Apply migration from 0.13.8 to 0.16.0

frequenz-auto-dependabot[bot] · web-flow · commit c7e7aecd89c2 · 2026-03-27T11:49:19.000Z
=== v0.14.0 ========================================================= Script URL: https://raw.githubusercontent.com/frequenz-floss/frequenz-repo-config-python/v0.14.0/cookiecutter/migrate.py ======================================================================== Creating Dependabot auto-merge workflow... Created/Updated Dependabot auto-merge workflow at .github/workflows/auto-dependabot.yaml ======================================================================== Disabling CODEOWNERS review requirement in GitHub ruleset... Default branch: v1.x.x Found ruleset ID: 4517478 CODEOWNERS review requirement already disabled. ======================================================================== Updating the mkdocs.yml for mkdocstrings-python v2 compatibility... ======================================================================== Migration script finished. Remember to follow any manual instructions. ======================================================================== === v0.15.0 ========================================================= Script URL: https://raw.githubusercontent.com/frequenz-floss/frequenz-repo-config-python/v0.15.0/cookiecutter/migrate.py ======================================================================== Migrating workflows to use ubuntu-slim runner for lightweight jobs... Updated .github/workflows/ci.yaml: migrated job nox-all to ubuntu-slim Updated .github/workflows/ci.yaml: migrated job test-installation-all to ubuntu-slim Updated .github/workflows/ci.yaml: migrated job create-github-release to ubuntu-slim Updated .github/workflows/ci.yaml: migrated job publish-to-pypi to ubuntu-slim Updated .github/workflows/release-notes-check.yml: migrated job check-release-notes to ubuntu-slim Updated .github/workflows/dco-merge-queue.yml: migrated job DCO to ubuntu-slim Updated .github/workflows/labeler.yml: migrated job Label to ubuntu-slim ======================================================================== Migrating pyproject license metadata to SPDX format... Updated pyproject.toml: migrated license metadata ======================================================================== Adding flake8-datetimez plugin to dev-flake8 dependencies... Updated pyproject.toml: added flake8-datetimez plugin ======================================================================== Fixing dependabot repo-config and mkdocstrings patterns... >>> Could not find `frequenz-repo-config*` pattern in .github/dependabot.yml. Please replace it with explicit entries for `frequenz-repo-config`, `frequenz-repo-config[actor]`, and `frequenz-repo-config[extra-lint-examples]`. Skipped .github/dependabot.yml: mkdocstrings patterns already updated Skipped .github/dependabot.yml (already up to date) ======================================================================== Migrating auto-dependabot workflow to use GitHub App token... Replacing .github/workflows/auto-dependabot.yaml with updated workflow (overwriting any local changes) ======================================================================== Migrating the CI workflows to use a platform matrix... - .github/workflows/ci.yaml Migrated arch+os matrix to platform ======================================================================== Installing repo-config migration workflow... Replacing .github/workflows/repo-config-migration.yaml with updated workflow (overwriting any local changes) Updated .github/workflows/auto-dependabot.yaml: added repo-config group exclusion ======================================================================== Updating 'Protect version branches' GitHub ruleset... Updated ruleset 'Protect version branches': add 'Migrate Repo Config' status check ======================================================================== ⚠️⚠️⚠️ Remember to check the manual steps: ⚠️⚠️⚠️ ⚠️⚠️⚠️ 1. Could not find `frequenz-repo-config*` pattern in .github/dependabot.yml. Please replace it with explicit entries for `frequenz-repo-config`, `frequenz-repo-config[actor]`, and `frequenz-repo-config[extra-lint-examples]`. ❌ Migration script finished but requires manual intervention ❌ === v0.16.0 ========================================================= Script URL: https://raw.githubusercontent.com/frequenz-floss/frequenz-repo-config-python/v0.16.0/cookiecutter/migrate.py ======================================================================== Fixing repo-config migration merge queue trigger... Updated .github/workflows/repo-config-migration.yaml: added merge_group trigger ======================================================================== Fixing mkdocstrings-python v2 paths for api repos... Skipping mkdocs.yml (not an api project) ======================================================================== Migrating protolint and publish-to-pypi runners to ubuntu-24.04... Skipping protolint runner migration (not an api project) Updated .github/workflows/ci.yaml: migrated runner for job publish-to-pypi ======================================================================== Updating 'Protect version branches' GitHub ruleset... Ruleset 'Protect version branches' is already up to date ======================================================================== ✅ Migration script finished successfully ✅ The migration completed but requires manual intervention.
diff --git a/.github/workflows/auto-dependabot.yaml b/.github/workflows/auto-dependabot.yaml
@@ -1,17 +1,40 @@
-name: Dependabot Auto Manage
-on: pull_request
+name: Auto-merge Dependabot PR
+
+on:
+  # XXX: !!! SECURITY WARNING !!!
+  # pull_request_target has write access to the repo, and can read secrets. We
+  # need to audit any external actions executed in this workflow and make sure no
+  # checked out code is run (not even installing dependencies, as installing
+  # dependencies usually can execute pre/post-install scripts). We should also
+  # only use hashes to pick the action to execute (instead of tags or branches).
+  # For more details read:
+  # https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
+  pull_request_target:
 
 permissions:
-  contents: write
+  contents: read
   pull-requests: write
 
 jobs:
-  dependabot:
-    runs-on: ubuntu-latest
-    if: github.actor == 'dependabot[bot]'
+  auto-merge:
+    name: Auto-merge Dependabot PR
+    if: >
+      github.actor == 'dependabot[bot]' &&
+      !contains(github.event.pull_request.title, 'the repo-config group')
+    runs-on: ubuntu-slim
     steps:
-      - uses: frequenz-floss/dependabot-auto-approve@e943399cc9d76fbb6d7faae446cd57301d110165 # v1.5.0
+      - name: Generate GitHub App token
+        id: app-token
+        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
+        with:
+          app-id: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_ID }}
+          private-key: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_PRIVATE_KEY }}
+
+      - name: Auto-merge Dependabot PR
+        uses: frequenz-floss/dependabot-auto-approve@e943399cc9d76fbb6d7faae446cd57301d110165 # v1.5.0
         with:
+          github-token: ${{ steps.app-token.outputs.token }}
           dependency-type: 'all'
           auto-merge: 'true'
-          add-label: 'auto-merged'
+          merge-method: 'merge'
+          add-label: 'tool:auto-merged'
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -28,11 +28,9 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        arch:
-          - amd64
-          - arm
-        os:
+        platform:
           - ubuntu-24.04
+          - ubuntu-24.04-arm
         python:
           - "3.11"
           - "3.12"
@@ -42,7 +40,7 @@ jobs:
           # that uses the same venv to run multiple linting sessions
           - "ci_checks_max"
           - "pytest_min"
-    runs-on: ${{ matrix.os }}${{ matrix.arch != 'amd64' && format('-{0}', matrix.arch) || '' }}
+    runs-on: ${{ matrix.platform }}
 
     steps:
       - name: Run nox
@@ -61,7 +59,7 @@ jobs:
     needs: ["nox"]
     # We skip this job only if nox was also skipped
     if: always() && needs.nox.result != 'skipped'
-    runs-on: ubuntu-24.04
+    runs-on: ubuntu-slim
     env:
       DEPS_RESULT: ${{ needs.nox.result }}
     steps:
@@ -106,16 +104,14 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        arch:
-          - amd64
-          - arm
-        os:
+        platform:
           - ubuntu-24.04
+          - ubuntu-24.04-arm
         python:
           - "3.11"
           - "3.12"
           - "3.13"
-    runs-on: ${{ matrix.os }}${{ matrix.arch != 'amd64' && format('-{0}', matrix.arch) || '' }}
+    runs-on: ${{ matrix.platform }}
 
     steps:
       - name: Setup Git
@@ -163,7 +159,7 @@ jobs:
     needs: ["test-installation"]
     # We skip this job only if test-installation was also skipped
     if: always() && needs.test-installation.result != 'skipped'
-    runs-on: ubuntu-24.04
+    runs-on: ubuntu-slim
     env:
       DEPS_RESULT: ${{ needs.test-installation.result }}
     steps:
@@ -278,7 +274,7 @@ jobs:
       # discussions to create the release announcement in the discussion forums
       contents: write
       discussions: write
-    runs-on: ubuntu-24.04
+    runs-on: ubuntu-slim
     steps:
       - name: Download distribution files
         uses: actions/download-artifact@v8
diff --git a/.github/workflows/dco-merge-queue.yml b/.github/workflows/dco-merge-queue.yml
@@ -5,7 +5,7 @@ on:
 
 jobs:
   DCO:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-slim
     if: ${{ github.actor != 'dependabot[bot]' }}
     steps:
       - run: echo "This DCO job runs on merge_queue event and doesn't check PR contents"
diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
@@ -7,7 +7,7 @@ jobs:
     permissions:
       contents: read
       pull-requests: write
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-slim
     steps:
       - name: Labeler
         # XXX: !!! SECURITY WARNING !!!
diff --git a/.github/workflows/release-notes-check.yml b/.github/workflows/release-notes-check.yml
@@ -16,7 +16,7 @@ on:
 jobs:
   check-release-notes:
     name: Check release notes are updated
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-slim
     steps:
       - name: Check for a release notes update
         if: github.event_name == 'pull_request'
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -99,8 +99,8 @@ plugins:
       default_handler: python
       handlers:
         python:
+          paths: ["src"]
           options:
-            paths: ["src"]
             docstring_section_style: spacy
             inherited_members: true
             merge_init_into_class: false
@@ -112,7 +112,7 @@ plugins:
             show_source: true
             show_symbol_type_toc: true
             signature_crossrefs: true
-          import:
+          inventories:
             # See https://mkdocstrings.github.io/python/usage/#import for details
             - https://docs.python.org/3/objects.inv
             - https://frequenz-floss.github.io/frequenz-channels-python/v1.0/objects.inv
diff --git a/pyproject.toml b/pyproject.toml
@@ -13,7 +13,8 @@ build-backend = "setuptools.build_meta"
 name = "frequenz-dispatch"
 description = "A highlevel interface for the dispatch API"
 readme = "README.md"
-license = { text = "MIT" }
+license = "MIT"
+license-files = ["LICENSE"]
 keywords = [
   "frequenz",
   "python",
@@ -26,7 +27,6 @@ keywords = [
 classifiers = [
   "Development Status :: 3 - Alpha",
   "Intended Audience :: Developers",
-  "License :: OSI Approved :: MIT License",
   "Programming Language :: Python :: 3",
   "Programming Language :: Python :: 3 :: Only",
   "Topic :: Software Development :: Libraries",
@@ -52,6 +52,7 @@ email = "floss@frequenz.com"
 [project.optional-dependencies]
 dev-flake8 = [
   "flake8 == 7.3.0",
+  "flake8-datetimez == 20.10.0",
   "flake8-docstrings == 1.7.0",
   "flake8-pyproject == 1.2.4", # For reading the flake8 config from pyproject.toml
   "pydoclint == 0.8.3",
