Apply project updates via manageprojects

* Replace "Safety" with https://github.com/pypa/pip-audit
* Add https://github.com/agronholm/typeguard/

Update test matrix:

* Min. Python v3.11
* remove Django 3.2.x
* add Django v5.1.x

.github/workflows/tests.yml

@@ -15,8 +15,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.12", "3.11", "3.10"]
-        django-version: ["5.0", "4.2", "3.2"]
+        python-version: ['3.12', '3.11']
+        django-version: ['5.1', '5.0', '4.2']
     steps:
     - name: Checkout
       run: |
@@ -26,7 +26,7 @@ jobs:
         git checkout $GITHUB_SHA || (git fetch && git checkout $GITHUB_SHA)
 
     - name: 'Set up Python ${{ matrix.python-version }}'
-      uses: actions/setup-python@v4
+      uses: actions/setup-python@v5
       # https://github.com/marketplace/actions/setup-python
       with:
         python-version: '${{ matrix.python-version }}'
@@ -42,10 +42,9 @@ jobs:
       run: |
         ./manage.py --help
 
-    # FIXME:
-    #- name: 'Safety'
-    #  run: |
-    #    ./manage.py safety
+    - name: 'pip-audit'
+      run: |
+        ./manage.py pip_audit
 
     - name: 'Python ${{ matrix.python-version }} Django ${{ matrix.django-version }}'
       env:
@@ -55,7 +54,7 @@ jobs:
         ./manage.py tox -e $(echo py${{ matrix.python-version }}-django${{ matrix.django-version }} | tr -d .)
 
     - name: 'Upload coverage report'
-      uses: codecov/codecov-action@v3
+      uses: codecov/codecov-action@v4
       # https://github.com/marketplace/actions/codecov
       with:
         fail_ci_if_error: false

.gitignore

@@ -23,4 +23,6 @@ __pycache__
 # Django
 secret.txt
 
+# Include all test snapshot files:
+!**/*.snapshot.*
 

huey_monitor_project/tests/__init__.py

@@ -3,6 +3,11 @@
 from pathlib import Path
 
 from bx_py_utils.test_utils.deny_requests import deny_any_real_request
+from typeguard import install_import_hook
+
+
+# Check type annotations via typeguard in all tests:
+install_import_hook(packages=('huey_monitor', 'huey_monitor_project'))
 
 
 def pre_configure_tests() -> None:

manage.py

@@ -42,14 +42,14 @@ def print_no_pip_error():
     BIN_NAME = 'Scripts'
     FILE_EXT = '.exe'
 else:
-    # Files under Linux/Mac and all other than Windows, e.g.: .../.venv/bin/python
+    # Files under Linux/Mac and all other than Windows, e.g.: .../.venv/bin/python3
     BIN_NAME = 'bin'
     FILE_EXT = ''
 
 BASE_PATH = Path(__file__).parent
 VENV_PATH = BASE_PATH / '.venv'
 BIN_PATH = VENV_PATH / BIN_NAME
-PYTHON_PATH = BIN_PATH / f'python{FILE_EXT}'
+PYTHON_PATH = BIN_PATH / f'python3{FILE_EXT}'
 PIP_PATH = BIN_PATH / f'pip{FILE_EXT}'
 PIP_SYNC_PATH = BIN_PATH / f'pip-sync{FILE_EXT}'
 
@@ -62,7 +62,7 @@ def print_no_pip_error():
 
 
 def get_dep_hash():
-    """Get SHA512 hash from poetry.lock content."""
+    """Get SHA512 hash from lock file content."""
     return hashlib.sha512(DEP_LOCK_PATH.read_bytes()).hexdigest()
 
 
@@ -98,31 +98,31 @@ def main(argv):
         print(f'Create virtual env here: {VENV_PATH.absolute()}')
         builder = venv.EnvBuilder(symlinks=True, upgrade=True, with_pip=True)
         builder.create(env_dir=VENV_PATH)
+
+    if not PROJECT_SHELL_SCRIPT.is_file() or not venv_up2date():
         # Update pip
         verbose_check_call(PYTHON_PATH, '-m', 'pip', 'install', '-U', 'pip')
 
-    if not PIP_SYNC_PATH.is_file():
         # Install pip-tools
         verbose_check_call(PYTHON_PATH, '-m', 'pip', 'install', '-U', 'pip-tools')
 
-    if not PROJECT_SHELL_SCRIPT.is_file() or not venv_up2date():
         # install requirements via "pip-sync"
         verbose_check_call(PIP_SYNC_PATH, str(DEP_LOCK_PATH))
 
         # install project
         verbose_check_call(PIP_PATH, 'install', '--no-deps', '-e', '.')
         store_dep_hash()
 
-    if 'run_dev_server' not in argv and 'run_huey' not in argv:
-        # ignore "Interrupt from keyboard" signals
-        # But not if we run the dev server or Huey consumer (respect watchfiles signals)
-        signal.signal(signal.SIGINT, noop_sigint_handler)
+    signal.signal(signal.SIGINT, noop_sigint_handler)  # ignore "Interrupt from keyboard" signals
 
     # Call our entry point CLI:
     try:
         verbose_check_call(PROJECT_SHELL_SCRIPT, *argv[1:])
     except subprocess.CalledProcessError as err:
         sys.exit(err.returncode)
+    except KeyboardInterrupt:
+        print('Bye!')
+        sys.exit(130)
 
 
 if __name__ == '__main__':

pyproject.toml

@@ -7,7 +7,7 @@ readme = "README.md"
 authors = [
     {name = 'Jens Diemer', email = '[email protected]'}
 ]
-requires-python = ">=3.10"
+requires-python = ">=3.11"
 dependencies = [
     "huey",  # https://github.com/coleifer/huey
     "django",
@@ -34,27 +34,29 @@ dev = [
     "pyflakes",  # https://github.com/PyCQA/pyflakes
     "codespell",  # https://github.com/codespell-project/codespell
     "EditorConfig",  # https://github.com/editorconfig/editorconfig-core-py
-    "safety",  # https://github.com/pyupio/safety
+    "pip-audit",  # https://github.com/pypa/pip-audit
     "mypy",  # https://github.com/python/mypy
     "twine",  # https://github.com/pypa/twine
+    "typeguard",  # https://github.com/agronholm/typeguard/
 
     # https://github.com/akaihola/darker
     # https://github.com/ikamensh/flynt
     # https://github.com/pycqa/isort
     # https://github.com/pygments/pygments
     "darker[flynt, isort, color]",
 
-    "tomli",  # https://github.com/hukkin/tomli
-    # tomli only needed for Python <3.11, but see bug:
-    # https://github.com/pypa/pip/issues/9644#issuecomment-1456583402
-    #"tomli;python_version<\"3.11\"",  # https://github.com/hukkin/tomli
-
     "model_bakery",  # https://github.com/model-bakers/model_bakery
     "requests-mock",
+    "django-override-storage",  # https://github.com/danifus/django-override-storage
+
+    # Work-a-round for: https://github.com/jazzband/pip-tools/issues/1866
+    # see also: https://github.com/jazzband/pip-tools/issues/994#issuecomment-1321226661
+    # backports.tarfile is needed for python <3.12
+    'backports.tarfile', # via jaraco-context -> keyring -> twine
 ]
-django32=["django>=3.2,<3.3"]
 django42=["django>=4.2,<4.3"]
 django50=["django>=5.0,<5.1"]
+django51=["django>=5.1,<5.2"]
 
 [project.urls]
 Documentation = "https://github.com/boxine/django-huey-monitor/"
@@ -75,6 +77,16 @@ local_settings='huey_monitor_project.settings.local'
 test_settings='huey_monitor_project.settings.tests'
 
 
+[tool.cli_base.pip_audit]
+requirements=["requirements.dev.txt"]
+strict=true
+require_hashes=true
+ignore-vuln=[
+#    "CVE-2019-8341", # Jinja2: Side Template Injection (SSTI)
+]
+
+
+
 [build-system]
 requires = ["setuptools>=61.0", "setuptools_scm>=7.1"]
 build-backend = "setuptools.build_meta"
@@ -91,14 +103,12 @@ version = {attr = "huey_monitor.__version__"}
 src = ['.']
 revision = "origin/main..."
 line_length = 119
-verbose = true
 color = true
 skip_string_normalization = true
 diff = false
 check = false
 stdout = false
 isort = true
-flynt = true
 lint = [
     "flake8",
 ]
@@ -115,7 +125,7 @@ line_length=119
 lines_after_imports=2
 
 
-[tool.coverage.run]
+[tool.coverage.run]  # https://coverage.readthedocs.io/en/latest/config.html#run
 branch = true
 parallel = true
 concurrency = ["multiprocessing"]
@@ -139,21 +149,22 @@ exclude_lines = [
 legacy_tox_ini = """
 [tox]
 isolated_build = True
-envlist = py{312,311,310}-django{50,42,32}
+envlist = py{312,311}-django{52,51,42}
 skip_missing_interpreters = True
 
 [testenv]
 passenv = *
 skip_install = true
 commands_pre =
+    pip install -U pip
     pip install -U pip-tools
-    django32: pip-sync requirements.django32.txt
     django42: pip-sync requirements.django42.txt
     django50: pip-sync requirements.django50.txt
+    django51: pip-sync requirements.django51.txt
 commands =
-    django32: {envpython} -m coverage run --context='{envname}' -m huey_monitor_project test --buffer
-    django42: {envpython} -m coverage run --context='{envname}' -m huey_monitor_project test --buffer --shuffle --parallel
-    django50: {envpython} -m coverage run --context='{envname}' -m huey_monitor_project test --buffer --shuffle --parallel
+    django42: {envpython} -m coverage run --context='{envname}'
+    django50: {envpython} -m coverage run --context='{envname}'
+    django51: {envpython} -m coverage run --context='{envname}'
 """
 
 
@@ -173,6 +184,7 @@ cookiecutter_template = "https://github.com/jedie/cookiecutter_templates/"
 cookiecutter_directory = "managed-django-project"
 applied_migrations = [
     "3c16cf7", # 2023-12-21T22:22:06+01:00
+    "e2b20e5", # 2024-09-26T19:43:41+02:00
 ]
 
 [manageprojects.cookiecutter_context.cookiecutter]