From 3585ea9911ae521e86793ef18f5891289fb0b604 Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Sun, 27 Aug 2023 17:21:28 +0200 Subject: [PATCH] feat: programmatic access to library's version (#417) adds `cyclonedx.__version__` Signed-off-by: Jan Kowalleck --- cyclonedx/__init__.py | 4 +++ cyclonedx/model/__init__.py | 11 +-------- deps.lowest.r | 1 - docs/conf.py | 4 +-- poetry.lock | 49 +++++++++++++++++++++++++++++++++---- pyproject.toml | 8 ++++-- tests/base.py | 11 --------- 7 files changed, 57 insertions(+), 31 deletions(-) diff --git a/cyclonedx/__init__.py b/cyclonedx/__init__.py index a5c89423..edbd4366 100644 --- a/cyclonedx/__init__.py +++ b/cyclonedx/__init__.py @@ -17,3 +17,7 @@ """ Python library for generating and representing CycloneDX software bill-of-materials. """ + +# !! version is managed by semantic_release +# do not use typing here, or else `semantic_release` might have issues finding the variable +__version__ = "4.1.0-alpha.1" diff --git a/cyclonedx/model/__init__.py b/cyclonedx/model/__init__.py index 38e5bcf8..59b45cca 100644 --- a/cyclonedx/model/__init__.py +++ b/cyclonedx/model/__init__.py @@ -17,7 +17,6 @@ import hashlib import re -import sys import warnings from datetime import datetime, timezone from enum import Enum @@ -26,6 +25,7 @@ import serializable from sortedcontainers import SortedSet +from .. import __version__ as __ThisToolVersion from ..exception.model import ( InvalidLocaleTypeException, InvalidUriException, @@ -1394,15 +1394,6 @@ def __repr__(self) -> str: return f'' -if sys.version_info >= (3, 8): - from importlib.metadata import version as meta_version -else: - from importlib_metadata import version as meta_version - -try: - __ThisToolVersion: Optional[str] = str(meta_version('cyclonedx-python-lib')) # type: ignore[no-untyped-call] -except Exception: - __ThisToolVersion = None ThisTool = Tool(vendor='CycloneDX', name='cyclonedx-python-lib', version=__ThisToolVersion or 'UNKNOWN') ThisTool.external_references.update([ ExternalReference( diff --git a/deps.lowest.r b/deps.lowest.r index 5b9696fe..70b35aaa 100644 --- a/deps.lowest.r +++ b/deps.lowest.r @@ -3,6 +3,5 @@ packageurl-python == 0.11.1 py-serializable == 0.11.1 -importlib-metadata == 3.4.0 # ; python_version < '3.8' # file name is a untypical one, so dependabot does not bump this file diff --git a/docs/conf.py b/docs/conf.py index 9e0773f2..00b6680c 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -13,7 +13,6 @@ # limitations under the License. # # SPDX-License-Identifier: Apache-2.0 -import pkg_resources # -- Project information ----------------------------------------------------- @@ -22,7 +21,8 @@ author = 'Paul Horton, Jan Kowalleck, Steve Springett, Patrick Dwyer' # The full version, including alpha/beta/rc tags -release = pkg_resources.get_distribution("cyclonedx-python-lib").version +# !! version is managed by semantic_release +release = '4.1.0-alpha.1' # -- General configuration --------------------------------------------------- diff --git a/poetry.lock b/poetry.lock index 80e5372b..ad7e3e50 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,9 +1,10 @@ -# This file is automatically @generated by Poetry 1.5.1 and should not be changed by hand. +# This file is automatically @generated by Poetry 1.4.1 and should not be changed by hand. [[package]] name = "attrs" version = "22.2.0" description = "Classes Without Boilerplate" +category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -22,6 +23,7 @@ tests-no-zope = ["cloudpickle", "cloudpickle", "hypothesis", "hypothesis", "mypy name = "colorama" version = "0.4.6" description = "Cross-platform colored terminal text." +category = "dev" optional = false python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" files = [ @@ -33,6 +35,7 @@ files = [ name = "coverage" version = "7.2.7" description = "Code coverage measurement for Python" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -105,6 +108,7 @@ toml = ["tomli"] name = "ddt" version = "1.6.0" description = "Data-Driven/Decorated Tests" +category = "dev" optional = false python-versions = "*" files = [ @@ -116,6 +120,7 @@ files = [ name = "defusedxml" version = "0.7.1" description = "XML bomb protection for Python stdlib modules" +category = "main" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" files = [ @@ -127,6 +132,7 @@ files = [ name = "distlib" version = "0.3.7" description = "Distribution utilities" +category = "dev" optional = false python-versions = "*" files = [ @@ -138,6 +144,7 @@ files = [ name = "filelock" version = "3.12.2" description = "A platform independent file lock." +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -153,6 +160,7 @@ testing = ["covdefaults (>=2.3)", "coverage (>=7.2.7)", "diff-cover (>=7.5)", "p name = "flake8" version = "5.0.4" description = "the modular source code checker: pep8 pyflakes and co" +category = "dev" optional = false python-versions = ">=3.6.1" files = [ @@ -170,6 +178,7 @@ pyflakes = ">=2.5.0,<2.6.0" name = "flake8-annotations" version = "2.9.1" description = "Flake8 Type Annotation Checks" +category = "dev" optional = false python-versions = ">=3.7,<4.0" files = [ @@ -186,6 +195,7 @@ typed-ast = {version = ">=1.4,<2.0", markers = "python_version < \"3.8\""} name = "flake8-bugbear" version = "22.12.6" description = "A plugin for flake8 finding likely bugs and design problems in your program. Contains warnings that don't belong in pyflakes and pycodestyle." +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -204,6 +214,7 @@ dev = ["coverage", "hypothesis", "hypothesmith (>=0.2)", "pre-commit", "tox"] name = "flake8-isort" version = "4.2.0" description = "flake8 plugin that integrates isort ." +category = "dev" optional = false python-versions = "*" files = [ @@ -220,13 +231,14 @@ test = ["pytest-cov"] [[package]] name = "importlib-metadata" -version = "3.10.1" +version = "4.2.0" description = "Read metadata from Python packages" +category = "dev" optional = false python-versions = ">=3.6" files = [ - {file = "importlib_metadata-3.10.1-py3-none-any.whl", hash = "sha256:2ec0faae539743ae6aaa84b49a169670a465f7f5d64e6add98388cc29fd1f2f6"}, - {file = "importlib_metadata-3.10.1.tar.gz", hash = "sha256:c9356b657de65c53744046fa8f7358afe0714a1af7d570c00c3835c2d724a7c1"}, + {file = "importlib_metadata-4.2.0-py3-none-any.whl", hash = "sha256:057e92c15bc8d9e8109738a48db0ccb31b4d9d5cfbee5a8670879a30be66304b"}, + {file = "importlib_metadata-4.2.0.tar.gz", hash = "sha256:b7e52a1f8dec14a75ea73e0891f3060099ca1d8e6a462a4dff11c3e119ea1b31"}, ] [package.dependencies] @@ -241,6 +253,7 @@ testing = ["flufl.flake8", "importlib-resources (>=1.3)", "packaging", "pep517", name = "importlib-resources" version = "5.12.0" description = "Read resources from Python packages" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -259,6 +272,7 @@ testing = ["flake8 (<5)", "pytest (>=6)", "pytest-black (>=0.3.7)", "pytest-chec name = "isort" version = "5.11.5" description = "A Python utility / library to sort Python imports." +category = "dev" optional = false python-versions = ">=3.7.0" files = [ @@ -276,6 +290,7 @@ requirements-deprecated-finder = ["pip-api", "pipreqs"] name = "jsonschema" version = "4.17.3" description = "An implementation of JSON Schema validation for Python" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -299,6 +314,7 @@ format-nongpl = ["fqdn", "idna", "isoduration", "jsonpointer (>1.13)", "rfc3339- name = "lxml" version = "4.9.3" description = "Powerful and Pythonic XML processing library combining libxml2/libxslt with the ElementTree API." +category = "dev" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, != 3.4.*" files = [ @@ -406,6 +422,7 @@ source = ["Cython (>=0.29.35)"] name = "mccabe" version = "0.7.0" description = "McCabe checker, plugin for flake8" +category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -417,6 +434,7 @@ files = [ name = "mypy" version = "1.4.1" description = "Optional static typing for Python" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -464,6 +482,7 @@ reports = ["lxml"] name = "mypy-extensions" version = "1.0.0" description = "Type system extensions for programs checked with the mypy type checker." +category = "dev" optional = false python-versions = ">=3.5" files = [ @@ -475,6 +494,7 @@ files = [ name = "packageurl-python" version = "0.11.1" description = "A purl aka. Package URL parser and builder" +category = "main" optional = false python-versions = ">=3.7" files = [ @@ -491,6 +511,7 @@ test = ["pytest"] name = "packaging" version = "23.0" description = "Core utilities for Python packages" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -502,6 +523,7 @@ files = [ name = "pkgutil-resolve-name" version = "1.3.10" description = "Resolve a name to an object." +category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -513,6 +535,7 @@ files = [ name = "platformdirs" version = "2.6.2" description = "A small Python package for determining appropriate platform-specific dirs, e.g. a \"user data dir\"." +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -531,6 +554,7 @@ test = ["appdirs (==1.4.4)", "covdefaults (>=2.2.2)", "pytest (>=7.2)", "pytest- name = "pluggy" version = "1.2.0" description = "plugin and hook calling mechanisms for python" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -549,6 +573,7 @@ testing = ["pytest", "pytest-benchmark"] name = "py" version = "1.11.0" description = "library with cross-python path, ini-parsing, io, code, log facilities" +category = "dev" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" files = [ @@ -560,6 +585,7 @@ files = [ name = "py-serializable" version = "0.11.1" description = "Library for serializing and deserializing Python Objects to and from JSON and XML." +category = "main" optional = false python-versions = ">=3.7,<4.0" files = [ @@ -574,6 +600,7 @@ defusedxml = ">=0.7.1,<0.8.0" name = "pycodestyle" version = "2.9.1" description = "Python style guide checker" +category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -585,6 +612,7 @@ files = [ name = "pyflakes" version = "2.5.0" description = "passive checker of Python programs" +category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -596,6 +624,7 @@ files = [ name = "pyrsistent" version = "0.19.3" description = "Persistent/Functional/Immutable data structures" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -632,6 +661,7 @@ files = [ name = "setuptools" version = "67.6.1" description = "Easily download, build, install, upgrade, and uninstall Python packages" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -648,6 +678,7 @@ testing-integration = ["build[virtualenv]", "filelock (>=3.4.0)", "jaraco.envs ( name = "six" version = "1.16.0" description = "Python 2 and 3 compatibility utilities" +category = "dev" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*" files = [ @@ -659,6 +690,7 @@ files = [ name = "sortedcontainers" version = "2.4.0" description = "Sorted Containers -- Sorted List, Sorted Dict, Sorted Set" +category = "main" optional = false python-versions = "*" files = [ @@ -670,6 +702,7 @@ files = [ name = "tomli" version = "2.0.1" description = "A lil' TOML parser" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -681,6 +714,7 @@ files = [ name = "tox" version = "3.28.0" description = "tox is a generic virtualenv management and test command line tool" +category = "dev" optional = false python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,>=2.7" files = [ @@ -707,6 +741,7 @@ testing = ["flaky (>=3.4.0)", "freezegun (>=0.3.11)", "pathlib2 (>=2.3.3)", "psu name = "typed-ast" version = "1.5.5" description = "a fork of Python 2 and 3 ast modules with type comment support" +category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -757,6 +792,7 @@ files = [ name = "typing-extensions" version = "4.5.0" description = "Backported and Experimental Type Hints for Python 3.7+" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -768,6 +804,7 @@ files = [ name = "virtualenv" version = "20.16.2" description = "Virtual Python Environment builder" +category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -789,6 +826,7 @@ testing = ["coverage (>=4)", "coverage-enable-subprocess (>=1)", "flaky (>=3)", name = "xmldiff" version = "2.6.3" description = "Creates diffs of XML files" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -807,6 +845,7 @@ devenv = ["black", "coverage", "flake8", "zest.releaser[recommended]"] name = "zipp" version = "3.15.0" description = "Backport of pathlib-compatible object wrapper for zip files" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -821,4 +860,4 @@ testing = ["big-O", "flake8 (<5)", "jaraco.functools", "jaraco.itertools", "more [metadata] lock-version = "2.0" python-versions = "^3.7" -content-hash = "cc5af649a0ae2bbe87b3050999afce0f5b13d722d81ea48b178854ad31796d28" +content-hash = "459de3873dc790f7ab293ba50f0bd991a14c3a65147a5fc2b111809f128fc3e9" diff --git a/pyproject.toml b/pyproject.toml index e1f8ac12..bacc430e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,8 @@ build-backend = "poetry.core.masonry.api" [tool.poetry] name = "cyclonedx-python-lib" -version = "4.0.1" +# !! version is managed by semantic_release +version = "4.1.0-alpha.1" description = "A library for producing CycloneDX SBOM (Software Bill of Materials) files." authors = ["Paul Horton "] maintainers = [ @@ -51,7 +52,6 @@ keywords = [ [tool.poetry.dependencies] # ATTENTION: keep `deps.lowest.r` file in sync python = "^3.7" -importlib-metadata = { version = "^3.4.0", python = "<3.8" } packageurl-python = ">= 0.11" py-serializable = "^0.11.1" sortedcontainers = "^2.4.0" @@ -76,6 +76,10 @@ commit_message = "chore(release): {version}\n\nAutomatically generated by python upload_to_vcs_release = true build_command = "pip install poetry && poetry build" version_toml = ["pyproject.toml:tool.poetry.version"] +version_variables = [ + "cyclonedx/__init__.py:__version__", + "docs/conf.py:release", +] [tool.semantic_release.changelog] changelog_file = "CHANGELOG.md" exclude_commit_patterns = [ diff --git a/tests/base.py b/tests/base.py index cc86477d..c844396c 100644 --- a/tests/base.py +++ b/tests/base.py @@ -37,19 +37,8 @@ if sys.version_info >= (3, 7): from jsonschema import ValidationError, validate as json_validate -if sys.version_info >= (3, 8): - from importlib.metadata import PackageNotFoundError, version -else: - from importlib_metadata import PackageNotFoundError, version - from . import CDX_SCHEMA_DIRECTORY -cyclonedx_lib_name: str = 'cyclonedx-python-lib' -cyclonedx_lib_version: str = 'DEV' -try: - cyclonedx_lib_version: str = version(cyclonedx_lib_name) -except PackageNotFoundError: - pass single_uuid: str = 'urn:uuid:{}'.format(uuid4())