Version 2.1.0 with support for Shapeshifer 3.1.0 #20

stan-janssen · 2025-10-07T07:33:16Z

This version adds support for the upcoming Shapeshifter 3.1.0, as requested in #19.

.github/workflows/test.yml

+    name: python
    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version:
+          - "3.11"
+          - "3.12"
+          - "3.13"
    steps:
-    - name: Checkout Source
-      uses: actions/checkout@v4
-    - name: Set up Python
-      uses: actions/setup-python@v5
-      with:
-        python-version: 3.11
-    - name: Install Dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install .
-        pip install .[dev]
-    - name: Run Tests
-      run: |
-        pip install pytest pytest-cov
-        pytest
+      - uses: actions/checkout@v5
+      - name: Install uv and set the Python version
+        uses: astral-sh/setup-uv@v6
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install the project
+        run: uv sync --locked --all-extras --dev
+      - name: Run tests


To fix this problem, you should explicitly set the least privileges needed by the workflow job. In this specific workflow, the job only needs to check out the code and install dependencies to run tests; it does not need write access. Thus, adding a permissions block at the job level (inside python-test:) or at the workflow root (top-level, for all jobs) with contents: read suffices. Since there is currently only one job, either location is fine, but including it at the job level gives you flexibility for future jobs.

Edit the .github/workflows/test.yml file:
Add the following keys within the python-test: job, just after runs-on: ubuntu-latest (e.g., after line 10):

permissions: contents: read

No new methods, imports, or definitions are required since this is a YAML workflow configuration.

stan-janssen added 3 commits August 18, 2025 16:17

Increased allowable fastapi version to include 0.116

c86ea1b

Upgrade dependencies

034b332

Cleanup

eae9678

stan-janssen force-pushed the v2.1.0 branch 3 times, most recently from fe0c34d to 3737341 Compare October 7, 2025 07:56

github-advanced-security bot found potential problems Oct 7, 2025

View reviewed changes

.github/workflows/test.yml Fixed Show fixed Hide fixed

stan-janssen force-pushed the v2.1.0 branch 9 times, most recently from 318aa7c to b1ad9fa Compare October 7, 2025 08:09

github-advanced-security bot found potential problems Oct 7, 2025

View reviewed changes

stan-janssen added 4 commits October 7, 2025 10:14

Support for version 3.1.0

2eb7b1e

Use uv in Github Actions

f0a829a

Drop support for Python 3.10

95df308

Release version 2.1.0

6861303

stan-janssen force-pushed the v2.1.0 branch from 3253d34 to 6861303 Compare October 7, 2025 08:14

stan-janssen merged commit a21fa33 into main Oct 7, 2025
6 of 7 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Version 2.1.0 with support for Shapeshifer 3.1.0 #20

Version 2.1.0 with support for Shapeshifer 3.1.0 #20

Uh oh!

stan-janssen commented Oct 7, 2025

Uh oh!

Uh oh!

Check warning

Copilot Autofix

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Version 2.1.0 with support for Shapeshifer 3.1.0 #20

Version 2.1.0 with support for Shapeshifer 3.1.0 #20

Uh oh!

Conversation

stan-janssen commented Oct 7, 2025

Uh oh!

Uh oh!

Check warning

Copilot Autofix

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants