Merge pull request #210 from Ouranosinc/cookiecutter-update

Cookiecutter update, support Python3.12, drop Python3.8

.cruft.json

@@ -1,6 +1,6 @@
 {
   "template": "https://github.com/Ouranosinc/cookiecutter-pypackage",
-  "commit": "f391bbd6ee14ab2478c64a1f78b74bd9903cae81",
+  "commit": "5642574eb8ecd68019da5dfaeaa51c305a798825",
   "checkout": null,
   "context": {
     "cookiecutter": {
@@ -22,6 +22,26 @@
       "create_author_file": "y",
       "open_source_license": "Apache Software License 2.0",
       "generated_with_cruft": "y",
+      "__gh_slug": "https://github.com/Sarahclaude/figanos",
+      "__prompts__": {
+        "full_name": "Your full name",
+        "email": "Your email address",
+        "github_username": "Your GitHub username (or organization)",
+        "project_name": "The name of your project",
+        "project_short_description": "A short description of your project",
+        "pypi_username": "Your PyPI username (or organization)",
+        "version": "The version of your project",
+        "use_pytest": "Do you want to use pytest?",
+        "use_black": "Do you want to use Black for code formatting?",
+        "use_conda": "Do you want to add configurations for Anaconda package management?",
+        "add_pyup_badge": "Do you want to add a pyup.io badge? (not recommended)",
+        "make_docs": "Do you want to generate documentation files",
+        "add_translations": "Do you want to add translations?",
+        "command_line_interface": "Which command-line interface do you want to use?",
+        "create_author_file": "Do you want to create an AUTHORS.rst file?",
+        "open_source_license": "Which open-source license do you want to use?",
+        "generated_with_cruft": "Was this project generated with Cruft? (Add a '.cruft.json' file)"
+      },
       "_template": "https://github.com/Ouranosinc/cookiecutter-pypackage"
     }
   },

.github/PULL_REQUEST_TEMPLATE.md

@@ -5,7 +5,7 @@
   - This PR fixes #xyz
 - [ ] (If applicable) Documentation has been added / updated (for bug fixes / features).
 - [ ] (If applicable) Tests have been added.
-- [ ] CHANGES.rst has been updated (with summary of main changes).
+- [ ] CHANGELOG.rst has been updated (with summary of main changes).
   - [ ] Link to issue (:issue:`number`) and pull request (:pull:`number`) has been added.
 
 ### What kind of change does this PR introduce?

.github/dependabot.yml

@@ -3,13 +3,11 @@ updates:
   - package-ecosystem: github-actions
     directory: /
     schedule:
-      interval: daily
-      time: '12:00'
+      interval: monthly
     open-pull-requests-limit: 10
 
   - package-ecosystem: pip
     directory: /
     schedule:
-      interval: daily
-      time: '12:00'
+      interval: monthly
     open-pull-requests-limit: 10

.github/workflows/bump-version.yml

@@ -18,7 +18,7 @@ on:
       - .yamllint.yaml
       - .zenodo.json
       - AUTHORS.rst
-      - CHANGES.rst
+      - CHANGELOG.rst
       - CONTRIBUTING.rst
       - Makefile
       - .readthedocs.yml
@@ -51,10 +51,13 @@ jobs:
             files.pythonhosted.org:443
             github.com:443
             pypi.org:443
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
         with:
           persist-credentials: false
-      - uses: actions/[email protected]
+          fetch-depth: 0
+      - name: Set up Python3
+        uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
         with:
           python-version: "3.x"
       - name: Config Commit Bot
@@ -67,7 +70,7 @@ jobs:
       - name: Current Version
         run: |
           bump-my-version show current_version
-          CURRENT_VERSION="$(grep -E '__version__' figanos/__init__.py | cut -d ' ' -f3)"
+          CURRENT_VERSION="$(grep -E '__version__' src/figanos/__init__.py | cut -d ' ' -f3)"
           echo "CURRENT_VERSION=${CURRENT_VERSION}" >> $GITHUB_ENV
       - name: Conditional Bump Version
         run: |
@@ -80,7 +83,7 @@ jobs:
           fi
           bump-my-version show-bump
       - name: Push Changes
-        uses: ad-m/[email protected]
+        uses: ad-m/github-push-action@d91a481090679876dfc4178fef17f286781251df # v0.8.0
         with:
           force: false
           github_token: ${{ secrets.BUMP_VERSION_TOKEN }}

.github/workflows/cache-cleaner.yml

@@ -25,7 +25,8 @@ jobs:
             github.com:443
             objects.githubusercontent.com:443
 
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
 
       - name: Cleanup
         run: |

.github/workflows/dependency-review.yml

@@ -25,8 +25,8 @@ jobs:
             api.github.com:443
             github.com:443
 
-      - name: 'Checkout Repository'
+      - name: Checkout Repository
         uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
 
-      - name: 'Dependency Review'
-        uses: actions/dependency-review-action@0659a74c94536054bfa5aeb92241f70d680cc78e
+      - name: Dependency Review
+        uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2

.github/workflows/first-pull-request.yml

@@ -18,7 +18,8 @@ jobs:
           allowed-endpoints: >
             api.github.com:443
 
-      - uses: actions/[email protected]
+      - name: Verify Pull Request Opener
+        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         with:
           script: |
             // Get a list of all issues created by the PR opener

.github/workflows/label.yml

@@ -32,6 +32,7 @@ jobs:
           allowed-endpoints: >
             api.github.com:443
 
-      - uses: actions/[email protected]
+      - name: Label Pull Request
+        uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/main.yml

@@ -6,7 +6,7 @@ on:
       - main
     paths-ignore:
       - .cruft.json
-      - CHANGES.rst
+      - CHANGELOG.rst
       - README.rst
       - pyproject.toml
       - tests/test_figanos.py
@@ -34,9 +34,10 @@ jobs:
         uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
         with:
           egress-policy: audit
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
       - name: Set up Python${{ matrix.python-version }}
-        uses: actions/[email protected]
+        uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
         with:
           python-version: ${{ matrix.python-version }}
       - name: Install tox
@@ -53,24 +54,23 @@ jobs:
     strategy:
       matrix:
         include:
-          - tox-env: "py38-coveralls"
-            python-version: "3.8"
           - tox-env: "py39-coveralls"
             python-version: "3.9"
           - tox-env: "py310-coveralls"
             python-version: "3.10"
           - tox-env: "py311-coveralls"
             python-version: "3.11"
-#          - tox-env: "py312"
-#            python-version: "3.12"
+          - tox-env: "py312"
+            python-version: "3.12"
     steps:
       - name: Harden Runner
         uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
         with:
           egress-policy: audit
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
       - name: Set up Python${{ matrix.python-version }}
-        uses: actions/[email protected]
+        uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
         with:
           python-version: ${{ matrix.python-version }}
       - name: Install GDAL
@@ -91,6 +91,10 @@ jobs:
     name: Test with Python${{ matrix.python-version }} (Anaconda)
     needs: lint
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version:
+          - "3.12"
     defaults:
       run:
         shell: bash -l {0}
@@ -99,18 +103,18 @@ jobs:
         uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
         with:
           egress-policy: audit
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
       - name: Setup Conda (Micromamba) with Python${{ matrix.python-version }}
-        uses: mamba-org/[email protected]
+        uses: mamba-org/setup-micromamba@422500192359a097648154e8db4e39bdb6c6eed7 # v1.8.1
         with:
           cache-downloads: true
           environment-file: environment-dev.yml
           create-args: >-
-            mamba
-            python=3.11
-      - name: Conda and Mamba versions
+            python=${{ matrix.python-version }}
+      - name: Conda and Micromamba versions
         run: |
-          mamba --version
+          conda --version
           echo "micromamba $(micromamba --version)"
       - name: Install figanos
         run: |
@@ -127,7 +131,7 @@ jobs:
           python -m coveralls
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          COVERALLS_FLAG_NAME: run-py311-conda
+          COVERALLS_FLAG_NAME: run-conda-python${{ matrix.python-version }}
           COVERALLS_PARALLEL: true
           COVERALLS_SERVICE_NAME: github
 

.github/workflows/publish-pypi.yml

@@ -27,9 +27,10 @@ jobs:
             github.com:443
             pypi.org:443
             upload.pypi.org:443
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
       - name: Set up Python3
-        uses: actions/[email protected]
+        uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
         with:
           python-version: "3.x"
       - name: Install packaging libraries
@@ -39,4 +40,4 @@ jobs:
         run: |
           python -m flit build
       - name: Publish distribution 📦 to PyPI
-        uses: pypa/[email protected]
+        uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14

.github/workflows/scorecard.yml

@@ -36,20 +36,23 @@ jobs:
           allowed-endpoints: >
             api.github.com:443
             api.osv.dev:443
+            api.scorecard.dev:443
             api.securityscorecards.dev:443
             fulcio.sigstore.dev:443
             github.com:443
+            index.docker.io:443
             oss-fuzz-build-logs.storage.googleapis.com:443
             rekor.sigstore.dev:443
             tuf-repo-cdn.sigstore.dev:443
             www.bestpractices.dev:443
 
-      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
+      - name: Checkout Repository
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
         with:
           persist-credentials: false
 
       - name: Run analysis
-        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534
+        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
         with:
           results_file: results.sarif
           results_format: sarif
@@ -69,7 +72,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: Upload artifact
-        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: SARIF file
           path: results.sarif

.github/workflows/tag-testpypi.yml

@@ -26,10 +26,10 @@ jobs:
             github.com:443
             pypi.org:443
             test.pypi.org:443
-      - name: Checkout code
-        uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
       - name: Create Release
-        uses: softprops/action-gh-release@v2
+        uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # 2.0.5
         env:
           # This token is provided by Actions, you do not need to create your own token
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -51,9 +51,10 @@ jobs:
         uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
         with:
           egress-policy: audit
-      - uses: actions/[email protected]
+      - name: Checkout Repository
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
       - name: Set up Python3
-        uses: actions/[email protected]
+        uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
         with:
           python-version: "3.x"
       - name: Install packaging libraries
@@ -63,7 +64,7 @@ jobs:
         run: |
           python -m flit build
       - name: Publish distribution 📦 to Test PyPI
-        uses: pypa/[email protected]
+        uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14
         with:
           repository-url: https://test.pypi.org/legacy/
           skip-existing: true

.gitignore

@@ -75,6 +75,9 @@ target/
 # Jupyter Notebook
 .ipynb_checkpoints
 
+# Dask worker cache
+dask-worker-space/
+
 # pyenv
 .python-version
 

.readthedocs.yml

@@ -19,7 +19,7 @@ build:
     python: "mambaforge-22.9"
   jobs:
     pre_build:
-      - sphinx-apidoc -o docs/apidoc --private --module-first figanos
+      - sphinx-apidoc -o docs/apidoc --private --module-first src/figanos
       # - sphinx-build -M gettext docs docs/_build
 
 conda:

CHANGES.rst → CHANGELOG.rst

@@ -8,16 +8,32 @@ Contributors to this version: Trevor James Smith (:user:`Zeitsperre`), Marco Bra
 
 New features and enhancements
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+* `figanos` now supports Python 3.12. (:pull:`210`).
 * Use list or ndarray as levels for colorbar in gridmap and small bug fixes (:pull:`176`).
 * Added style sheet ``transparent.mplstyle`` (:issue:`183`, :pull:`185`)
-* Fix NaN issues, extreme values in sizes legend and added edgecolors in ``fg.matplotlib.scattermap``  (:pull:`184`).
+* Fix ``NaN`` issues, extreme values in sizes legend and added edgecolors in ``fg.matplotlib.scattermap``  (:pull:`184`).
+* New function ``fg.data`` for fetching package data and defined `matplotlib` style definitions. (:pull:`211`).
+
+Breaking changes
+^^^^^^^^^^^^^^^^
+* `figanos` no longer supports Python 3.8. (:pull:`210`).
+* `figanos` now uses a `'src' layout <https://packaging.python.org/en/latest/discussions/src-layout-vs-flat-layout>`_ for the package. (:pull:`210`).
+* `cartopy` has been pinned above v0.23.0 due to a licensing issue. (:pull:`210`).
+* `twine` and `wheel` have been removed from the `dev` requirements. (:pull:`210`).
 
 Internal changes
 ^^^^^^^^^^^^^^^^
 * Updated the `cookiecutter` template to the latest version. (:pull:`168`):
     * Addresses a handful of misconfigurations in the GitHub Workflows.
     * Updated `ruff` to v0.2.0 and `black` to v24.2.0.
 * Removed several unnecessary `noqa` comments from the codebase. (:pull:`168`).
+* Updated the `cookiecutter` template to the latest version. (:pull:`210`):
+    * GitHub Workflows have been updated to point to commits rather than tags.
+    * The `dependabot` configuration has been updated to run updates on a monthly schedule.
+    * Updated `ruff` to v0.3.0 and `black` to v24.4.2.
+    * `CHANGES.rst` has been renamed to `CHANGELOG.rst`.
+    * Maintainer-specific documentation has been added to new documentation page `releasing.rst`.
+* `figanos` now has a `CODE_OF_CONDUCT.rst` file adapting the Contributor Covenant v2.1 conventions. (:pull:`210`).
 
 0.3.0 (2024-02-16)
 ------------------