ASFHyP3 · jtherrmann · Feb 10, 2025 · Feb 7, 2025 · Feb 8, 2025 · Feb 8, 2025
@@ -1,9 +1,19 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
 version: 2
 updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
+  - package-ecosystem: pip
+    directory: /
     schedule:
-      # Check for updates to GitHub Actions every weekday
-      interval: "daily"
+      interval: weekly
     labels:
-      - "bumpless"
+      - bumpless
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: weekly
+    labels:
+      - bumpless
@@ -6,10 +6,10 @@
 
 jobs:
   call-create-jira-issue-workflow:
-    uses: ASFHyP3/actions/.github/workflows/reusable-create-jira-issue.yml@v0.15.0
+    uses: ASFHyP3/actions/.github/workflows/reusable-create-jira-issue.yml@v0.17.1
     secrets:
       JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
       JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
      JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
      JIRA_PROJECT: ${{ secrets.JIRA_PROJECT }}
      JIRA_FIELDS: ${{ secrets.JIRA_FIELDS }}
@@ -12,4 +12,4 @@
 
 jobs:
   call-labeled-pr-check-workflow:
-    uses: ASFHyP3/actions/.github/workflows/reusable-labeled-pr-check.yml@v0.15.0
+    uses: ASFHyP3/actions/.github/workflows/reusable-labeled-pr-check.yml@v0.17.1
@@ -8,8 +8,8 @@
 
 jobs:
   call-release-workflow:
-    uses: ASFHyP3/actions/.github/workflows/reusable-release.yml@v0.15.0
+    uses: ASFHyP3/actions/.github/workflows/reusable-release.yml@v0.17.1
     with:
       release_prefix: HyP3 Testing
     secrets:
      USER_TOKEN: ${{ secrets.TOOLS_BOT_PAK }}
@@ -5,12 +5,12 @@
 jobs:
   call-secrets-analysis-workflow:
     # Docs: https://github.com/ASFHyP3/actions
-    uses: ASFHyP3/actions/.github/workflows/reusable-secrets-analysis.yml@v0.15.0
+    uses: ASFHyP3/actions/.github/workflows/reusable-secrets-analysis.yml@v0.17.1
 
   call-ruff-workflow:
     # Docs: https://github.com/ASFHyP3/actions
-    uses: ASFHyP3/actions/.github/workflows/reusable-ruff.yml@v0.15.0
+    uses: ASFHyP3/actions/.github/workflows/reusable-ruff.yml@v0.17.1
 
   call-mypy-workflow:
     # Docs: https://github.com/ASFHyP3/actions
-    uses: ASFHyP3/actions/.github/workflows/reusable-mypy.yml@v0.15.0
+    uses: ASFHyP3/actions/.github/workflows/reusable-mypy.yml@v0.17.1
@@ -7,6 +7,6 @@
 
 jobs:
   call-bump-version-workflow:
-    uses: ASFHyP3/actions/.github/workflows/reusable-bump-version.yml@v0.15.0
+    uses: ASFHyP3/actions/.github/workflows/reusable-bump-version.yml@v0.17.1
     secrets:
       USER_TOKEN: ${{ secrets.TOOLS_BOT_PAK }}
@@ -16,11 +16,11 @@ dependencies:
   - pytest-cov
   - pytest-dependency
   - pytest-timeout
-  - ruff
-  - mypy
   - rasterio
   - wheel
   - xarray
   - remotezip
   - rioxarray
   - opencv<4.9.0  # https://github.com/conda-forge/opencv-feedstock/issues/400
+  - pip:
+    - -r requirements-static.txt
@@ -70,14 +70,17 @@ quote-style = "single"
 [tool.ruff.lint]
 extend-select = [
     "I",   # isort: https://docs.astral.sh/ruff/rules/#isort-i
-
+    "D",   # pydocstyle: https://docs.astral.sh/ruff/rules/#pydocstyle-d
+
     # TODO: uncomment the following extensions and address their warnings:
     #"UP",  # pyupgrade: https://docs.astral.sh/ruff/rules/#pyupgrade-up
-    #"D",   # pydocstyle: https://docs.astral.sh/ruff/rules/#pydocstyle-d
     #"ANN", # annotations: https://docs.astral.sh/ruff/rules/#flake8-annotations-ann
     #"PTH", # use-pathlib-pth: https://docs.astral.sh/ruff/rules/#flake8-use-pathlib-pth
 ]
 
+[tool.ruff.lint.extend-per-file-ignores]
+"tests/*" = ["D100", "D103", "ANN"]
+
 [tool.ruff.lint.pydocstyle]
 convention = "google"
 

@@ -0,0 +1,2 @@
+ruff==0.9.5
+mypy==1.14.1