Apply latest meta/config templates (#155)

* - apply latest meta/config templates

* - use setuptools 73 and buildout 3.1

.github/workflows/pre-commit.yml

@@ -0,0 +1,33 @@
+# Generated from:
+# https://github.com/zopefoundation/meta/tree/master/config/c-code
+name: pre-commit
+
+on:
+ pull_request:
+ push:
+ branches:
+ - master
+ # Allow to run this workflow manually from the Actions tab
+ workflow_dispatch:
+
+env:
+ FORCE_COLOR: 1
+
+jobs:
+ pre-commit:
+ name: linting
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ - uses: actions/setup-python@v5
+ with:
+ python-version: 3.x
+ - uses: pre-commit/[email protected]
+ with:
+ extra_args: --all-files --show-diff-on-failure
+ env:
+ PRE_COMMIT_COLOR: always
+ - uses: pre-commit-ci/[email protected]
+ if: always()
+ with:
+ msg: Apply pre-commit code formatting

.github/workflows/tests.yml

@@ -9,7 +9,7 @@
 # Original comment follows.
 ###
 ###
-# This workflow will install Python dependencies, run tests and lint with a variety of Python versions
+# This workflow will install Python dependencies, run tests with a variety of Python versions
 # For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
 ###
 
@@ -81,7 +81,7 @@ jobs:
  # other people to test/debug), the strategy is to divide the process
  # into several different jobs. The first builds and saves the binary
  # wheels. It has dependent jobs that download and install the wheel
- # to run tests, build docs, and perform linting. Building the
+ # to run tests, and build docs. Building the
  # manylinux wheels is an independent set of jobs.
  #
  # This division is time-saving for projects that take awhile to
@@ -153,12 +153,12 @@ jobs:
  run: |
  pip install -U pip
  pip install -U --pre cffi
- pip install -U "setuptools<69" wheel twine
+ pip install -U "setuptools<74" wheel twine
  - name: Install Build Dependencies
  if: matrix.python-version != '3.13'
  run: |
  pip install -U pip
- pip install -U "setuptools<69" wheel twine
+ pip install -U "setuptools<74" wheel twine
  pip install cffi
 
  - name: Build AccessControl (macOS x86_64)
@@ -322,7 +322,7 @@ jobs:
  if: matrix.python-version == '3.13'
  run: |
  pip install -U --pre cffi
- pip install -U wheel "setuptools<69"
+ pip install -U wheel "setuptools<74"
  # coverage might have a wheel on PyPI for a future python version which is
  # not ABI compatible with the current one, so build it from sdist:
  pip install -U --no-binary :all: coverage
@@ -332,18 +332,18 @@ jobs:
  unzip -n dist/AccessControl-*whl -d src
  # Use "--pre" here because dependencies with support for this future
  # Python release may only be available as pre-releases
- pip install --pre -U -e .[test]
+ pip install --pre -e .[test]
  - name: Install AccessControl
  if: matrix.python-version != '3.13'
  run: |
- pip install -U wheel "setuptools<69"
+ pip install -U wheel "setuptools<74"
  pip install -U coverage
  pip install -U 'cffi; platform_python_implementation == "CPython"'
  # Unzip into src/ so that testrunner can find the .so files
  # when we ask it to load tests from that directory. This
  # might also save some build time?
  unzip -n dist/AccessControl-*whl -d src
- pip install -U -e .[test]
+ pip install -e .[test]
  - name: Run tests with C extensions
  if: ${{ !startsWith(matrix.python-version, 'pypy') }}
  run: |
@@ -374,80 +374,13 @@ jobs:
  with:
  parallel-finished: true
 
- lint:
- needs: build-package
- runs-on: ${{ matrix.os }}
- strategy:
- matrix:
- python-version: ["3.9"]
- os: [ubuntu-latest]
-
- steps:
- - name: checkout
- uses: actions/checkout@v4
- - name: Set up Python ${{ matrix.python-version }}
- uses: actions/setup-python@v5
- with:
- python-version: ${{ matrix.python-version }}
- allow-prereleases: true
- ###
- # Caching.
- # This actually *restores* a cache and schedules a cleanup action
- # to save the cache. So it must come before the thing we want to use
- # the cache.
- ###
- - name: Get pip cache dir (default)
- id: pip-cache-default
- if: ${{ !startsWith(runner.os, 'Windows') }}
- run: |
- echo "dir=$(pip cache dir)" >>$GITHUB_OUTPUT
-
- - name: Get pip cache dir (Windows)
- id: pip-cache-windows
- if: ${{ startsWith(runner.os, 'Windows') }}
- run: |
- echo "dir=$(pip cache dir)" >> $Env:GITHUB_OUTPUT
-
- - name: pip cache (default)
- uses: actions/cache@v4
- if: ${{ !startsWith(runner.os, 'Windows') }}
- with:
- path: ${{ steps.pip-cache-default.outputs.dir }}
- key: ${{ runner.os }}-pip-${{ matrix.python-version }}
- restore-keys: |
- ${{ runner.os }}-pip-
-
- - name: pip cache (Windows)
- uses: actions/cache@v4
- if: ${{ startsWith(runner.os, 'Windows') }}
- with:
- path: ${{ steps.pip-cache-windows.outputs.dir }}
- key: ${{ runner.os }}-pip-${{ matrix.python-version }}
- restore-keys: |
- ${{ runner.os }}-pip-
-
- - name: Download AccessControl wheel
- uses: actions/download-artifact@v4
- with:
- name: AccessControl-${{ runner.os }}-${{ matrix.python-version }}.whl
- path: dist/
- - name: Install AccessControl
- run: |
- pip install -U pip
- pip install -U wheel
- pip install -U `ls dist/AccessControl-*`[test]
- - name: Lint
- run: |
- pip install -U tox
- tox -e lint
-
  manylinux:
  runs-on: ubuntu-latest
  if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name
  # We use a regular Python matrix entry to share as much code as possible.
  strategy:
  matrix:
- python-version: ["3.9"]
+ python-version: ["3.11"]
  image: [manylinux2014_x86_64, manylinux2014_i686, manylinux2014_aarch64]
 
  steps:
@@ -528,6 +461,8 @@ jobs:
  name: manylinux_${{ matrix.image }}_wheels.zip
  - name: Restore pip cache permissions
  run: sudo chown -R $(whoami) ${{ steps.pip-cache-default.outputs.dir }}
+ - name: Prevent publishing wheels for unreleased Python versions
+ run: VER=$(echo '3.13' | tr -d .) && ls -al wheelhouse && sudo rm -f wheelhouse/*-cp${VER}*.whl && ls -al wheelhouse
  - name: Publish package to PyPI
  uses: pypa/gh-action-pypi-publish@release/v1
  if: >

.meta.toml

@@ -2,7 +2,7 @@
 # https://github.com/zopefoundation/meta/tree/master/config/c-code
 [meta]
 template = "c-code"
-commit-id = "13719585"
+commit-id = "a1e05e74"
 
 [python]
 with-windows = true

.pre-commit-config.yaml

@@ -0,0 +1,28 @@
+# Generated from:
+# https://github.com/zopefoundation/meta/tree/master/config/c-code
+minimum_pre_commit_version: '3.6'
+repos:
+ - repo: https://github.com/pycqa/isort
+ rev: "5.13.2"
+ hooks:
+ - id: isort
+ - repo: https://github.com/hhatto/autopep8
+ rev: "v2.3.1"
+ hooks:
+ - id: autopep8
+ args: [--in-place, --aggressive, --aggressive]
+ - repo: https://github.com/asottile/pyupgrade
+ rev: v3.17.0
+ hooks:
+ - id: pyupgrade
+ args: [--py38-plus]
+ - repo: https://github.com/isidentical/teyit
+ rev: 0.4.3
+ hooks:
+ - id: teyit
+ - repo: https://github.com/PyCQA/flake8
+ rev: "7.1.1"
+ hooks:
+ - id: flake8
+ additional_dependencies:
+ - flake8-debugger == 4.1.2

MANIFEST.in

@@ -5,6 +5,7 @@ include *.rst
 include *.txt
 include buildout.cfg
 include tox.ini
+include .pre-commit-config.yaml
 include .coveragerc
 
 recursive-include src *.py

src/AccessControl/SecurityInfo.py

@@ -140,15 +140,15 @@ def protected(self, permission_name):
  # the decorator returned is remembered in a set and will
  # remove itself upon call. self.apply will check for an empty
  # set and raise an AssertionError otherwise.
- key = "'{}':{}".format(permission_name, id(lambda x: x))
+ key = f"'{permission_name}':{id(lambda x: x)}"
 
  def decor(func):
  self.declareProtected(permission_name, func.__name__) # NOQA: D001
  self._unused_protected_decorators.remove(key)
  return func
  # make sure our key algo creates unique-enough keys
  if key in self._unused_protected_decorators:
- raise KeyError("Duplicate key: {}".format(key))
+ raise KeyError(f"Duplicate key: {key}")
  self._unused_protected_decorators.add(key)
  return decor
 

src/AccessControl/ZopeGuards.py

@@ -491,7 +491,7 @@ def load_module(module, mname, mnameparts, validate, globals, locals):
  if mname is None:
  mname = nextname
  else:
- mname = '{}.{}'.format(mname, nextname)
+ mname = f'{mname}.{nextname}'
  # import (if not already imported) and check for MSI
  nextmodule = secureModule(mname, globals, locals)
  if nextmodule is None: # not allowed

src/AccessControl/tests/testClassSecurityInfo.py

@@ -102,10 +102,10 @@ def protected_new(self, REQUEST=None):
  self.assertEqual(object.private__roles__, ())
  imPermissionRole = [r for r in object.protected__roles__
  if not r.endswith('_Permission')]
- self.assertTrue(len(imPermissionRole) == 4)
+ self.assertEqual(len(imPermissionRole), 4)
 
  for item in ('Manager', 'Role A', 'Role B', 'Role C'):
- self.assertTrue(item in imPermissionRole)
+ self.assertIn(item, imPermissionRole)
 
  # functions exist, i.e. decorators returned them
  self.assertEqual(object.public_new.__name__, 'public_new')
@@ -117,10 +117,10 @@ def protected_new(self, REQUEST=None):
  self.assertEqual(object.private_new__roles__, ())
  imPermissionRole = [r for r in object.protected_new__roles__
  if not r.endswith('_Permission')]
- self.assertTrue(len(imPermissionRole) == 4)
+ self.assertEqual(len(imPermissionRole), 4)
 
  for item in ('Manager', 'Role A', 'Role B', 'Role C'):
- self.assertTrue(item in imPermissionRole)
+ self.assertIn(item, imPermissionRole)
 
  # Make sure that a permission defined without accompanying method
  # is still reflected in __ac_permissions__
@@ -160,7 +160,7 @@ def protected(self, REQUEST=None):
  # Do class initialization.
  exc = self.assertRaises(AssertionError,
  InitializeClass, Test)
- self.assertTrue('has 2 non-decorator' in str(exc))
+ self.assertIn('has 2 non-decorator', str(exc))
 
  def test_aq_context_in_decorators(self):
  from Acquisition import Implicit

src/AccessControl/tests/testModuleSecurity.py

@@ -98,12 +98,12 @@ def test_failed_import_keeps_MSI(self):
  from AccessControl.SecurityInfo import _moduleSecurity as MS
  from AccessControl.ZopeGuards import guarded_import
  MSI('AccessControl.tests.nonesuch').declarePublic('pub') # NOQA: D001
- self.assertTrue('AccessControl.tests.nonesuch' in MS)
+ self.assertIn('AccessControl.tests.nonesuch', MS)
  self.assertRaises(ImportError,
  guarded_import,
  'AccessControl.tests.nonesuch',
  ())
- self.assertTrue('AccessControl.tests.nonesuch' in MS)
+ self.assertIn('AccessControl.tests.nonesuch', MS)
 
  def test_level_default(self):
  self.assertAuth('AccessControl.tests.public_module', (),

src/AccessControl/tests/testPermissionRole.py

@@ -80,7 +80,7 @@ def assertPRoles(ob, permission, expect):
  expected[r] = 1
  if got == expected: # Dict compare does the Right Thing.
  same = 1
- assert same, 'Expected roles: {!r}, got: {!r}'.format(expect, roles)
+ assert same, f'Expected roles: {expect!r}, got: {roles!r}'
 
 
 class PermissionRoleTests (unittest.TestCase):
@@ -123,7 +123,7 @@ def testAppDefaults(self):
 
  def testPermissionRoleSupportsGetattr(self):
  a = PermissionRole('a')
- self.assertTrue(getattr(a, '__roles__') == ('Manager', ))
- self.assertTrue(getattr(a, '_d') == ('Manager', ))
- self.assertTrue(getattr(a, '__name__') == 'a')
- self.assertTrue(getattr(a, '_p') == '_a_Permission')
+ self.assertEqual(getattr(a, '__roles__'), ('Manager', ))
+ self.assertEqual(getattr(a, '_d'), ('Manager', ))
+ self.assertEqual(getattr(a, '__name__'), 'a')
+ self.assertEqual(getattr(a, '_p'), '_a_Permission')