From 98e833704048ff8e3874d17b70191d85f6f56beb Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 00:10:43 +0000 Subject: [PATCH 01/16] tag --- .copier-answers.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.copier-answers.yml b/.copier-answers.yml index facfe1e9..ec6ee44f 100644 --- a/.copier-answers.yml +++ b/.copier-answers.yml @@ -1,5 +1,5 @@ # Changes here will be overwritten by Copier -_commit: v0.0.60 +_commit: v0.0.60-2-ga533c73 _src_path: gh:LabAutomationAndScreening/copier-base-template.git description: Copier template for creating Python libraries and executables python_ci_versions: From 4ec1361696897ffa1991a78fd607b3341d44a2bb Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 00:14:56 +0000 Subject: [PATCH 02/16] more ci --- .copier-answers.yml | 2 +- .github/workflows/ci.yaml | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/.copier-answers.yml b/.copier-answers.yml index ec6ee44f..07a616ed 100644 --- a/.copier-answers.yml +++ b/.copier-answers.yml @@ -1,5 +1,5 @@ # Changes here will be overwritten by Copier -_commit: v0.0.60-2-ga533c73 +_commit: v0.0.60-3-g7d8440d _src_path: gh:LabAutomationAndScreening/copier-base-template.git description: Copier template for creating Python libraries and executables python_ci_versions: diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index fb8280d8..6af1e650 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -9,19 +9,23 @@ on: env: PYTHONUNBUFFERED: True PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache + UV_PYTHON_PREFERENCE: only-system permissions: - id-token: write contents: write # needed for mutex, and updating dependabot branches statuses: write # needed for updating status on Dependabot PRs jobs: get-values: uses: ./.github/workflows/get-values.yaml + permissions: + contents: write # needed for updating dependabot branches pre-commit: needs: [ get-values ] uses: ./.github/workflows/pre-commit.yaml + permissions: + contents: write # needed for mutex, and updating dependabot branches with: python-version: 3.12.7 @@ -125,6 +129,8 @@ jobs: required-check: runs-on: ubuntu-24.04 needs: [ lint-matrix, get-values ] + permissions: + statuses: write # needed for updating status on Dependabot PRs if: always() steps: - name: fail if prior job failure From 209ba384e83d3a115911309f140bf8a271a7349d Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 00:15:53 +0000 Subject: [PATCH 03/16] uv version --- template/.github/workflows/ci.yaml.jinja | 1 + 1 file changed, 1 insertion(+) diff --git a/template/.github/workflows/ci.yaml.jinja b/template/.github/workflows/ci.yaml.jinja index dda6ae65..96b0bd90 100644 --- a/template/.github/workflows/ci.yaml.jinja +++ b/template/.github/workflows/ci.yaml.jinja @@ -9,6 +9,7 @@ on: env: PYTHONUNBUFFERED: True PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache + UV_PYTHON_PREFERENCE: only-system permissions: id-token: write From 21b01fd77a750b56e06fe2def53afe747ed91886 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 00:18:41 +0000 Subject: [PATCH 04/16] more only system --- template/.github/workflows/publish.yaml.jinja | 1 + template/.github/workflows/publish_to_staging.yaml.jinja | 1 + 2 files changed, 2 insertions(+) diff --git a/template/.github/workflows/publish.yaml.jinja b/template/.github/workflows/publish.yaml.jinja index 1701cd2d..5e5d2344 100644 --- a/template/.github/workflows/publish.yaml.jinja +++ b/template/.github/workflows/publish.yaml.jinja @@ -11,6 +11,7 @@ on: env: PYTHONUNBUFFERED: True PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache + UV_PYTHON_PREFERENCE: only-system permissions: id-token: write diff --git a/template/.github/workflows/publish_to_staging.yaml.jinja b/template/.github/workflows/publish_to_staging.yaml.jinja index a2ac7df8..581bf672 100644 --- a/template/.github/workflows/publish_to_staging.yaml.jinja +++ b/template/.github/workflows/publish_to_staging.yaml.jinja @@ -6,6 +6,7 @@ on: env: PYTHONUNBUFFERED: True PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache + UV_PYTHON_PREFERENCE: only-system permissions: id-token: write From f7f5eaea183d500bef94a303481a35b21c0a23e5 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 00:26:19 +0000 Subject: [PATCH 05/16] copier --- .copier-answers.yml | 2 +- .github/workflows/ci.yaml | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.copier-answers.yml b/.copier-answers.yml index 07a616ed..9e490a51 100644 --- a/.copier-answers.yml +++ b/.copier-answers.yml @@ -1,5 +1,5 @@ # Changes here will be overwritten by Copier -_commit: v0.0.60-3-g7d8440d +_commit: v0.0.60-5-g1a711f5 _src_path: gh:LabAutomationAndScreening/copier-base-template.git description: Copier template for creating Python libraries and executables python_ci_versions: diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 6af1e650..505ce233 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -12,8 +12,7 @@ env: UV_PYTHON_PREFERENCE: only-system permissions: - contents: write # needed for mutex, and updating dependabot branches - statuses: write # needed for updating status on Dependabot PRs + id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) jobs: get-values: From 1c2cb57533cda4ccb4b7e87cc24b4c968c22f0e4 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 00:30:52 +0000 Subject: [PATCH 06/16] uv python --- template/.github/workflows/ci.yaml.jinja | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/template/.github/workflows/ci.yaml.jinja b/template/.github/workflows/ci.yaml.jinja index 96b0bd90..8d5030d7 100644 --- a/template/.github/workflows/ci.yaml.jinja +++ b/template/.github/workflows/ci.yaml.jinja @@ -9,7 +9,6 @@ on: env: PYTHONUNBUFFERED: True PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache - UV_PYTHON_PREFERENCE: only-system permissions: id-token: write @@ -44,7 +43,8 @@ jobs: JOB_MATCHING_DEV_ENV: true runs-on: ${{ matrix.os }} - + env: + UV_PYTHON: ${{ matrix.python-version }} steps: - name: Checkout code uses: actions/checkout@{% endraw %}{{ gha_checkout }}{% raw %} From ed4741b56d5bf189e912eee13ac345a8727aa178 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 10:53:06 +0000 Subject: [PATCH 07/16] more uv --- template/.github/workflows/ci.yaml.jinja | 4 ++++ template/.github/workflows/publish_to_staging.yaml.jinja | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/template/.github/workflows/ci.yaml.jinja b/template/.github/workflows/ci.yaml.jinja index 8d5030d7..5b810548 100644 --- a/template/.github/workflows/ci.yaml.jinja +++ b/template/.github/workflows/ci.yaml.jinja @@ -85,6 +85,8 @@ jobs: - {{ item }} {% endfor %}{% raw %} runs-on: ${{ matrix.os }} + env: + UV_PYTHON: ${{ matrix.python-version }} steps: - name: Checkout code @@ -118,6 +120,8 @@ jobs: {% endfor %}{% raw %} runs-on: {% endraw %}{{ gha_linux_runner }}{% raw %} + env: + UV_PYTHON: ${{ matrix.python-version }} steps: - name: Checkout code diff --git a/template/.github/workflows/publish_to_staging.yaml.jinja b/template/.github/workflows/publish_to_staging.yaml.jinja index 581bf672..3dfd8636 100644 --- a/template/.github/workflows/publish_to_staging.yaml.jinja +++ b/template/.github/workflows/publish_to_staging.yaml.jinja @@ -6,7 +6,6 @@ on: env: PYTHONUNBUFFERED: True PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache - UV_PYTHON_PREFERENCE: only-system permissions: id-token: write @@ -36,6 +35,8 @@ jobs: JOB_MATCHING_DEV_ENV: true runs-on: ${{ matrix.os }} + env: + UV_PYTHON: ${{ matrix.python-version }} steps: - name: Checkout code From 7f116445e49762b1b936b13ec05996db9e448b5c Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 10:56:58 +0000 Subject: [PATCH 08/16] copier --- .copier-answers.yml | 2 +- .devcontainer/devcontainer.json | 2 +- .devcontainer/install-ci-tooling.py | 2 +- .github/workflows/ci.yaml | 3 ++- .gitignore | 1 + extensions/context.py | 2 +- template/.gitignore | 1 + 7 files changed, 8 insertions(+), 5 deletions(-) diff --git a/.copier-answers.yml b/.copier-answers.yml index 9e490a51..baddc6c3 100644 --- a/.copier-answers.yml +++ b/.copier-answers.yml @@ -1,5 +1,5 @@ # Changes here will be overwritten by Copier -_commit: v0.0.60-5-g1a711f5 +_commit: v0.0.60-7-gce42478 _src_path: gh:LabAutomationAndScreening/copier-base-template.git description: Copier template for creating Python libraries and executables python_ci_versions: diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index e0fdfc53..8198618c 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -61,5 +61,5 @@ "initializeCommand": "sh .devcontainer/initialize-command.sh", "onCreateCommand": "sh .devcontainer/on-create-command.sh", "postStartCommand": "sh .devcontainer/post-start-command.sh" - // Devcontainer context hash (do not manually edit this, it's managed by a pre-commit hook): 2b781a57 # spellchecker:disable-line + // Devcontainer context hash (do not manually edit this, it's managed by a pre-commit hook): 9e371a58 # spellchecker:disable-line } diff --git a/.devcontainer/install-ci-tooling.py b/.devcontainer/install-ci-tooling.py index fc427100..372fed2c 100644 --- a/.devcontainer/install-ci-tooling.py +++ b/.devcontainer/install-ci-tooling.py @@ -7,7 +7,7 @@ import tempfile from pathlib import Path -UV_VERSION = "0.8.3" +UV_VERSION = "0.8.4" PNPM_VERSION = "10.14.0" COPIER_VERSION = "9.8.0" COPIER_TEMPLATE_EXTENSIONS_VERSION = "0.3.2" diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 505ce233..6c351a92 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -9,7 +9,6 @@ on: env: PYTHONUNBUFFERED: True PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache - UV_PYTHON_PREFERENCE: only-system permissions: id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) @@ -46,6 +45,8 @@ jobs: '--data-file tests/copier_data/data3.yaml', ] runs-on: ${{ matrix.os }} + env: + UV_PYTHON: ${{ matrix.python-version }} steps: - name: Checkout code diff --git a/.gitignore b/.gitignore index 39948f95..f7300be2 100644 --- a/.gitignore +++ b/.gitignore @@ -48,6 +48,7 @@ coverage-report-pytest .mypy_cache/ .coverage .coverage.* +coverage.xml # test profiling prof/ diff --git a/extensions/context.py b/extensions/context.py index 6aa117f9..7d3405ec 100644 --- a/extensions/context.py +++ b/extensions/context.py @@ -10,7 +10,7 @@ class ContextUpdater(ContextHook): @override def hook(self, context: dict[Any, Any]) -> dict[Any, Any]: - context["uv_version"] = "0.8.3" + context["uv_version"] = "0.8.4" context["pnpm_version"] = "10.14.0" context["pre_commit_version"] = "4.2.0" context["pyright_version"] = "1.1.403" diff --git a/template/.gitignore b/template/.gitignore index 39948f95..f7300be2 100644 --- a/template/.gitignore +++ b/template/.gitignore @@ -48,6 +48,7 @@ coverage-report-pytest .mypy_cache/ .coverage .coverage.* +coverage.xml # test profiling prof/ From f438df5a70dc670ae70144eafc16ab573c05b13a Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 11:02:02 +0000 Subject: [PATCH 09/16] perms --- template/.github/workflows/ci.yaml.jinja | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/template/.github/workflows/ci.yaml.jinja b/template/.github/workflows/ci.yaml.jinja index 5b810548..3dfe2775 100644 --- a/template/.github/workflows/ci.yaml.jinja +++ b/template/.github/workflows/ci.yaml.jinja @@ -11,18 +11,20 @@ env: PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache permissions: - id-token: write - contents: write # needed for mutex, and updating dependabot branches - statuses: write # needed for updating status on Dependabot PRs + id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) jobs: get-values: uses: ./.github/workflows/get-values.yaml + permissions: + contents: write # needed updating dependabot branches lint: needs: [ get-values ] name: Pre-commit uses: ./.github/workflows/pre-commit.yaml + permissions: + contents: write # needed for mutex with: python-version: {% endraw %}{{ python_version }}{% raw %} @@ -142,6 +144,8 @@ jobs: required-check: runs-on: {% endraw %}{{ gha_linux_runner }}{% raw %} + permissions: + statuses: write # needed for updating status on Dependabot PRs needs: - test - get-values{% endraw %}{% if create_docs %} From 8a2dc1dba76e13881cab8700de08633ed2f043c7 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 11:04:08 +0000 Subject: [PATCH 10/16] publish ci --- template/.github/workflows/publish.yaml.jinja | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/template/.github/workflows/publish.yaml.jinja b/template/.github/workflows/publish.yaml.jinja index 5e5d2344..13157854 100644 --- a/template/.github/workflows/publish.yaml.jinja +++ b/template/.github/workflows/publish.yaml.jinja @@ -11,11 +11,9 @@ on: env: PYTHONUNBUFFERED: True PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache - UV_PYTHON_PREFERENCE: only-system permissions: - id-token: write - contents: write # needed for mutex + id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) jobs: get-values: @@ -40,6 +38,8 @@ jobs: lint: name: Pre-commit uses: ./.github/workflows/pre-commit.yaml + permissions: + contents: write # needed for mutex with: python-version: {% endraw %}{{ python_version }}{% raw %} @@ -60,6 +60,8 @@ jobs: JOB_MATCHING_DEV_ENV: true runs-on: ${{ matrix.os }} + env: + UV_PYTHON: ${{ matrix.python-version }} steps: - name: Checkout code @@ -168,6 +170,8 @@ jobs: JOB_MATCHING_DEV_ENV: true runs-on: ${{ matrix.os }} + env: + UV_PYTHON: ${{ matrix.python-version }} steps: - name: Checkout code @@ -259,6 +263,8 @@ jobs: JOB_MATCHING_DEV_ENV: true runs-on: ${{ matrix.os }} + env: + UV_PYTHON: ${{ matrix.python-version }} steps: - name: Checkout code From 3f1997e9714d1d4439e92176ea85d5f53b27c042 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 11:11:42 +0000 Subject: [PATCH 11/16] more perms --- .copier-answers.yml | 2 +- .github/workflows/get-values.yaml | 2 +- .github/workflows/pre-commit.yaml | 3 ++- template/.github/workflows/get-values.yaml | 2 +- template/.github/workflows/pre-commit.yaml | 3 ++- 5 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.copier-answers.yml b/.copier-answers.yml index baddc6c3..b06a6269 100644 --- a/.copier-answers.yml +++ b/.copier-answers.yml @@ -1,5 +1,5 @@ # Changes here will be overwritten by Copier -_commit: v0.0.60-7-gce42478 +_commit: v0.0.60-12-g2039103 _src_path: gh:LabAutomationAndScreening/copier-base-template.git description: Copier template for creating Python libraries and executables python_ci_versions: diff --git a/.github/workflows/get-values.yaml b/.github/workflows/get-values.yaml index 1043f947..a9f5c333 100644 --- a/.github/workflows/get-values.yaml +++ b/.github/workflows/get-values.yaml @@ -14,7 +14,7 @@ env: PYTHONUNBUFFERED: True permissions: - contents: write # needed to push commit of new devcontainer hash for dependabot PRs + contents: write # needed to push commit of new devcontainer hash for dependabot PRs jobs: get-values: diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index ecb2cd0d..24534af2 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -22,7 +22,8 @@ env: PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache permissions: - contents: write # needed for mutex + contents: write # needed for mutex + id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) jobs: pre-commit: diff --git a/template/.github/workflows/get-values.yaml b/template/.github/workflows/get-values.yaml index 1043f947..a9f5c333 100644 --- a/template/.github/workflows/get-values.yaml +++ b/template/.github/workflows/get-values.yaml @@ -14,7 +14,7 @@ env: PYTHONUNBUFFERED: True permissions: - contents: write # needed to push commit of new devcontainer hash for dependabot PRs + contents: write # needed to push commit of new devcontainer hash for dependabot PRs jobs: get-values: diff --git a/template/.github/workflows/pre-commit.yaml b/template/.github/workflows/pre-commit.yaml index ecb2cd0d..24534af2 100644 --- a/template/.github/workflows/pre-commit.yaml +++ b/template/.github/workflows/pre-commit.yaml @@ -22,7 +22,8 @@ env: PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache permissions: - contents: write # needed for mutex + contents: write # needed for mutex + id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) jobs: pre-commit: From e87f32a4ac891bace7f48910e4e803d0e6984ff2 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 11:12:45 +0000 Subject: [PATCH 12/16] publish perms --- template/.github/workflows/publish_to_staging.yaml.jinja | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/template/.github/workflows/publish_to_staging.yaml.jinja b/template/.github/workflows/publish_to_staging.yaml.jinja index 3dfd8636..b0c7d216 100644 --- a/template/.github/workflows/publish_to_staging.yaml.jinja +++ b/template/.github/workflows/publish_to_staging.yaml.jinja @@ -8,13 +8,14 @@ env: PRE_COMMIT_HOME: ${{ github.workspace }}/.precommit_cache permissions: - id-token: write - contents: write # needed for mutex + id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) jobs: lint: name: Pre-commit uses: ./.github/workflows/pre-commit.yaml + permissions: + contents: write # needed for mutex with: python-version: {% endraw %}{{ python_version }}{% raw %} From 59c82a37545c12a4ee0f22ca8e45cd55dc303b18 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 11:18:32 +0000 Subject: [PATCH 13/16] coiper --- .copier-answers.yml | 2 +- .github/workflows/ci.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.copier-answers.yml b/.copier-answers.yml index b06a6269..edb47051 100644 --- a/.copier-answers.yml +++ b/.copier-answers.yml @@ -1,5 +1,5 @@ # Changes here will be overwritten by Copier -_commit: v0.0.60-12-g2039103 +_commit: v0.0.60-13-gc1958de _src_path: gh:LabAutomationAndScreening/copier-base-template.git description: Copier template for creating Python libraries and executables python_ci_versions: diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 6c351a92..3859e29b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -24,6 +24,7 @@ jobs: uses: ./.github/workflows/pre-commit.yaml permissions: contents: write # needed for mutex, and updating dependabot branches + id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) with: python-version: 3.12.7 From 737162b7ae11ba8b194bd26a66a3a524c66b7eb0 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 11:19:09 +0000 Subject: [PATCH 14/16] downstream perms --- template/.github/workflows/ci.yaml.jinja | 1 + template/.github/workflows/publish.yaml.jinja | 1 + template/.github/workflows/publish_to_staging.yaml.jinja | 1 + 3 files changed, 3 insertions(+) diff --git a/template/.github/workflows/ci.yaml.jinja b/template/.github/workflows/ci.yaml.jinja index 3dfe2775..a99e9ae5 100644 --- a/template/.github/workflows/ci.yaml.jinja +++ b/template/.github/workflows/ci.yaml.jinja @@ -25,6 +25,7 @@ jobs: uses: ./.github/workflows/pre-commit.yaml permissions: contents: write # needed for mutex + id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) with: python-version: {% endraw %}{{ python_version }}{% raw %} diff --git a/template/.github/workflows/publish.yaml.jinja b/template/.github/workflows/publish.yaml.jinja index 13157854..bf1691ad 100644 --- a/template/.github/workflows/publish.yaml.jinja +++ b/template/.github/workflows/publish.yaml.jinja @@ -40,6 +40,7 @@ jobs: uses: ./.github/workflows/pre-commit.yaml permissions: contents: write # needed for mutex + id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) with: python-version: {% endraw %}{{ python_version }}{% raw %} diff --git a/template/.github/workflows/publish_to_staging.yaml.jinja b/template/.github/workflows/publish_to_staging.yaml.jinja index b0c7d216..a6ee92bb 100644 --- a/template/.github/workflows/publish_to_staging.yaml.jinja +++ b/template/.github/workflows/publish_to_staging.yaml.jinja @@ -16,6 +16,7 @@ jobs: uses: ./.github/workflows/pre-commit.yaml permissions: contents: write # needed for mutex + id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) with: python-version: {% endraw %}{{ python_version }}{% raw %} From 85deb2905affaa6b682e50780402e8a12ade45bb Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 11:26:43 +0000 Subject: [PATCH 15/16] perms --- .copier-answers.yml | 2 +- .github/workflows/ci.yaml | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.copier-answers.yml b/.copier-answers.yml index edb47051..b0af3db4 100644 --- a/.copier-answers.yml +++ b/.copier-answers.yml @@ -1,5 +1,5 @@ # Changes here will be overwritten by Copier -_commit: v0.0.60-13-gc1958de +_commit: v0.0.60-14-geddac27 _src_path: gh:LabAutomationAndScreening/copier-base-template.git description: Copier template for creating Python libraries and executables python_ci_versions: diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3859e29b..07169ccf 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -23,7 +23,7 @@ jobs: needs: [ get-values ] uses: ./.github/workflows/pre-commit.yaml permissions: - contents: write # needed for mutex, and updating dependabot branches + contents: write # needed for mutex id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) with: python-version: 3.12.7 @@ -48,6 +48,8 @@ jobs: runs-on: ${{ matrix.os }} env: UV_PYTHON: ${{ matrix.python-version }} + permissions: + contents: write # needed for mutex steps: - name: Checkout code From ce2d787a6a576a89be2a50457175077dd98e9b7b Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Sun, 3 Aug 2025 11:31:25 +0000 Subject: [PATCH 16/16] tag --- .copier-answers.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.copier-answers.yml b/.copier-answers.yml index b0af3db4..c26f5c43 100644 --- a/.copier-answers.yml +++ b/.copier-answers.yml @@ -1,5 +1,5 @@ # Changes here will be overwritten by Copier -_commit: v0.0.60-14-geddac27 +_commit: v0.0.61 _src_path: gh:LabAutomationAndScreening/copier-base-template.git description: Copier template for creating Python libraries and executables python_ci_versions: