[INFRAHELP-2529] feat: add exclude-commands (#73)

* Bump actions/checkout from 4 to 5

Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump eslint from 9.26.0 to 9.34.0

Bumps [eslint](https://github.com/eslint/eslint) from 9.26.0 to 9.34.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](eslint/eslint@v9.26.0...v9.34.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 9.34.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump jest from 29.7.0 to 30.1.3

Bumps [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) from 29.7.0 to 30.1.3.
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.1.3/packages/jest)

---
updated-dependencies:
- dependency-name: jest
  dependency-version: 30.1.3
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump actions/setup-python from 5 to 6

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5 to 6.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump actions/setup-node from 4.4.0 to 5.0.0

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.4.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@v4.4.0...v5.0.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* refactor: move from .eslintrc.json to eslint.config.cjs due to deprecation

* chore: clean unused codepaths

* feat: add determineSkips function

* feat: add determineSkips tests

* feat: incorporate determineSkips

* feat: add tests for action-level skipCommands

* feat: add exclude-commands input to action

* chore: update readme

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: ajaxbits

.eslintignore

@@ -21,10 +21,10 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: Setup Node.js
-        uses: actions/setup-node@v4.4.0
+        uses: actions/setup-node@v5.0.0
         with:
           node-version-file: package.json
           cache: npm

.eslintrc.json

@@ -38,7 +38,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

.github/workflows/check-dist.yml

@@ -11,15 +11,15 @@ jobs:
   units:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v5
     - run: npm ci
     - run: npm test
 
   # test action works running from the graph
   test:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v5
     - uses: ./
       id: discover
       with:
@@ -42,14 +42,14 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Dump project object
         run: |
           echo '${{ toJson(matrix.project) }}'
 
       - name: Setup Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version-file: ${{ matrix.project.path }}
 

.github/workflows/codeql-analysis.yml

@@ -1,28 +1,38 @@
 # find-python-projects-action
-Github Action for dynamically discovering Python projects in a repository and making available some helpful values from `pyproject.toml`, including CI/CD commands like `test`, for each project it finds.
+GitHub Action for dynamically discovering Python projects in a repository and making available some helpful values from `pyproject.toml`, including CI/CD commands like `test`, for each project it finds.
 
 Python projects are identified by the presence of `pyproject.toml`.
 Various pieces of information about each project are parsed from `pyproject.toml` and returned in the action outputs as JSON strings, including shell commands for additional CI type operations like `test` and `package`.
-This is meant to faciliate downstream actions or workflows such as matrix builds for parallel builds of each project.
+This is meant to facilitate downstream actions or workflows such as matrix builds for parallel builds of each project.
 
 This action aims to help you eliminate (or at least reduce) the amount of customization needed in your GHA workflows by pushing your project-specific stuff into `pyproject.toml`.
 
-
 ## Inputs
-- **root-dir**: Directory root for where to begin recursively searching for projects.
-Python projects contained in this directory or lower will be discovered.  Defaults to your repository's root directory.
-
-- **additional-export-paths**: Additional TOML keys to export as part of the projects object. Specify them as json path strings, separated by commas. For example, "tool.foo.bar,baz.qux".
 
-## Outputs
-- **paths**: JSON array of found project path strings
+> `List` type is a newline-delimited string
+> ```yaml
+> exclude-commands: |
+>   project=my-package-1,command=test
+>   project=my-package-2,command=lint
+> ```
 
-- **projects**: JSON array of all found projects ([project object](#project-object-output-shape))
+> `CSV` type is a comma-delimited string
+> ```yaml
+> additional-export-paths: tool.foo.bar,baz.qux
+> ```
 
-- **projects-by-command**: JSON object with keys corresponding to the name of discovered commands
-(eg `install`, `test`, `package`, etc.) in all projects, with an array value containing each
-[project object](#project-object-output-shape) that implements the command.
+| Input                     | Type        | Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
+|---------------------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `root-dir`                | string      | Directory root for where to begin recursively searching for projects. Python projects contained in this directory or lower will be discovered. Defaults to your repository's root directory.                                                                                                                                                                                                                                                                                                                                                         |
+| `additional-export-paths` | CSV         | Additional TOML keys to export as part of the projects object. Specify them as JSON path strings, separated by commas. For example, `"tool.foo.bar,baz.qux"`.                                                                                                                                                                                                                                                                                                                                                                                        |
+| `exclude-commands`        | string/List | Commands to exclude from processing during project discovery. Any plain string will be parsed as a command. For instance, passing "test" will cause the action to not export any information about "test" commands found in the repo. For project-specific overrides, pass a string of form `project=<name>,command=<name>`. For instance, a value of `project=one,command=lint` would cause the `lint` command to be excluded for a project named `one`, if such a project is discovered. Global and project-specific excludes can be freely mixed. |
 
+## Outputs
+| Output                | Type                          | Description                                                                                                                                                                                                                                                                                                                                                     |
+|-----------------------|-------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `paths`               | JSON array<string>            | JSON array of found project path strings.                                                                                                                                                                                                                                                                                                                       |
+| `projects`            | JSON array<project>           | JSON array of all found projects (see [project object](#project-object-output-shape)).                                                                                                                                                                                                                                                                          |
+| `projects-by-command` | JSON object<string, project[]> | JSON object with keys corresponding to the name of discovered commands (e.g., `install`, `test`, `package`, etc.) in all projects, with an array value containing each [project object](#project-object-output-shape) that implements the command.                                                                                                              |
 
 ## Project object output shape
 These are the fields for `project` objects in the output:
@@ -42,12 +52,10 @@ This is dynamically constructed from the `pyproject.toml` content.
 
 - **exports**: Object with keys specified by the `additional-export-paths` input, and the structured TOML data (parsed as JSON) as the values.
 
-
 ## Project Commands
 In the absence of Python standards for expressing internal project CI/CD/Dev operations, this action tries to unify the various known ways in the wild.
 
-This action will surface any command you specify in the pyproject.toml files.  Typically you'll
-want to define one or more of the following for your CI/CD system::
+This action will surface any command you specify in the pyproject.toml files.  Typically you'll want to define one or more of the following for your CI/CD system:
 
 - `test`
 - `package`
@@ -61,7 +69,7 @@ This action will pull the command from the first entry it finds in any of the fo
 - `[tool.poe.tasks]`: [poethepoet](https://github.com/nat-n/poethepoet)
 
 ### The `install` command
-This action perfoms special treatment for surfacing the `install` command.  Namely, if it is not explicitly specified, the action will attempt to generate a default based on the packaging backend (eg Poetry, PDM) that it discovers.
+This action performs special treatment for surfacing the `install` command.  Namely, if it is not explicitly specified, the action will attempt to generate a default based on the packaging backend (eg Poetry, PDM) that it discovers.
 The intent is that you do not need to specify an `install` command in your pyproject.toml, but you can if necessary.
 
 ### Where is the support for `[tool.poetry.scripts]`?
@@ -71,15 +79,11 @@ can leverage a task runner tool like [Poe](https://github.com/nat-n/poethepoet)
 
 *If Poetry ever adds support for internal project (CI/CD/Dev) commands separate from published commands, then it will be added to this action.*
 
-
 ### Relevant References / Discussions
-https://discuss.python.org/t/a-new-pep-to-specify-dev-scripts-and-or-dev-scripts-providers-in-pyproject-toml/11457
-
-https://discuss.python.org/t/proposal-for-tests-entry-point-in-pyproject-toml/2077
-
-https://stackoverflow.com/questions/70386944/how-should-poetry-scripts-used-in-the-build-process-be-stored-in-the-project
-
-https://github.com/python-poetry/poetry/issues/3386
+- https://discuss.python.org/t/a-new-pep-to-specify-dev-scripts-and-or-dev-scripts-providers-in-pyproject-toml/11457
+- https://discuss.python.org/t/proposal-for-tests-entry-point-in-pyproject-toml/2077
+- https://stackoverflow.com/questions/70386944/how-should-poetry-scripts-used-in-the-build-process-be-stored-in-the-project
+- https://github.com/python-poetry/poetry/issues/3386
 
 ## Example Workflow
 [.github/workflows/examples/example.yml](.github/workflows/examples/example.yml)