diff --git a/.github/workflows/auto-accept-ci-changes.yml b/.github/workflows/auto-accept-ci-changes.yml index 51b13b35..06daffc3 100644 --- a/.github/workflows/auto-accept-ci-changes.yml +++ b/.github/workflows/auto-accept-ci-changes.yml @@ -23,14 +23,14 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: audit - name: Fetch Dependabot metadata id: dependabot-metadata - uses: dependabot/fetch-metadata@21025c705c08248db411dc16f3619e6b5f9ea21a # v2.5.0 + uses: dependabot/fetch-metadata@25dd0e34f4fe68f24cc83900b1fe3fe149efef98 # v3.1.0 with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -45,7 +45,7 @@ jobs: - name: Checkout Repository if: steps.skip-condition.outputs.skip != 'true' - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ secrets.GITHUB_TOKEN }} persist-credentials: false diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml index 8b250dad..1ffb6bcd 100644 --- a/.github/workflows/bump-version.yml +++ b/.github/workflows/bump-version.yml @@ -54,7 +54,7 @@ jobs: python-version: [ "3.13" ] steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -64,13 +64,13 @@ jobs: pypi.org:443 - name: Checkout Repository (no persist-credentials) - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false fetch-depth: 0 - name: Set up Python3 - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ matrix.python-version }} @@ -96,7 +96,7 @@ jobs: echo "new_version=$(bump-my-version show current_version)" - name: Push Changes - uses: ad-m/github-push-action@77c5b412c50b723d2a4fbc6d71fb5723bcd439aa # v1.0.0 + uses: ad-m/github-push-action@881a6320fdb16eb5318c5054f31c218aec2b324c # v1.3.0 with: force: false github_token: ${{ secrets.BUMP_VERSION_TOKEN }} diff --git a/.github/workflows/cache-cleaner.yml b/.github/workflows/cache-cleaner.yml index 5761fe95..d1327154 100644 --- a/.github/workflows/cache-cleaner.yml +++ b/.github/workflows/cache-cleaner.yml @@ -16,7 +16,7 @@ jobs: actions: write steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -27,7 +27,7 @@ jobs: release-assets.githubusercontent.com:443 - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d9683938..b59447c3 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -53,19 +53,19 @@ jobs: # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: audit - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.29.5 + uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v3.29.5 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -94,6 +94,6 @@ jobs: exit 1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.29.5 + uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v3.29.5 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 8dbb64f0..5ef7d2ab 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -28,9 +28,9 @@ jobs: github.com:443 - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Dependency Review - uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0 + uses: actions/dependency-review-action@a1d282b36b6f3519aa1f3fc636f609c47dddb294 # v5.0.0 diff --git a/.github/workflows/first-pull-request.yml b/.github/workflows/first-pull-request.yml index 6b71e8bf..1183bc44 100644 --- a/.github/workflows/first-pull-request.yml +++ b/.github/workflows/first-pull-request.yml @@ -16,7 +16,7 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -24,7 +24,7 @@ jobs: api.github.com:443 - name: Verify Pull Request Opener - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | // Get a list of all issues created by the PR opener diff --git a/.github/workflows/label.yml b/.github/workflows/label.yml index 05b3331c..7f3cbd85 100644 --- a/.github/workflows/label.yml +++ b/.github/workflows/label.yml @@ -23,7 +23,7 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -31,6 +31,6 @@ jobs: api.github.com:443 - name: Label Pull Request - uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v6.0.1 + uses: actions/labeler@f27b608878404679385c85cfa523b85ccb86e213 # v6.1.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 67e535b3..94cfdf6e 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -25,7 +25,7 @@ jobs: python-version: [ "3.14" ] steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -34,11 +34,11 @@ jobs: github.com:443 pypi.org:443 - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Set up Python${{ matrix.python-version }} - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ matrix.python-version }} cache: pip @@ -46,7 +46,7 @@ jobs: run: | python -m pip install --require-hashes -r CI/requirements_ci.txt - name: Environment Caching - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.1.0 with: path: | .tox @@ -70,16 +70,16 @@ jobs: raven-hydro-upstream-branch: "main" steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: false egress-policy: audit - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Set up Python${{ matrix.python-version }} - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ matrix.python-version }} cache: pip @@ -107,7 +107,7 @@ jobs: - name: Environment caching (macOS) if: matrix.os == 'macos-latest' - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.1.0 with: path: | .tox @@ -115,7 +115,7 @@ jobs: key: ${{ hashFiles('src/ravenpy/testing/registry.txt') }}-${{ env.RAVEN_TESTDATA_BRANCH }}-${{ matrix.os }} - name: Environment caching (Ubuntu) if: matrix.os == 'ubuntu-latest' - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.1.0 with: path: | .tox @@ -129,6 +129,11 @@ jobs: TOX_GH_MAJOR_MINOR: ${{ matrix.python-version }} RAVEN_HYDRO_UPSTREAM_BRANCH: ${{ matrix.raven-hydro-upstream-branch }} + - name: Trust Coveralls Homebrew tap # Homebrew v6.0 requirement; Remove when coverallsapp/github-action >2.3.7 + if: matrix.os == 'macos-latest' + run: | + brew trust coverallsapp/coveralls + - name: Report Coverage uses: coverallsapp/github-action@5cbfd81b66ca5d10c19b062c04de0199c215fb6e # v2.3.7 with: @@ -150,12 +155,12 @@ jobs: shell: bash -l {0} steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: audit - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Patch Environment File @@ -163,7 +168,7 @@ jobs: run: | sed -i 's/climpred >=2.4.0/xesmf/' environment.yml - name: Setup Conda (Micromamba) with Python${{ matrix.python-version }} - uses: mamba-org/setup-micromamba@add3a49764cedee8ee24e82dfde87f5bc2914462 # v2.0.7 + uses: mamba-org/setup-micromamba@d7c9bd84e824b79d2af72a2d4196c7f4300d3476 # v3.0.0 with: cache-downloads: true cache-environment: true @@ -171,6 +176,7 @@ jobs: environment-file: environment-dev.yml create-args: >- python=${{ matrix.python-version }} + - name: Install RavenPy run: | python -m pip install -e ".[dev,gis]" @@ -180,14 +186,14 @@ jobs: python -m pip check || true - name: Cache test data (macOS) if: matrix.os == 'macos-latest' - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.1.0 with: path: | ~/Library/Caches/raven-testdata key: ${{ hashFiles('src/ravenpy/testing/registry.txt') }}-${{ env.RAVEN_TESTDATA_BRANCH }}-conda-${{ matrix.os }} - name: Cache test data (Ubuntu) if: matrix.os == 'ubuntu-latest' - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.1.0 with: path: | ~/.cache/raven-testdata @@ -200,6 +206,12 @@ jobs: - name: Test RavenPy run: | python -m pytest --numprocesses=logical --cov=src/ravenpy --cov-report=lcov + + - name: Trust Coveralls Homebrew tap # Homebrew v6.0 requirement; Remove when coverallsapp/github-action >2.3.7 + if: matrix.os == 'macos-latest' + run: | + brew trust coverallsapp/coveralls + - name: Report Coverage uses: coverallsapp/github-action@5cbfd81b66ca5d10c19b062c04de0199c215fb6e # v2.3.7 with: @@ -214,7 +226,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/notebooks.yml b/.github/workflows/notebooks.yml index 3413d745..7d3647b1 100644 --- a/.github/workflows/notebooks.yml +++ b/.github/workflows/notebooks.yml @@ -32,18 +32,18 @@ jobs: shell: bash -l {0} steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: audit - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Setup Conda (Micromamba) with Python${{ matrix.python-version }} - uses: mamba-org/setup-micromamba@add3a49764cedee8ee24e82dfde87f5bc2914462 # v2.0.7 + uses: mamba-org/setup-micromamba@d7c9bd84e824b79d2af72a2d4196c7f4300d3476 # v3.0.0 with: cache-downloads: true cache-environment: true @@ -63,14 +63,14 @@ jobs: - name: Cache test data (macOS) if: matrix.os == 'macos-latest' - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.1.0 with: path: | ~/Library/Caches/raven-testdata key: ${{ hashFiles('src/ravenpy/testing/registry.txt') }}-${{ env.RAVEN_TESTDATA_BRANCH }}-conda-${{ matrix.os }} - name: Cache test data (Ubuntu) if: matrix.os == 'ubuntu-latest' - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.1.0 with: path: | ~/.cache/raven-testdata diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml index ee74e8c7..5d569099 100644 --- a/.github/workflows/publish-pypi.yml +++ b/.github/workflows/publish-pypi.yml @@ -21,7 +21,7 @@ jobs: python-version: [ "3.13" ] steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -34,12 +34,12 @@ jobs: upload.pypi.org:443 - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Set up Python${{ matrix.python-version }} - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ matrix.python-version }} @@ -52,4 +52,4 @@ jobs: python -m flit build - name: Publish distribution 📦 to PyPI - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 4f0103e8..878267b8 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: id-token: write steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -51,7 +51,7 @@ jobs: www.bestpractices.dev:443 - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -76,7 +76,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: Upload Artifact - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: SARIF file path: results.sarif @@ -84,6 +84,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # 3.29.5 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # 3.29.5 with: sarif_file: results.sarif diff --git a/.github/workflows/tag-testpypi.yml b/.github/workflows/tag-testpypi.yml index 4125bebf..86f21db1 100644 --- a/.github/workflows/tag-testpypi.yml +++ b/.github/workflows/tag-testpypi.yml @@ -17,12 +17,12 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -48,7 +48,7 @@ jobs: python-version: [ "3.13" ] steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -61,12 +61,12 @@ jobs: test.pypi.org:443 - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Set up Python${{ matrix.python-version }} - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ matrix.python-version }} @@ -79,7 +79,7 @@ jobs: python -m flit build - name: Publish distribution 📦 to Test PyPI - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0 with: repository-url: https://test.pypi.org/legacy/ skip-existing: true diff --git a/.github/workflows/testdata-version.yml b/.github/workflows/testdata-version.yml index 28cfc13c..c934b4fd 100644 --- a/.github/workflows/testdata-version.yml +++ b/.github/workflows/testdata-version.yml @@ -23,7 +23,7 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -31,7 +31,7 @@ jobs: api.github.com:443 github.com:443 - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Find raven-testdata Tag and CI Testing Branch @@ -60,7 +60,7 @@ jobs: body-includes: It appears that this Pull Request modifies the `main.yml` workflow. - name: Compare Versions if: ${{( env.RAVEN_TESTDATA_TAG != env.RAVEN_TESTDATA_BRANCH )}} - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | core.setFailed('Configured `raven-testdata` tag is not `latest`.') diff --git a/.github/workflows/workflow-warning.yml b/.github/workflows/workflow-warning.yml index 685a91d7..c4a372d1 100644 --- a/.github/workflows/workflow-warning.yml +++ b/.github/workflows/workflow-warning.yml @@ -25,7 +25,7 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block diff --git a/src/ravenpy/config/commands.py b/src/ravenpy/config/commands.py index 61afde31..7ed3ea0d 100644 --- a/src/ravenpy/config/commands.py +++ b/src/ravenpy/config/commands.py @@ -881,7 +881,7 @@ def from_nc(cls, fn, data_type, station_idx=None, alt_names=(), engine="h5netcdf @property def da(self) -> xr.DataArray: - """Return DataArray from configuration.""" + """Create a DataArray from configuration.""" # TODO: Apply linear transform and time shift da = xr.open_dataset(self.file_name_nc)[self.var_name_nc] if len(self.dim_names_nc) == 1: @@ -1101,7 +1101,7 @@ def from_nc( @property def ds(self) -> xr.Dataset: - """Return xarray Dataset with forcing variables keyed by Raven forcing names.""" + """Create a Dataset with forcing variables keyed by Raven forcing names.""" ds = {} for data in self.data: ds[data.data_type] = data.read_from_netcdf.da diff --git a/src/ravenpy/config/rvs.py b/src/ravenpy/config/rvs.py index 6f1befe6..5c2c6fbf 100644 --- a/src/ravenpy/config/rvs.py +++ b/src/ravenpy/config/rvs.py @@ -324,7 +324,7 @@ def _rv(self, rv: str): @property def is_symbolic(self): - """Return True if configuration contains symbolic expressions.""" + """If configuration contains symbolic expressions, returns True.""" if self.params is not None: p = {field.name: getattr(self.params, field.name) for field in fields(self.params)} return is_symbolic(p) diff --git a/src/ravenpy/ravenpy.py b/src/ravenpy/ravenpy.py index 84b319b8..0e88958f 100644 --- a/src/ravenpy/ravenpy.py +++ b/src/ravenpy/ravenpy.py @@ -91,7 +91,7 @@ def modelname(self) -> str: @property def output(self) -> "OutputReader": - """Return simulation output object.""" + """Simulation output object.""" return self._output def resume(self, timestamp: bool = True) -> Config: @@ -130,12 +130,12 @@ def __init__(self, run_name: Optional[str] = None, path: Optional[Union[str, Pat @property def files(self) -> dict: - """Return paths to output files.""" + """Report paths to output files.""" return self._files @property def solution(self) -> Optional[dict]: - """Return solution file content.""" + """Solution file content.""" solution = self.files.get("solution") if solution: return parsers.parse_solution(solution) @@ -143,7 +143,7 @@ def solution(self) -> Optional[dict]: @property def diagnostics(self) -> Optional[dict]: - """Return model diagnostics.""" + """Model diagnostics.""" diag = self.files.get("diagnostics") if diag: return parsers.parse_diagnostics(diag) @@ -151,7 +151,7 @@ def diagnostics(self) -> Optional[dict]: @property def hydrograph(self) -> xr.Dataset: - """Return the hydrograph.""" + """Generate the hydrograph.""" if self._nc_hydrograph is None: h = self.files.get("hydrograph") if h: @@ -161,7 +161,7 @@ def hydrograph(self) -> xr.Dataset: @property def storage(self) -> xr.Dataset: - """Return the storage variables.""" + """Storage variables.""" if self._nc_storage is None: s = self.files.get("storage") if s: diff --git a/src/ravenpy/utilities/analysis.py b/src/ravenpy/utilities/analysis.py index 59077a9f..5eee1447 100644 --- a/src/ravenpy/utilities/analysis.py +++ b/src/ravenpy/utilities/analysis.py @@ -15,9 +15,9 @@ from shapely.geometry import GeometryCollection, MultiPolygon, Polygon, shape UseExceptions() -except (ImportError, ModuleNotFoundError) as e: +except ModuleNotFoundError as err: msg = gis_import_error_message.format(Path(__file__).stem) - raise ImportError(msg) from e + raise ModuleNotFoundError(msg) from err from ravenpy.utilities.geo import generic_raster_clip diff --git a/src/ravenpy/utilities/geo.py b/src/ravenpy/utilities/geo.py index cd5b7dd1..8ab2136f 100644 --- a/src/ravenpy/utilities/geo.py +++ b/src/ravenpy/utilities/geo.py @@ -27,9 +27,9 @@ shape, ) from shapely.ops import transform -except (ImportError, ModuleNotFoundError) as e: +except ModuleNotFoundError as err: msg = gis_import_error_message.format(Path(__file__).stem) - raise ImportError(msg) from e + raise ModuleNotFoundError(msg) from err RASTERIO_TIFF_COMPRESSION = "lzw" LOGGER = logging.getLogger("RavenPy") diff --git a/src/ravenpy/utilities/nb_graphs.py b/src/ravenpy/utilities/nb_graphs.py index a478fc20..bd7cd5ca 100644 --- a/src/ravenpy/utilities/nb_graphs.py +++ b/src/ravenpy/utilities/nb_graphs.py @@ -16,8 +16,8 @@ import holoviews as hv import hvplot.xarray # noqa: F401 -except (ImportError, ModuleNotFoundError) as e: - raise ImportError("Install holoviews and hvplot.") from e +except ModuleNotFoundError as err: + raise ModuleNotFoundError("Install holoviews and hvplot.") from err hv.extension("bokeh")