shadowfacts/fonttools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,125 Commits 1 Branch 0 Tags
Commit Graph

87 Commits

Author SHA1 Message Date
خالد حسني (Khaled Hosny)
0a78c67f31
Merge pull request #3136 from fonttools/dependabot/github_actions/actions/download-artifact-3 
Bump actions/download-artifact from 2 to 3
 2023-05-30 03:04:23 +03:00
dependabot[bot]
6ba2b9832e
Bump docker/setup-qemu-action from 1.2.0 to 2.1.0 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 1.2.0 to 2.1.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1.2.0...v2.1.0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-29 19:58:50 +00:00
dependabot[bot]
0a2a94cfa8
Bump pypa/gh-action-pypi-publish from 1.4.2 to 1.8.6 
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.4.2 to 1.8.6.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/v1.4.2...v1.8.6)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-29 19:58:45 +00:00
dependabot[bot]
f5f488045a
Bump actions/download-artifact from 2 to 3 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-29 19:58:40 +00:00
dependabot[bot]
7c4cb86a3b
Bump actions/upload-artifact from 2 to 3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-29 19:58:35 +00:00
Cosimo Lupo
55003d8039
wheels.yml: test fonttools core lib without extras when building wheels 
we already run full tests suite at each push anyway. There are too many issues installing things like lxml or scipy on so many pythons/platforms/architectures, not worth the hassle
 2023-05-24 18:32:12 +01:00
Cosimo Lupo
9334a9117b
wheels.yml: must tell tox where tox.ini is 
because cibuildwheel insists on running the test command from a temp folder
 2023-05-24 17:55:23 +01:00
Cosimo Lupo
f2bd7f7cef
wheels.yml: must redefine tox_env in matrix include items 2023-05-24 16:49:09 +01:00
Cosimo Lupo
31cb8c0a96
define 'noextra' tox env, fold 'nolxml' into that one 
and keep all pinned test dependencies inside a single requirements.txt, previously lxml was defined only inside tox.ini
 2023-05-24 16:30:57 +01:00
Cosimo Lupo
dab38d575f
call cibuildwheel on the current directory since we no longer run on distinct submodule directory 2023-05-24 13:51:43 +01:00
Cosimo Lupo
5260d68338
Add workflow config file for building native binary wheels 
copied from https://github.com/fonttools/fonttools-wheels/blob/main/.github/workflows/ci.yml

Part of https://github.com/fonttools/fonttools/issues/3116
 2023-05-24 13:44:57 +01:00
Cosimo Lupo
7d7b38b769
[ci] set codecov's fail_ci_if_error: false; it's too flaky! 2023-03-16 12:51:09 +00:00
Cosimo Lupo
7f4fe17e5b
Drop Python3.7, require 3.8+ 
Revert "Revert "Merge pull request #2879 from fonttools/drop-py37""

This reverts commit f21e6768a7e970e3ec0f3c4b818f47f8dfd1c92b.

Which in turn, reverted https://github.com/fonttools/fonttools/pull/2879
 2023-02-02 15:34:11 +00:00
Nikolaus Waxweiler
698d8fb387 Add black to lint job 
And rename tox' "mypy" env to "lint".
 2022-12-13 11:26:00 +00:00
Cosimo Lupo
cf28372e2d
cerry-pick packaging & ci changes from reverted PR #2879 2022-11-14 13:48:39 +00:00
Cosimo Lupo
f21e6768a7
Revert "Merge pull request #2879 from fonttools/drop-py37" 
This reverts commit 66a3ec90713375aec5a95d1698ef1521fd432918, reversing
changes made to 82b90236f839fc9fc8e694ddcdee0ad1604d30ec.

A major user of fontTools, RoboFont, will need a bit more time to wean itself from Python 3.7.
We can delay this change by a few more months to give them time to upgrade.
 2022-11-14 13:39:18 +00:00
Cosimo Lupo
34dad6dc2e
CI: run tox in verbose mode to debug package installation 2022-11-03 12:11:30 +00:00
Cosimo Lupo
99dabeae32
test on 3.10 until lxml provides wheels for windows 3.11 
looks like neither lxml 4.9.0 nor 4.9.1 provide precompiled wheels for Windows CPython 3.11 so for now continue to run tests on 3.10 until that's the case
 2022-11-03 11:37:59 +00:00
Cosimo Lupo
81efdb8b6c
CI: test on 3.8 and 3.11, no longer 3.7 2022-11-03 11:22:30 +00:00
Cosimo Lupo
e8efe9817e
Explicitly add codecov token to action, see codecov/codecov-action#557 
Fixes #2763
 2022-09-20 10:33:50 +01:00
Cosimo Lupo
b3a5b1b8ad
Merge pull request #2683 from fonttools/dependabot/github_actions/actions/setup-python-4 
build(deps): bump actions/setup-python from 3 to 4
 2022-07-06 11:17:26 +01:00
dependabot[bot]
ef82649c2d
build(deps): bump actions/setup-python from 3 to 4 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-06 09:58:50 +00:00
dependabot[bot]
5e7ce0a725
build(deps): bump codecov/codecov-action from 2 to 3 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 2 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-06 09:58:48 +00:00
Cosimo Lupo
47206d445d
Merge pull request #2669 from turrisxyz/Dependabot-GitHub-Actions 
chore: Included githubactions in the dependabot config
 2022-07-06 10:58:27 +01:00
naveen
19f5965aa0 chore: Included githubactions in the dependabot config 
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-06-24 01:30:17 +00:00
nathannaveen
83f69028a3 chore: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
 2022-06-23 00:58:26 +00:00
Nikolaus Waxweiler
2ff36bcef8 Test Cython on Python 3.10 2022-04-26 11:19:28 +01:00
Nikolaus Waxweiler
82319c31fa Test on 3.7 and 3.10 only 2022-04-26 11:16:58 +01:00
Nikolaus Waxweiler
40015efe60 Update GitHub Actions 2022-04-26 11:16:49 +01:00
Cosimo Lupo
c194a18be7 update codecov gh action to v2 
apparently v1 is deprecated now
https://github.com/codecov/codecov-action#%EF%B8%8F--deprecration-of-v1

hopefully fixes #2435
 2021-10-25 17:29:50 +02:00
Cosimo Lupo
91d7877420 ci: pin python to 3.9 for test-cython job 
at least until scipy is not available for 3.10, or else it fails with

https://github.com/fonttools/fonttools/runs/3997161938?check_suite_focus=true#step:5:23
 2021-10-25 16:33:44 +02:00
Cosimo Lupo
37b2687a9b test on latest pypy that supports python 3.7 2021-09-27 14:37:20 +02:00
Cosimo Lupo
64299aa4b1 drop Python 3.6, require >= 3.7 
3.10 is out next week, while 3.6 reaches end of life by the end of this year.
It's time to require 3.7 or greater, so we can finally use built-in dataclasses and more.

Fixes https://github.com/fonttools/fonttools/issues/2350
 2021-09-27 13:21:08 +02:00
Cosimo Lupo
b77d520b48
remame 'master' -> 'main' in worflows/test.yml 2021-02-18 15:39:52 +00:00
Cosimo Lupo
8f50e22278
test.workflow: respect 'skip ci' 2020-12-16 11:56:12 +00:00
Cosimo Lupo
4af216dde4
publish.yml: fix tag pattern 
we don't use the leading 'v' for fonttools tags
 2020-12-04 19:32:05 +00:00
Nikolaus Waxweiler
018a798fdd Add GitHub Actions integration 2020-11-20 10:06:27 +00:00