Cookiecutter for creating open source Python packages

Related tags

Security related resources python best-practices cookiecutter-template cruft
Overview

Wolt Python Package Cookiecutter

Cookiecutter for rapidly developing new open source Python packages. Best practices with all the modern bells and whistles included.

Demo

Example projects which use Wolt Python Package Cookiecutter

Features

Automatic updates to the projects generated from this cookiecutter

  • Powered by cruft
  • Keep your project up-to-date with best practices

Continuous integration

  • Powered by Github Actions
  • Testing against multiple different versions

Documentation

Automated releases

  • Publishing to PyPI when a release is made in GitHub

Changelog management

  • Gently enforced: Keep a Changelog
  • GitHub releases get their description automatically populated based on the changelog content
  • The Unreleased section is automatically updated when a release is done
  • Changelog is embedded in the documentation

Bells and whistles

  • Poetry for managing dependencies and packaging
  • pre-commit for running all the goodies listed below
  • mypy for static type checking
  • flake8 (with multiple plugins) for linting (e.g. style and complexity checks)
  • black for auto-formatting the code
  • isort for auto-sorting imports
  • autoflake for auto-removing unused imports

Automation

  • Updates to the best practices (via GHA workflow which runs cruft update and creates a PR)
  • Dependency updates (via GHA workflow which creates a PR)

Usage

Make sure you have cruft installed. Alternatively, you can use cookiecutter if you are not interested in getting updates to the project "boilerplate" in the future.

Create a new project:

cruft create https://github.com/woltapp/wolt-python-package-cookiecutter

The CLI interface will ask some basic questions, such the name of the project, and then generate all the goodies automatically.

After that you can make it a proper git repo:

cd <your-project-slug>
git init
git add .
git commit -m "Initial project structure from Wolt Python Package cookiecutter"

We update this cookiecutter template regularly to keep it up-to-date with the best practices of the Python world. You can get the updates into your project with:

cruft update

Configure secrets

PYPI_TOKEN

Required for publishing the package to PyPI. You can generate a token by logging into PyPI and navigating to Add API token in your account settings.

AUTO_UPDATE_GITHUB_TOKEN

This cookiecutter template comes with an auto update feature if the project was created using cruft. A GitHub action automatically checks for updates and creates a pull request.

Generate personal access token and use it as the value for AUTO_UPDATE_GITHUB_TOKEN secret. When creating the access token, the following permissions have to be granted

  • repo
  • workflow

After the first release

The first release will create gh-pages branch which will contain the static files for the documentation. Enable GitHub Pages in the Pages section of the repository settings.

Comments
  • `python-kacl` depends on `pychalk` 2.0.1 which is incompatible with Python 3.10

    `python-kacl` depends on `pychalk` 2.0.1 which is incompatible with Python 3.10

    opened by IceBotYT 3
  • fix: autoupdate is broken due to changed GHA behaviour

    fix: autoupdate is broken due to changed GHA behaviour

    The auto update does not work anymore. Unfortunately, the pipeline is still reported as successfully... thus we have to manually update all repositories. Screenshot 2022-05-25 at 16 15 12

    This solution is much much simpler and has not external dependency. See https://github.com/UnicornGlobal/has-changes-action/issues/5 for more information.

    opened by escaped 1
  • Update mkdocstrings

    Update mkdocstrings

    They apparently flipped the show_submodules default value to False at some point. Also, they stopped shipping the Python handler so it needs to be explicitly added as requirement.

    opened by jerry-git 0
  • Support for shellcheck and verify generated project.

    Support for shellcheck and verify generated project.

    Actionlint lints our workflow. When it was integrated, we weren't aware that an accompanying script (shellcheck) is used as well if available. This PR fixes our workflows and makes sure that all workflows and project files are validated on CI.

    opened by escaped 0
  • lint workflows

    lint workflows

    It's easy to screw up the workflows. Let's validate them beforehand :)

    It's also possible to integrate it into pre-commit, but the downside of that approach is that actionlint needs to be manually installed on the system. Using docker would be an option, but I don't think it's a good idea to force everyone to have docker installed.

    opened by escaped 0
  • Update `actions/setup-python` version

    Update `actions/setup-python` version

    Hi! 👋

    Since actions/setup-python@v2 has some deprecation warnings, the version can be upgraded to v4. More info:

    • https://github.com/actions/setup-python/issues/526
    • https://github.com/joaopalmeiro/cloack/actions/runs/3629587864/jobs/6121966272
    opened by joaopalmeiro 0
  • Remove version pinning of actionlint

    Remove version pinning of actionlint

    Currently pinned to 1.6.21 (see https://github.com/woltapp/wolt-python-package-cookiecutter/pull/26). The next version requires a number of changes in the workflow yamls.

    opened by jerry-git 0
  • question: why not mypy strict?

    question: why not mypy strict?

    Hi,

    In your article and this project, a few MyPy configurations are setuped.

    I wonder why MyPy strict is not replacing some of them?

    For instance, MyPy version 0.942 defines --strict as:

      --strict                  Strict mode; enables the following flags: --warn-unused-configs,
                            --disallow-any-generics, --disallow-subclassing-any, --disallow-
                            untyped-calls, --disallow-untyped-defs, --disallow-incomplete-
                            defs, --check-untyped-defs, --disallow-untyped-decorators, --no-
                            implicit-optional, --warn-redundant-casts, --warn-unused-ignores,
                            --warn-return-any, --no-implicit-reexport, --strict-equality
    opened by tomsquest 0
  • Update pre-commit and other good checks to add

    Update pre-commit and other good checks to add

    Pre-commit is up to 4.3.0 from 4.0.1 (can usually run pre-commit autoupdate)

    Also just a few suggestions for good things to have for most repos:

        # Identify invalid files
    - id: check-ast                        
    - id: check-yaml                       
    - id: check-json                       
    - id: check-toml                       

    # git checks
    - id: check-merge-conflict             
    - id: check-added-large-files          
    - id: detect-private-key               
    - id: check-case-conflict              

    # Python checks
    - id: check-docstring-first            
    - id: debug-statements                 
    - id: requirements-txt-fixer           
    - id: fix-encoding-pragma              
    - id: fix-byte-order-marker            

    # General quality checks
    - id: mixed-line-ending                
    - id: trailing-whitespace              
      args: [--markdown-linebreak-ext=md]  
    - id: check-executables-have-shebangs  
    - id: end-of-file-fixer
    opened by cdgriffith 0
Owner
Wolt
Wolt
GitHub
Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

The Recon-ng Framework Recon-ng content now available on Pluralsight! Recon-ng is a full-featured reconnaissance framework designed with the goal of p

null 2.4k Jan 7, 2023
A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources to make Ubuntu 20.04 capable of both offensive and defensive security work.

infosec-fortress A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a s

James 41 Dec 30, 2022
This tool ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes.

This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes. secure development, if currently supported, possible backdoors (malicious embedded code), typosquatting analysis, the history of versions and reported vulnerabilities (CVEs) of the package.

Telefónica 66 Nov 8, 2022
A python tool capable of creating HUGE wordlists. Has the ability to add custom words for concatenation in any way you see fit.

A python tool capable of creating HUGE wordlists. Has the ability to add custom words for concatenation in any way you see fit.

Codex 9 Oct 5, 2022
A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

Cycurity 39 Dec 10, 2022
Open source vulnerability DB and triage service.

OSV - Open Source Vulnerabilities OSV is a vulnerability database and triage infrastructure for open source projects aimed at helping both open source

Google 893 Jan 4, 2023
An open-source post-exploitation framework for students, researchers and developers.

Questions? Join the Discord support server Disclaimer: This project should be used for authorized testing or educational purposes only. BYOB is an ope

dvm 8.1k Dec 31, 2022
LinOTP - the open source solution for two factor authentication

LinOTP LinOTP - the Open Source solution for multi-factor authentication Copyright © 2010-2019 KeyIdentity GmbH Coypright © 2019- arxes-tolina GmbH In

LinOTP 462 Jan 2, 2023
BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.

CVE-2021-21389 BuddyPress < 7.2.1 - REST API Privilege Escalation to RCE PoC (Full) Affected version: 5.0.0 to 7.2.0 User requirement: Subscriber user

KIEN HOANG 17 Nov 9, 2022
🔍 IRIS: An open-source intelligence framework

IRIS is an open-source OSINT framework, consisting of modules to find information about a target by scraping sites and fetching data from APIs.

IRIS 79 Dec 20, 2022
Open Source Tool - Cybersecurity Graph Database in Neo4j

GraphKer Open Source Tool - Cybersecurity Graph Database in Neo4j |G|r|a|p|h|K|e|r| { open source tool for a cybersecurity graph database in neo4j } W

Adamantios - Marios Berzovitis 27 Dec 6, 2022
Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage

Apiiro 84 Dec 23, 2022
Scout Suite - an open source multi-cloud security-auditing tool,

Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t

NCC Group Plc 5k Jan 5, 2023
Linus-png.github.io - Versionsverwaltung & Open Source Hausaufgabe

Let's Git - Versionsverwaltung & Open Source Hausaufgabe Herzlich Willkommen zu

null 1 Jan 24, 2022
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

RedTeam Toolkit Note: Only legal activities should be conducted with this project. Red Team Toolkit is an Open-Source Django Offensive Web-App contain

Mohammadreza Sarayloo 382 Jan 1, 2023
SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly identify the weakness.

null 136 Dec 13, 2022
ORector - A Fast Python tool designed to detect open redirects vulnerabilities on websites

ORector is a Fast Python tool designed to detect open redirects vulnerabilities

null 11 Apr 2, 2022
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.

DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai

Vadi 329 Jan 1, 2023
A tool for making python source difficult to read.

obscurepy Description A tool for obscuring, or making python source code difficult to read. Table of Contents Installation Limitations Usage Disclaime

Andrew Christiansen 10 Jul 31, 2022