From a6da2b99fb0a6588d75c73f62c6268adb52bfc83 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 1 Mar 2025 02:08:15 +0000 Subject: [PATCH 1/2] chore(deps): Bump python-semantic-release/python-semantic-release Bumps [python-semantic-release/python-semantic-release](https://github.com/python-semantic-release/python-semantic-release) from 9.1.1 to 9.21.0. - [Release notes](https://github.com/python-semantic-release/python-semantic-release/releases) - [Changelog](https://github.com/python-semantic-release/python-semantic-release/blob/master/CHANGELOG.rst) - [Commits](https://github.com/python-semantic-release/python-semantic-release/compare/v9.1.1...v9.21.0) --- updated-dependencies: - dependency-name: python-semantic-release/python-semantic-release dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 28d0e2e2..727c43b5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -111,7 +111,7 @@ jobs: id: release # see https://python-semantic-release.readthedocs.io/en/latest/automatic-releases/github-actions.html # see https://github.com/python-semantic-release/python-semantic-release - uses: python-semantic-release/python-semantic-release@v9.1.1 + uses: python-semantic-release/python-semantic-release@v9.21.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} force: ${{ github.event.inputs.release_force }} From e59325b0f77de44cf96ab6e7bcac9bf830fd38ac Mon Sep 17 00:00:00 2001 From: Jan Kowalleck Date: Thu, 24 Apr 2025 15:57:38 +0200 Subject: [PATCH 2/2] dings Signed-off-by: Jan Kowalleck --- pyproject.toml | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index d7aed922..d3c4e11e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -24,10 +24,10 @@ packages = [ ] include = [ # all is an object -> prevent parse issue with dependabot - { path="README.md", format =["sdist"] }, - { path="tests", format=["sdist"] }, - { path="CHANGELOG.md", format=["sdist"] }, - { path="docs", format=["sdist"] }, + { path = "README.md", format = ["sdist"] }, + { path = "tests", format = ["sdist"] }, + { path = "CHANGELOG.md", format = ["sdist"] }, + { path = "docs", format = ["sdist"] }, ] exclude = [ "**/.*", # exclude dotfiles and dotfolders @@ -35,7 +35,7 @@ exclude = [ ] keywords = [ "OWASP", "CycloneDX", - "bill-of-materials", "BOM", "software-bill-of-materials","SBOM", + "bill-of-materials", "BOM", "software-bill-of-materials", "SBOM", "environment", "virtualenv", "venv", "Poetry", "Pipenv", "requirements", "PDM", "Conda", "SPDX", "licenses", "PURL", "package-url", "dependency-graph", ] @@ -106,13 +106,18 @@ pdm = "^2.11" - [tool.semantic_release] # see https://python-semantic-release.readthedocs.io/en/latest/configuration.html +logging_use_named_masks = true +commit_parser = "conventional" +commit_parser_options = { parse_squash_commits = true, ignore_merge_commits = true } commit_author = "semantic-release " commit_message = "chore(release): {version}\n\nAutomatically generated by python-semantic-release\n\nSigned-off-by: semantic-release " upload_to_vcs_release = true -build_command = "pip install poetry && poetry build" +build_command = """ + pip install poetry + poetry build +""" version_toml = ["pyproject.toml:tool.poetry.version"] version_variables = [ "cyclonedx_py/__init__.py:__version__", @@ -124,7 +129,7 @@ dist_glob_patterns = ["dist/*"] upload_to_vcs_release = true [tool.semantic_release.changelog] -changelog_file = "CHANGELOG.md" +default_templates = { changelog_file = "CHANGELOG.md" } exclude_commit_patterns = [ '''chore(?:\([^)]*?\))?: .+''', '''ci(?:\([^)]*?\))?: .+''',