fast-minimum-variance 0.2.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- fast_minimum_variance-0.2.0/.bandit +2 -0
- fast_minimum_variance-0.2.0/.editorconfig +41 -0
- fast_minimum_variance-0.2.0/.github/DISCUSSION_TEMPLATE/q-and-a.yml +25 -0
- fast_minimum_variance-0.2.0/.github/ISSUE_TEMPLATE/bug_report.yml +57 -0
- fast_minimum_variance-0.2.0/.github/ISSUE_TEMPLATE/feature_request.yml +41 -0
- fast_minimum_variance-0.2.0/.github/actions/configure-git-auth/README.md +80 -0
- fast_minimum_variance-0.2.0/.github/actions/configure-git-auth/action.yml +21 -0
- fast_minimum_variance-0.2.0/.github/dependabot.yml +80 -0
- fast_minimum_variance-0.2.0/.github/secret_scanning.yml +20 -0
- fast_minimum_variance-0.2.0/.github/workflows/rhiza_book.yml +92 -0
- fast_minimum_variance-0.2.0/.github/workflows/rhiza_ci.yml +264 -0
- fast_minimum_variance-0.2.0/.github/workflows/rhiza_codeql.yml +129 -0
- fast_minimum_variance-0.2.0/.github/workflows/rhiza_marimo.yml +114 -0
- fast_minimum_variance-0.2.0/.github/workflows/rhiza_release.yml +474 -0
- fast_minimum_variance-0.2.0/.github/workflows/rhiza_sync.yml +180 -0
- fast_minimum_variance-0.2.0/.github/workflows/rhiza_weekly.yml +118 -0
- fast_minimum_variance-0.2.0/.gitignore +122 -0
- fast_minimum_variance-0.2.0/.pre-commit-config.yaml +75 -0
- fast_minimum_variance-0.2.0/.python-version +1 -0
- fast_minimum_variance-0.2.0/.rhiza/.cfg.toml +34 -0
- fast_minimum_variance-0.2.0/.rhiza/.gitignore +2 -0
- fast_minimum_variance-0.2.0/.rhiza/.rhiza-version +1 -0
- fast_minimum_variance-0.2.0/.rhiza/CODE_OF_CONDUCT.md +27 -0
- fast_minimum_variance-0.2.0/.rhiza/CONTRIBUTING.md +139 -0
- fast_minimum_variance-0.2.0/.rhiza/assets/rhiza-logo.svg +81 -0
- fast_minimum_variance-0.2.0/.rhiza/make.d/book.mk +58 -0
- fast_minimum_variance-0.2.0/.rhiza/make.d/bootstrap.mk +107 -0
- fast_minimum_variance-0.2.0/.rhiza/make.d/custom-env.mk +9 -0
- fast_minimum_variance-0.2.0/.rhiza/make.d/custom-task.mk +12 -0
- fast_minimum_variance-0.2.0/.rhiza/make.d/marimo.mk +42 -0
- fast_minimum_variance-0.2.0/.rhiza/make.d/quality.mk +64 -0
- fast_minimum_variance-0.2.0/.rhiza/make.d/releasing.mk +50 -0
- fast_minimum_variance-0.2.0/.rhiza/make.d/test.mk +157 -0
- fast_minimum_variance-0.2.0/.rhiza/requirements/README.md +27 -0
- fast_minimum_variance-0.2.0/.rhiza/requirements/docs.txt +4 -0
- fast_minimum_variance-0.2.0/.rhiza/requirements/marimo.txt +2 -0
- fast_minimum_variance-0.2.0/.rhiza/requirements/tests.txt +18 -0
- fast_minimum_variance-0.2.0/.rhiza/requirements/tools.txt +7 -0
- fast_minimum_variance-0.2.0/.rhiza/rhiza.mk +158 -0
- fast_minimum_variance-0.2.0/.rhiza/semgrep.yml +84 -0
- fast_minimum_variance-0.2.0/.rhiza/template.lock +101 -0
- fast_minimum_variance-0.2.0/.rhiza/template.yml +9 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/README.md +169 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/api/conftest.py +95 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/api/test_gh_aw_targets.py +95 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/api/test_github_targets.py +63 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/api/test_makefile_api.py +369 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/api/test_makefile_targets.py +352 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/api/test_weekly_workflow.py +241 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/conftest.py +217 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/deps/test_dependency_health.py +111 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/integration/test_book_targets.py +134 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/integration/test_docs_targets.py +48 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/integration/test_lfs.py +182 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/integration/test_sbom.py +172 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/integration/test_test_mk.py +53 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/integration/test_virtual_env_unexport.py +37 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/security/test_security_patterns.py +180 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/shell/test_scripts.sh +245 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/stress/README.md +143 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/stress/__init__.py +5 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/stress/conftest.py +50 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/stress/test_git_stress.py +169 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/stress/test_makefile_stress.py +145 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/structure/test_lfs_structure.py +135 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/structure/test_project_layout.py +57 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/structure/test_requirements.py +51 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/structure/test_template_bundles.py +89 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/sync/conftest.py +100 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/sync/test_docstrings.py +123 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/sync/test_readme_validation.py +197 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/sync/test_rhiza_version.py +137 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/test_utils.py +70 -0
- fast_minimum_variance-0.2.0/.rhiza/tests/utils/test_git_repo_fixture.py +132 -0
- fast_minimum_variance-0.2.0/.rhiza/utils/pip_audit_policy.py +67 -0
- fast_minimum_variance-0.2.0/.rhiza/utils/suppression_audit.py +282 -0
- fast_minimum_variance-0.2.0/LICENSE +21 -0
- fast_minimum_variance-0.2.0/Makefile +14 -0
- fast_minimum_variance-0.2.0/PKG-INFO +117 -0
- fast_minimum_variance-0.2.0/README.md +106 -0
- fast_minimum_variance-0.2.0/SECURITY.md +102 -0
- fast_minimum_variance-0.2.0/book/marimo/notebooks/minvar.py +66 -0
- fast_minimum_variance-0.2.0/docs/api.md +38 -0
- fast_minimum_variance-0.2.0/docs/assets/rhiza-logo.svg +81 -0
- fast_minimum_variance-0.2.0/docs/development/MARIMO.md +134 -0
- fast_minimum_variance-0.2.0/docs/development/TESTS.md +288 -0
- fast_minimum_variance-0.2.0/docs/index.md +2 -0
- fast_minimum_variance-0.2.0/docs/mkdocs-base.yml +120 -0
- fast_minimum_variance-0.2.0/mkdocs.yml +41 -0
- fast_minimum_variance-0.2.0/pyproject.toml +35 -0
- fast_minimum_variance-0.2.0/pytest.ini +14 -0
- fast_minimum_variance-0.2.0/renovate.json +57 -0
- fast_minimum_variance-0.2.0/ruff.toml +131 -0
- fast_minimum_variance-0.2.0/src/fast_minimum_variance/__init__.py +1 -0
- fast_minimum_variance-0.2.0/src/fast_minimum_variance/cvx.py +37 -0
- fast_minimum_variance-0.2.0/src/fast_minimum_variance/kkt.py +81 -0
- fast_minimum_variance-0.2.0/src/fast_minimum_variance/krylov.py +183 -0
- fast_minimum_variance-0.2.0/src/fast_minimum_variance/random.py +26 -0
- fast_minimum_variance-0.2.0/tests/__init__.py +1 -0
- fast_minimum_variance-0.2.0/tests/conftest.py +21 -0
- fast_minimum_variance-0.2.0/tests/test_cvx.py +48 -0
- fast_minimum_variance-0.2.0/tests/test_kkt.py +93 -0
- fast_minimum_variance-0.2.0/tests/test_krylov.py +123 -0
- fast_minimum_variance-0.2.0/tests/test_random.py +39 -0
- fast_minimum_variance-0.2.0/uv.lock +1101 -0
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
# This file is part of the jebel-quant/rhiza repository
|
|
2
|
+
# (https://github.com/jebel-quant/rhiza).
|
|
3
|
+
#
|
|
4
|
+
root = true
|
|
5
|
+
|
|
6
|
+
# Default settings for all files
|
|
7
|
+
[*]
|
|
8
|
+
end_of_line = lf
|
|
9
|
+
trim_trailing_whitespace = true
|
|
10
|
+
insert_final_newline = true
|
|
11
|
+
charset = utf-8
|
|
12
|
+
|
|
13
|
+
# Python, reStructuredText, and text files
|
|
14
|
+
[*.{py,rst,txt}]
|
|
15
|
+
indent_style = space
|
|
16
|
+
indent_size = 4
|
|
17
|
+
|
|
18
|
+
# YAML, JSON, and other config files
|
|
19
|
+
[*.{yml,yaml,json}]
|
|
20
|
+
indent_style = space
|
|
21
|
+
indent_size = 2
|
|
22
|
+
|
|
23
|
+
# Markdown files
|
|
24
|
+
# [*.{md,markdown}]
|
|
25
|
+
# trim_trailing_whitespace = false
|
|
26
|
+
|
|
27
|
+
# Makefiles require tabs
|
|
28
|
+
[{Makefile,*.mk,*.make}]
|
|
29
|
+
indent_style = tab
|
|
30
|
+
indent_size = 4
|
|
31
|
+
|
|
32
|
+
# Don't apply editorconfig rules to vendor/ resources
|
|
33
|
+
# This is a "defensive" rule for the day we may have
|
|
34
|
+
# the vendor folder
|
|
35
|
+
[vendor/**]
|
|
36
|
+
charset = unset
|
|
37
|
+
end_of_line = unset
|
|
38
|
+
indent_size = unset
|
|
39
|
+
indent_style = unset
|
|
40
|
+
insert_final_newline = unset
|
|
41
|
+
trim_trailing_whitespace = unset
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
title: "[Question] "
|
|
2
|
+
labels: ["question"]
|
|
3
|
+
body:
|
|
4
|
+
- type: markdown
|
|
5
|
+
attributes:
|
|
6
|
+
value: |
|
|
7
|
+
Welcome! Use this space to ask questions, share how your use-case, or explore ideas with the community.
|
|
8
|
+
|
|
9
|
+
- type: textarea
|
|
10
|
+
id: question
|
|
11
|
+
attributes:
|
|
12
|
+
label: Your Question or Topic
|
|
13
|
+
description: What would you like to discuss?
|
|
14
|
+
validations:
|
|
15
|
+
required: true
|
|
16
|
+
|
|
17
|
+
- type: textarea
|
|
18
|
+
id: context
|
|
19
|
+
attributes:
|
|
20
|
+
label: Context
|
|
21
|
+
description: Any relevant code, configuration, or background that helps frame your question.
|
|
22
|
+
placeholder: |
|
|
23
|
+
```python
|
|
24
|
+
# your code snippet here
|
|
25
|
+
```
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
name: Bug Report
|
|
2
|
+
description: Report a bug or unexpected behaviour
|
|
3
|
+
labels: ["bug"]
|
|
4
|
+
body:
|
|
5
|
+
- type: markdown
|
|
6
|
+
attributes:
|
|
7
|
+
value: |
|
|
8
|
+
Thanks for taking the time to report a bug. Please fill out the sections below.
|
|
9
|
+
|
|
10
|
+
- type: textarea
|
|
11
|
+
id: description
|
|
12
|
+
attributes:
|
|
13
|
+
label: Description
|
|
14
|
+
description: A clear and concise description of what the bug is.
|
|
15
|
+
placeholder: What happened?
|
|
16
|
+
validations:
|
|
17
|
+
required: true
|
|
18
|
+
|
|
19
|
+
- type: textarea
|
|
20
|
+
id: steps
|
|
21
|
+
attributes:
|
|
22
|
+
label: Steps to reproduce
|
|
23
|
+
description: Minimal steps to reproduce the behaviour.
|
|
24
|
+
placeholder: |
|
|
25
|
+
1. Run `make ...`
|
|
26
|
+
2. See error
|
|
27
|
+
validations:
|
|
28
|
+
required: true
|
|
29
|
+
|
|
30
|
+
- type: textarea
|
|
31
|
+
id: expected
|
|
32
|
+
attributes:
|
|
33
|
+
label: Expected behaviour
|
|
34
|
+
description: What did you expect to happen?
|
|
35
|
+
validations:
|
|
36
|
+
required: true
|
|
37
|
+
|
|
38
|
+
- type: textarea
|
|
39
|
+
id: environment
|
|
40
|
+
attributes:
|
|
41
|
+
label: Environment
|
|
42
|
+
description: |
|
|
43
|
+
Relevant versions and system info. Run `make info` if available.
|
|
44
|
+
placeholder: |
|
|
45
|
+
- OS: macOS 14 / Ubuntu 24.04 / Windows 11
|
|
46
|
+
- Python: 3.13.x
|
|
47
|
+
- rhiza version:
|
|
48
|
+
validations:
|
|
49
|
+
required: false
|
|
50
|
+
|
|
51
|
+
- type: textarea
|
|
52
|
+
id: context
|
|
53
|
+
attributes:
|
|
54
|
+
label: Additional context
|
|
55
|
+
description: Logs, screenshots, or anything else that may be helpful.
|
|
56
|
+
validations:
|
|
57
|
+
required: false
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
name: Feature Request
|
|
2
|
+
description: Suggest a new feature or enhancement
|
|
3
|
+
labels: ["enhancement"]
|
|
4
|
+
body:
|
|
5
|
+
- type: markdown
|
|
6
|
+
attributes:
|
|
7
|
+
value: |
|
|
8
|
+
Thanks for proposing a feature. Please align with the team before investing significant effort.
|
|
9
|
+
|
|
10
|
+
- type: textarea
|
|
11
|
+
id: problem
|
|
12
|
+
attributes:
|
|
13
|
+
label: Problem / motivation
|
|
14
|
+
description: What problem does this solve? Why is it valuable?
|
|
15
|
+
placeholder: As a contributor I find it hard to ... because ...
|
|
16
|
+
validations:
|
|
17
|
+
required: true
|
|
18
|
+
|
|
19
|
+
- type: textarea
|
|
20
|
+
id: solution
|
|
21
|
+
attributes:
|
|
22
|
+
label: Proposed solution
|
|
23
|
+
description: Describe the solution you have in mind.
|
|
24
|
+
validations:
|
|
25
|
+
required: true
|
|
26
|
+
|
|
27
|
+
- type: textarea
|
|
28
|
+
id: alternatives
|
|
29
|
+
attributes:
|
|
30
|
+
label: Alternatives considered
|
|
31
|
+
description: Other approaches you have considered and why you ruled them out.
|
|
32
|
+
validations:
|
|
33
|
+
required: false
|
|
34
|
+
|
|
35
|
+
- type: textarea
|
|
36
|
+
id: context
|
|
37
|
+
attributes:
|
|
38
|
+
label: Additional context
|
|
39
|
+
description: Links, mockups, prior art, or anything else that may be helpful.
|
|
40
|
+
validations:
|
|
41
|
+
required: false
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
# Configure Git Auth for Private Packages
|
|
2
|
+
|
|
3
|
+
This composite action configures git to use token authentication for private GitHub packages.
|
|
4
|
+
|
|
5
|
+
## Usage
|
|
6
|
+
|
|
7
|
+
Add this step before installing dependencies that include private GitHub packages:
|
|
8
|
+
|
|
9
|
+
```yaml
|
|
10
|
+
- name: Configure git auth for private packages
|
|
11
|
+
uses: ./.github/actions/configure-git-auth
|
|
12
|
+
with:
|
|
13
|
+
token: ${{ secrets.GH_PAT }}
|
|
14
|
+
```
|
|
15
|
+
|
|
16
|
+
The `GH_PAT` secret should be a Personal Access Token with `repo` scope.
|
|
17
|
+
|
|
18
|
+
## What It Does
|
|
19
|
+
|
|
20
|
+
This action runs:
|
|
21
|
+
|
|
22
|
+
```bash
|
|
23
|
+
git config --global url."https://<token>@github.com/".insteadOf "https://github.com/"
|
|
24
|
+
```
|
|
25
|
+
|
|
26
|
+
This tells git to automatically inject the token into all HTTPS GitHub URLs, enabling access to private repositories.
|
|
27
|
+
|
|
28
|
+
## When to Use
|
|
29
|
+
|
|
30
|
+
Use this action when your project has dependencies defined in `pyproject.toml` like:
|
|
31
|
+
|
|
32
|
+
```toml
|
|
33
|
+
[tool.uv.sources]
|
|
34
|
+
private-package = { git = "https://github.com/your-org/private-package.git", rev = "v1.0.0" }
|
|
35
|
+
```
|
|
36
|
+
|
|
37
|
+
## Token Requirements
|
|
38
|
+
|
|
39
|
+
By default, this action will use the workflowโs built-in `GITHUB_TOKEN` (`github.token`) if no `token` input is provided or if the provided value is empty (it uses `inputs.token || github.token` internally).
|
|
40
|
+
|
|
41
|
+
The `GITHUB_TOKEN` is usually sufficient when:
|
|
42
|
+
|
|
43
|
+
- installing dependencies hosted in the **same repository** as the workflow, or
|
|
44
|
+
- accessing **public** repositories.
|
|
45
|
+
|
|
46
|
+
The default `GITHUB_TOKEN` typically does **not** have permission to read other private repositories, even within the same organization. For that scenario, you should create a Personal Access Token (PAT) with `repo` scope and store it as `secrets.GH_PAT`, then pass it to the action via the `token` input.
|
|
47
|
+
|
|
48
|
+
If you configure the step as in the example (`token: ${{ secrets.GH_PAT }}`) and `secrets.GH_PAT` is not defined, GitHub Actions passes an empty string to the action. The composite action then falls back to `github.token`, so the configuration step itself still succeeds. However, any subsequent step that tries to access private repositories that are not covered by the permissions of `GITHUB_TOKEN` will fail with an authentication error.
|
|
49
|
+
## Example Workflow
|
|
50
|
+
|
|
51
|
+
```yaml
|
|
52
|
+
name: CI
|
|
53
|
+
|
|
54
|
+
on: [push, pull_request]
|
|
55
|
+
|
|
56
|
+
jobs:
|
|
57
|
+
test:
|
|
58
|
+
runs-on: ubuntu-latest
|
|
59
|
+
steps:
|
|
60
|
+
- uses: actions/checkout@v6
|
|
61
|
+
|
|
62
|
+
- name: Install uv
|
|
63
|
+
uses: astral-sh/setup-uv@v7
|
|
64
|
+
|
|
65
|
+
- name: Configure git auth for private packages
|
|
66
|
+
uses: ./.github/actions/configure-git-auth
|
|
67
|
+
with:
|
|
68
|
+
token: ${{ secrets.GH_PAT }}
|
|
69
|
+
|
|
70
|
+
- name: Install dependencies
|
|
71
|
+
run: uv sync --frozen
|
|
72
|
+
|
|
73
|
+
- name: Run tests
|
|
74
|
+
run: uv run pytest
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
## See Also
|
|
78
|
+
|
|
79
|
+
- [PRIVATE_PACKAGES.md](../../../.rhiza/docs/PRIVATE_PACKAGES.md) - Complete guide to using private packages
|
|
80
|
+
- [TOKEN_SETUP.md](../../../.rhiza/docs/TOKEN_SETUP.md) - Setting up Personal Access Tokens
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
name: 'Configure Git Auth for Private Packages'
|
|
2
|
+
description: 'Configure git to use token authentication for private GitHub packages'
|
|
3
|
+
|
|
4
|
+
inputs:
|
|
5
|
+
token:
|
|
6
|
+
description: 'GitHub token to use for authentication'
|
|
7
|
+
required: false
|
|
8
|
+
|
|
9
|
+
runs:
|
|
10
|
+
using: composite
|
|
11
|
+
steps:
|
|
12
|
+
- name: Configure git authentication
|
|
13
|
+
shell: bash
|
|
14
|
+
env:
|
|
15
|
+
GH_TOKEN: ${{ inputs.token || github.token }}
|
|
16
|
+
run: |
|
|
17
|
+
# Configure git to use token authentication for GitHub URLs
|
|
18
|
+
# This allows uv/pip to install private packages from GitHub
|
|
19
|
+
git config --global url."https://${GH_TOKEN}@github.com/".insteadOf "https://github.com/"
|
|
20
|
+
|
|
21
|
+
echo "โ Git configured to use token authentication for GitHub"
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
# This file is part of the jebel-quant/rhiza repository
|
|
2
|
+
# (https://github.com/jebel-quant/rhiza).
|
|
3
|
+
#
|
|
4
|
+
# Configuration: Dependabot
|
|
5
|
+
#
|
|
6
|
+
# Purpose: Automate dependency updates for Python packages, GitHub Actions, and Docker images.
|
|
7
|
+
#
|
|
8
|
+
# Documentation: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
|
|
9
|
+
|
|
10
|
+
version: 2
|
|
11
|
+
updates:
|
|
12
|
+
# Python dependencies using uv
|
|
13
|
+
- package-ecosystem: "uv"
|
|
14
|
+
directory: "/"
|
|
15
|
+
schedule:
|
|
16
|
+
interval: "weekly"
|
|
17
|
+
day: "tuesday"
|
|
18
|
+
time: "09:00"
|
|
19
|
+
timezone: "Asia/Dubai"
|
|
20
|
+
ignore:
|
|
21
|
+
- dependency-name: "*"
|
|
22
|
+
update-types: ["version-update:semver-major"]
|
|
23
|
+
open-pull-requests-limit: 10
|
|
24
|
+
labels:
|
|
25
|
+
- "dependencies"
|
|
26
|
+
- "python"
|
|
27
|
+
groups:
|
|
28
|
+
python-dependencies:
|
|
29
|
+
patterns:
|
|
30
|
+
- "*"
|
|
31
|
+
update-types:
|
|
32
|
+
- "patch"
|
|
33
|
+
- "minor"
|
|
34
|
+
commit-message:
|
|
35
|
+
prefix: "chore(deps)"
|
|
36
|
+
prefix-development: "chore(deps-dev)"
|
|
37
|
+
include: "scope"
|
|
38
|
+
|
|
39
|
+
# GitHub Actions
|
|
40
|
+
- package-ecosystem: "github-actions"
|
|
41
|
+
directory: "/"
|
|
42
|
+
schedule:
|
|
43
|
+
interval: "weekly"
|
|
44
|
+
day: "tuesday"
|
|
45
|
+
time: "09:00"
|
|
46
|
+
timezone: "Asia/Dubai"
|
|
47
|
+
ignore:
|
|
48
|
+
- dependency-name: "*"
|
|
49
|
+
update-types: ["version-update:semver-major"]
|
|
50
|
+
open-pull-requests-limit: 10
|
|
51
|
+
labels:
|
|
52
|
+
- "dependencies"
|
|
53
|
+
- "github-actions"
|
|
54
|
+
groups:
|
|
55
|
+
github-actions:
|
|
56
|
+
patterns:
|
|
57
|
+
- "*"
|
|
58
|
+
update-types:
|
|
59
|
+
- "patch"
|
|
60
|
+
- "minor"
|
|
61
|
+
|
|
62
|
+
commit-message:
|
|
63
|
+
prefix: "chore(deps)"
|
|
64
|
+
include: "scope"
|
|
65
|
+
|
|
66
|
+
# Docker
|
|
67
|
+
#- package-ecosystem: "docker"
|
|
68
|
+
# directory: "/docker"
|
|
69
|
+
# schedule:
|
|
70
|
+
# interval: "weekly"
|
|
71
|
+
# day: "tuesday"
|
|
72
|
+
# time: "09:00"
|
|
73
|
+
# timezone: "Asia/Dubai"
|
|
74
|
+
# open-pull-requests-limit: 10
|
|
75
|
+
# labels:
|
|
76
|
+
# - "dependencies"
|
|
77
|
+
# - "docker"
|
|
78
|
+
# commit-message:
|
|
79
|
+
# prefix: "chore(deps)"
|
|
80
|
+
# include: "scope"
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
# This file is part of the jebel-quant/rhiza repository
|
|
2
|
+
# (https://github.com/jebel-quant/rhiza).
|
|
3
|
+
#
|
|
4
|
+
# Configuration: GitHub Secret Scanning
|
|
5
|
+
#
|
|
6
|
+
# Purpose: Configure GitHub secret scanning to identify and prevent accidental
|
|
7
|
+
# exposure of secrets, credentials, and tokens in the repository.
|
|
8
|
+
#
|
|
9
|
+
# Note: Secret scanning must be enabled in repository Settings >
|
|
10
|
+
# Security > Code security and analysis > Secret scanning.
|
|
11
|
+
#
|
|
12
|
+
# Documentation: https://docs.github.com/en/code-security/secret-scanning/configuring-secret-scanning-for-your-repository
|
|
13
|
+
|
|
14
|
+
paths-ignore:
|
|
15
|
+
# Ignore test fixtures that may contain example/fake secrets
|
|
16
|
+
- ".rhiza/tests/**"
|
|
17
|
+
- "tests/**"
|
|
18
|
+
# Ignore documentation that references example tokens/keys
|
|
19
|
+
- "docs/**/*.md"
|
|
20
|
+
- "book/**"
|
|
@@ -0,0 +1,92 @@
|
|
|
1
|
+
# This file is part of the jebel-quant/rhiza repository
|
|
2
|
+
# (https://github.com/jebel-quant/rhiza).
|
|
3
|
+
#
|
|
4
|
+
# Workflow: Book
|
|
5
|
+
# Purpose: This workflow builds and deploys comprehensive documentation for the project.
|
|
6
|
+
# It combines API documentation, test coverage reports, test results, and
|
|
7
|
+
# interactive notebooks into a single GitHub Pages site.
|
|
8
|
+
#
|
|
9
|
+
# Trigger: This workflow runs on every push to the main or master branch
|
|
10
|
+
#
|
|
11
|
+
# Components:
|
|
12
|
+
# - ๐ Process Marimo notebooks
|
|
13
|
+
# - ๐ Generate API documentation with pdoc
|
|
14
|
+
# - ๐งช Run tests and generate coverage reports
|
|
15
|
+
# - ๐ Deploy combined documentation to GitHub Pages
|
|
16
|
+
|
|
17
|
+
name: "(RHIZA) BOOK"
|
|
18
|
+
|
|
19
|
+
on:
|
|
20
|
+
push:
|
|
21
|
+
branches:
|
|
22
|
+
- main
|
|
23
|
+
- master
|
|
24
|
+
|
|
25
|
+
jobs:
|
|
26
|
+
book:
|
|
27
|
+
runs-on: "ubuntu-latest"
|
|
28
|
+
|
|
29
|
+
environment:
|
|
30
|
+
name: github-pages # ๐ this is the critical missing piece
|
|
31
|
+
|
|
32
|
+
permissions:
|
|
33
|
+
contents: read
|
|
34
|
+
pages: write # Permission to deploy to Pages
|
|
35
|
+
id-token: write # Permission to verify deployment origin
|
|
36
|
+
|
|
37
|
+
steps:
|
|
38
|
+
# Check out the repository code
|
|
39
|
+
- uses: actions/checkout@v6.0.2
|
|
40
|
+
with:
|
|
41
|
+
lfs: true
|
|
42
|
+
|
|
43
|
+
- name: Install uv
|
|
44
|
+
uses: astral-sh/setup-uv@v8.1.0
|
|
45
|
+
with:
|
|
46
|
+
version: "0.11.8"
|
|
47
|
+
|
|
48
|
+
- name: Configure git auth for private packages
|
|
49
|
+
uses: ./.github/actions/configure-git-auth
|
|
50
|
+
with:
|
|
51
|
+
token: ${{ secrets.GH_PAT }}
|
|
52
|
+
|
|
53
|
+
- name: "Sync the virtual environment for ${{ github.repository }}"
|
|
54
|
+
shell: bash
|
|
55
|
+
env:
|
|
56
|
+
UV_EXTRA_INDEX_URL: ${{ secrets.UV_EXTRA_INDEX_URL }}
|
|
57
|
+
run: |
|
|
58
|
+
# will just use .python-version?
|
|
59
|
+
uv sync --all-extras --all-groups --frozen
|
|
60
|
+
|
|
61
|
+
- name: "Make the book"
|
|
62
|
+
env:
|
|
63
|
+
UV_EXTRA_INDEX_URL: ${{ secrets.UV_EXTRA_INDEX_URL }}
|
|
64
|
+
run: |
|
|
65
|
+
make book
|
|
66
|
+
|
|
67
|
+
# Step 5a: Upload the book as a downloadable workflow artifact
|
|
68
|
+
# This allows anyone to download the built documentation directly from
|
|
69
|
+
# GitHub Actions without needing to run a full local build.
|
|
70
|
+
- name: Upload book as workflow artifact
|
|
71
|
+
uses: actions/upload-artifact@v7.0.1
|
|
72
|
+
with:
|
|
73
|
+
name: book
|
|
74
|
+
path: _book/
|
|
75
|
+
retention-days: 30
|
|
76
|
+
|
|
77
|
+
# Step 5b: Package all artifacts for GitHub Pages deployment
|
|
78
|
+
# This prepares the combined outputs for deployment by creating a single artifact
|
|
79
|
+
- name: Upload static files as artifact
|
|
80
|
+
uses: actions/upload-pages-artifact@v5.0.0 # Official GitHub Pages artifact upload action
|
|
81
|
+
with:
|
|
82
|
+
path: _book/ # Path to the directory containing all artifacts to deploy
|
|
83
|
+
|
|
84
|
+
# Step 6: Deploy the packaged artifacts to GitHub Pages
|
|
85
|
+
# This step publishes the content to GitHub Pages
|
|
86
|
+
# The deployment is conditional based on whether the repository is a fork and the PUBLISH_COMPANION_BOOK variable is set
|
|
87
|
+
# If the repository is a fork, deployment is skipped to avoid unauthorised publishing
|
|
88
|
+
# If PUBLISH_COMPANION_BOOK is not set, it defaults to allowing deployment
|
|
89
|
+
- name: Deploy to GitHub Pages
|
|
90
|
+
if: ${{ !github.event.repository.fork && (vars.PUBLISH_COMPANION_BOOK == 'true' || vars.PUBLISH_COMPANION_BOOK == '') }}
|
|
91
|
+
uses: actions/deploy-pages@v5.0.0 # Official GitHub Pages deployment action
|
|
92
|
+
continue-on-error: true
|