
         pip install -U pip

.github/workflows/publish.yml

@@ -9,10 +9,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222
-    - name: Set up Python 3.8
+    - name: Set up Python 3.12
       uses: actions/setup-python@db9987b4c1f10f0404fa60ee629f675fafbd6763
       with:
-        python-version: 3.8
+        python-version: 3.12
     - name: Install dependencies
       run:  |
         pip install --upgrade pip

CHANGELOG.md

@@ -1,3 +1,9 @@
+v5.0.1 - July XX 2024
+---------------------
+
+* [#537](https://github.com/godaddy/tartufo/pull/537) - Add support for python
+  3.12, and update dependencies to latest versions.
+
 v5.0.0 - March 14 2024
 ----------------------
 

pyproject.toml

@@ -16,6 +16,7 @@ classifiers = [
   "Programming Language :: Python :: 3.9",
   "Programming Language :: Python :: 3.10",
   "Programming Language :: Python :: 3.11",
+  "Programming Language :: Python :: 3.12",
   "Programming Language :: Python :: Implementation :: CPython",
   "Programming Language :: Python :: Implementation :: PyPy",
   "Topic :: Security",
@@ -37,34 +38,34 @@ version = "5.0.0"
 tartufo = "tartufo.cli:main"
 
 [tool.poetry.dependencies]
-GitPython = "^3.1.30"
+GitPython = "^3.1.43"
 pygit2 = "^1.11.0"
-click = "^8.1.0"
+click = "^8.1.7"
 colorama = {version = "*", markers = "sys_platform == 'win32'"}
-python = "^3.8"
-tomlkit = "^0.11.4"
+python = ">=3.8, <3.13"
+tomlkit = "^0.13.0"
 cached-property = "^1.5.2"
 
 [tool.poetry.group.dev.dependencies]
-black = "^23.0.0"
+black = "^24.4.2"
 coverage = {version = "^7.2.2", extras = ["toml"]}
-mypy = "^1.1.1"
+mypy = "^1.11.0"
 pre-commit = "*"
-pylint = "^2.17.1"
-pytest = "^7.0.0"
-pytest-cov = "^4.0.0"
-pytest-sugar = "^0.9.4"
-tox = "^4.4.7"
-vulture = "^2.3"
-types-requests = "^2.25.2"
-types-click = "^7.1.2"
+pylint = "^3.2.6"
+pytest = "^8.3.2"
+pytest-cov = "^5.0.0"
+pytest-sugar = "^1.0.0"
+tox = "^4.16.0"
+vulture = "^2.11"
+types-requests = "^2.32.0.20240712"
+types-click = "^7.1.8"
 cached-property = "^1.5.2"
 
 [tool.poetry.group.docs]
 optional = true
 
 [tool.poetry.group.docs.dependencies]
-recommonmark = "^0.7"
+recommonmark = "^0.7.1"
 sphinx = "^5.0.0"
 sphinx-autodoc-typehints = "^1.12.0"
 sphinx-click = "^4.0.0"
@@ -157,13 +158,13 @@ exclude = '''
     | dist
 )/
 '''
-target-version = ['py36', 'py37', 'py38']
+target-version = ['py38', 'py39', 'py310', 'py311', 'py312']
 
 [tool.pytest]
 # Not yet supported, see https://github.com/pytest-dev/pytest/issues/1556
 
 [tool.mypy]
-python_version = "3.11"
+python_version = "3.12"
 ignore_missing_imports = true
 
 [tool.pylint.'MESSAGES CONTROL']

tartufo/commands/scan_remote_repo.py

@@ -90,5 +90,6 @@ def main(
         util.fail(str(exc), ctx)
     finally:
         if repo_path and repo_path.exists():
+            # pylint: disable=deprecated-argument
             rmtree(str(repo_path), onerror=util.del_rw)
     return scanner  # type: ignore

tartufo/config.py

@@ -185,7 +185,8 @@ def configure_regexes(
                 rules.update(load_rules_from_file(rules_file))
     finally:
         if cloned_repo:
-            shutil.rmtree(repo_path, onerror=util.del_rw)  # type: ignore
+            # pylint: disable=deprecated-argument
+            shutil.rmtree(str(repo_path), onerror=util.del_rw)
 
     return rules
 
@@ -208,9 +209,9 @@ def load_rules_from_file(rules_file: TextIO) -> Set[Rule]:
             rule = Rule(
                 name=rule_name,
                 pattern=re.compile(rule_definition["pattern"]),
-                path_pattern=re.compile(path_pattern)
-                if path_pattern
-                else EMPTY_PATTERN,
+                path_pattern=(
+                    re.compile(path_pattern) if path_pattern else EMPTY_PATTERN
+                ),
                 re_match_type=MatchType.Match,
                 re_match_scope=None,
             )

tartufo/util.py

@@ -17,11 +17,11 @@
     Dict,
     Generator,
     List,
-    Optional,
     NoReturn,
+    Optional,
+    Pattern,
     Tuple,
     TYPE_CHECKING,
-    Pattern,
 )
 
 import click
@@ -43,14 +43,15 @@
 style_warning: Callable = click.style
 
 
-def del_rw(_func: Callable, name: str, _exc: Exception) -> None:
+def del_rw(_func: Callable, name: str, _exc: Any) -> None:
     """Attempt to grant permission to and force deletion of a file.
 
     This is used as an error handler for `shutil.rmtree`.
 
     :param _func: The original calling function
     :param name: The name of the file to try removing
-    :param _exc: The exception raised originally when the file was removed
+    :param _exc: The exception raised originally when the file was removed; this
+    changed to a tuple in Python 3.12, but we don't use it and don't care
     """
     os.chmod(name, stat.S_IWRITE)
     os.remove(name)

tests/test_util.py

@@ -668,13 +668,13 @@ class GeneralUtilTests(unittest.TestCase):
     def test_fail_exits_with_exit_code(self):
         mock_context = mock.MagicMock()
         util.fail("Foo!", mock_context, 42)
-        mock_context.exit.assert_called_once_with(42)
+        mock_context.exit.assert_called_once_with(42)  # pylint: disable=unreachable
 
     @mock.patch("tartufo.util.style_error")
     @mock.patch("tartufo.util.click")
     def test_fail_echos_styled_error_message(self, mock_click, mock_style):
         util.fail("Foo!", mock.MagicMock(), 42)
-        mock_style.assert_called_once_with("Foo!")
+        mock_style.assert_called_once_with("Foo!")  # pylint: disable=unreachable
         mock_click.echo.assert_called_once_with(mock_style.return_value, err=True)
 
     @mock.patch("tartufo.util.sys.stdout")

tox.ini

@@ -2,7 +2,7 @@
 minversion = 3.8.0
 toxworkdir = {env:TOX_WORK_DIR:.tox}
 skip_missing_interpreters = True
-envlist = py{38,39,py3,310,311},black,mypy,pylint,vulture,docs
+envlist = py{38,39,pypy3,310,311,312},black,mypy,pylint,vulture,docs
 parallel_show_output = True
 isolated_build = True
 
@@ -12,6 +12,7 @@ python =
     3.9: py39
     3.10: py310
     3.11: py311
+    3.12: py312
     pypy3: pypy3
 
 [testenv]
@@ -28,25 +29,25 @@ commands =
     poetry run pytest {posargs}
 
 [testenv:black]
-basepython = python3.11
+basepython = python3.12
 commands =
     poetry install --no-root -v
     poetry run black --check .
 
 [testenv:mypy]
-basepython = python3.11
+basepython = python3.12
 commands =
     poetry install --no-root -v
     poetry run mypy .
 
 [testenv:pylint]
-basepython = python3.11
+basepython = python3.12
 commands =
     poetry install --no-root -v
     poetry run pylint scripts/ tartufo/ tests/
 
 [testenv:vulture]
-basepython = python3.11
+basepython = python3.12
 commands =
     poetry install --no-root -v
     poetry run vulture --min-confidence 70 \
@@ -55,7 +56,7 @@ commands =
     vulture_whitelist.py
 
 [testenv:docs]
-basepython = python3.11
+basepython = python3.12
 commands =
     poetry install --no-root --with docs -v
     poetry run make -C docs clean html spelling