From 64097b33e474d6f444a3d008972060a522ae1c71 Mon Sep 17 00:00:00 2001 From: thomasc Date: Mon, 30 Mar 2026 11:39:08 +0200 Subject: [PATCH] fix(release): align package metadata and workflow action pins Ensure release automation updates pyproject metadata to prevent duplicate-version PyPI publishes, and pin workflow actions to current immutable SHAs for consistency and security. Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com> --- .github/workflows/lint.yml | 10 +++++----- .github/workflows/pypipublish.yml | 8 ++++---- .github/workflows/python-ci.yml | 4 ++-- .github/workflows/release.yml | 4 ++-- README.md | 2 +- pyproject.toml | 2 +- setup.py | 2 +- 7 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 18225ca3..284d1d83 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -16,15 +16,15 @@ jobs: python-version: ["3.8"] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: ${{ matrix.python-version }} - name: Cache pip packages - uses: actions/cache@v5 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: ~/.cache/pip key: ${{ runner.os }}-pip-${{ hashFiles('**/setup.py') }} @@ -49,10 +49,10 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.8" diff --git a/.github/workflows/pypipublish.yml b/.github/workflows/pypipublish.yml index ce4d9fee..4a3bdfcb 100644 --- a/.github/workflows/pypipublish.yml +++ b/.github/workflows/pypipublish.yml @@ -17,9 +17,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Python 3.10 - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.14" @@ -38,11 +38,11 @@ jobs: --outdir dist/ . # - name: Publish distribution 📦 to Test PyPI - # uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1 + # uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 # with: # password: ${{ secrets.PYPI_TEST_KEY }} # repository-url: https://test.pypi.org/legacy/ - name: Publish distribution 📦 to PyPI - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1 + uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 with: password: ${{ secrets.PYPI_KEY }} diff --git a/.github/workflows/python-ci.yml b/.github/workflows/python-ci.yml index a9a1cec0..9bfbf1d0 100644 --- a/.github/workflows/python-ci.yml +++ b/.github/workflows/python-ci.yml @@ -23,12 +23,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: ${{ matrix.python-version }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e9a89e00..a3a0842d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,13 +29,13 @@ jobs: pull-requests: write runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Prepare the next main release uses: Adyen/release-automation-action@3e5694d5b365f344a62436e84049511ef318ecf5 # v1.4.0 with: token: ${{ secrets.ADYEN_AUTOMATION_BOT_ACCESS_TOKEN }} develop-branch: main - version-files: setup.py Adyen/settings.py + version-files: setup.py pyproject.toml Adyen/settings.py release-title: Adyen Python API Library pre-release: ${{ inputs.pre-release || false }} github-release: ${{ inputs.github-release || false }} diff --git a/README.md b/README.md index 39a87113..b41fc27f 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ For more information, refer to our [documentation](https://docs.adyen.com/) or t - [Adyen test account](https://docs.adyen.com/get-started-with-adyen) - [API key](https://docs.adyen.com/development-resources/api-credentials#generate-api-key). For testing, your API credential needs to have the [API PCI Payments role](https://docs.adyen.com/development-resources/api-credentials#roles). -- Python 3.6 or higher +- Python 3.8 or higher - Packages (optional): requests or pycurl ## Installation diff --git a/pyproject.toml b/pyproject.toml index bfd89c52..410b0051 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta" [project] name = "Adyen" -version = "14.0.0" +version = "15.0.0" description = "Adyen Python Api" readme = "README.md" requires-python = ">=3.8" diff --git a/setup.py b/setup.py index 9242d02e..16406816 100644 --- a/setup.py +++ b/setup.py @@ -13,7 +13,7 @@ url="https://github.com/Adyen/adyen-python-api-library", keywords=["payments", "adyen", "fintech"], python_requires=">=3.8", - install_requires=[], # Core is standard library only, plus optional clients below + install_requires=[], extras_require={ "requests": ["requests>=2.25.0"], "pycurl": ["pycurl>=7.43.0"],