diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index add7e55..e2b8407 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"] + python-version: ["3.9", "3.10", "3.11", "3.12", "3.13"] steps: - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} @@ -20,19 +20,16 @@ jobs: with: python-version: ${{ matrix.python-version }} cache: pip - cache-dependency-path: setup.py + cache-dependency-path: pyproject.toml - name: Install dependencies run: | pip install '.[test]' - name: Run tests run: | - pytest - deploy: + python -m pytest + build: runs-on: ubuntu-latest needs: [test] - environment: release - permissions: - id-token: write steps: - uses: actions/checkout@v4 - name: Set up Python @@ -40,13 +37,31 @@ jobs: with: python-version: "3.12" cache: pip - cache-dependency-path: setup.py + cache-dependency-path: pyproject.toml - name: Install dependencies run: | pip install setuptools wheel build - name: Build run: | python -m build - - name: Publish + - name: Store the distribution packages + uses: actions/upload-artifact@v4 + with: + name: python-packages + path: dist/ + publish: + name: Publish to PyPI + runs-on: ubuntu-latest + if: startsWith(github.ref, 'refs/tags/') + needs: [build] + environment: release + permissions: + id-token: write + steps: + - name: Download distribution packages + uses: actions/download-artifact@v4 + with: + name: python-packages + path: dist/ + - name: Publish to PyPI uses: pypa/gh-action-pypi-publish@release/v1 - diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0cd281b..fcc5993 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"] + python-version: ["3.9", "3.10", "3.11", "3.12", "3.13"] steps: - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} @@ -18,7 +18,7 @@ jobs: with: python-version: ${{ matrix.python-version }} cache: pip - cache-dependency-path: setup.py + cache-dependency-path: pyproject.toml - name: Install dependencies run: | pip install '.[test]' @@ -30,4 +30,13 @@ jobs: if: always() env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - \ No newline at end of file + - name: Build package to upload as artifact + run: | + pip install setuptools wheel build + python -m build + - name: Store the distribution packages + if: matrix.python-version == '3.12' + uses: actions/upload-artifact@v4 + with: + name: python-packages + path: dist/ diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..0cbfbfa --- /dev/null +++ b/.gitignore @@ -0,0 +1,11 @@ +.venv +__pycache__/ +*.py[cod] +*$py.class +venv +.eggs +.pytest_cache +*.egg-info +.DS_Store +dist +build diff --git a/pyproject.toml b/pyproject.toml new file mode 100644 index 0000000..c7fac5f --- /dev/null +++ b/pyproject.toml @@ -0,0 +1,36 @@ +[project] +name = "asgi-csrf" +version = "0.1" +description = "ASGI middleware for protecting against CSRF attacks" +readme = "README.md" +requires-python = ">=3.9" +authors = [{name = "Simon Willison"}] +license = {text = "Apache-2.0"} +classifiers = [ + "License :: OSI Approved :: Apache Software License" +] +dependencies = [ + "itsdangerous", + "python-multipart" +] + +[build-system] +requires = ["setuptools"] +build-backend = "setuptools.build_meta" + +[project.urls] +Homepage = "https://github.com/simonw/asgi-csrf" +Changelog = "https://github.com/simonw/asgi-csrf/releases" +Issues = "https://github.com/simonw/asgi-csrf/issues" +CI = "https://github.com/simonw/asgi-csrf/actions" + + +[project.optional-dependencies] +test = [ + "pytest", + "pytest-asyncio", + "httpx>=0.16", + "starlette", + "pytest-cov", + "asgi-lifespan", +] diff --git a/setup.py b/setup.py deleted file mode 100644 index 32a43b3..0000000 --- a/setup.py +++ /dev/null @@ -1,36 +0,0 @@ -from setuptools import setup -import os - -VERSION = "0.10" - - -def get_long_description(): - with open( - os.path.join(os.path.dirname(os.path.abspath(__file__)), "README.md"), - encoding="utf8", - ) as fp: - return fp.read() - - -setup( - name="asgi-csrf", - description="ASGI middleware for protecting against CSRF attacks", - long_description=get_long_description(), - long_description_content_type="text/markdown", - author="Simon Willison", - url="https://github.com/simonw/asgi-csrf", - license="Apache License, Version 2.0", - version=VERSION, - py_modules=["asgi_csrf"], - install_requires=["itsdangerous", "python-multipart"], - extras_require={ - "test": [ - "pytest", - "pytest-asyncio", - "httpx>=0.16", - "starlette", - "pytest-cov", - "asgi-lifespan", - ] - }, -) diff --git a/test_asgi_csrf.py b/tests/test_asgi_csrf.py similarity index 100% rename from test_asgi_csrf.py rename to tests/test_asgi_csrf.py