PyPI - github-rest-api - Versions diffs - 0.41.0__tar.gz → 0.42.1__tar.gz - Mend

github-rest-api 0.41.0tar.gz → 0.42.1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: github-rest-api
-Version: 0.41.0
+Version: 0.42.1
 Summary: Simple wrapper of GitHub REST APIs.
 Author-email: Ben Du <longendu@yahoo.com>
 Classifier: Programming Language :: Python :: 3 :: Only

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/github_rest_api/github.py RENAMED Viewed

@@ -1,16 +1,45 @@
 """Simple wrapper of GitHub REST APIs."""
+import re
 from abc import ABCMeta, abstractmethod
 from base64 import b64encode
 from collections.abc import Sequence
 from enum import StrEnum
-from typing import Any, Callable
 from pathlib import Path
+from typing import Any, Callable
 import requests
 from nacl import encoding, public
 URL_API = "https://api.github.com"
+_SECRET_NAME_PATTERN = re.compile(r"^[A-Za-z_][A-Za-z0-9_]*$")
+def _validate_secret_name(name: str) -> None:
+    """Validate a secret name against GitHub's naming rules.
+    GitHub rejects invalid secret names with a 422 response. Validating the
+    name client-side surfaces a clear error before the request is sent.
+    :param name: The name of the secret.
+    :raises ValueError: If the name is empty, starts with the reserved
+        ``GITHUB_`` prefix, starts with a digit, or contains characters other
+        than alphanumerics and underscores.
+    """
+    if not name:
+        raise ValueError("A secret name must not be empty.")
+    if name.upper().startswith("GITHUB_"):
+        raise ValueError(
+            f"Invalid secret name {name!r}: names must not start with the "
+            "reserved 'GITHUB_' prefix."
+        )
+    if not _SECRET_NAME_PATTERN.fullmatch(name):
+        raise ValueError(
+            f"Invalid secret name {name!r}: names may only contain alphanumeric "
+            "characters and underscores, and must not start with a digit."
+        )
 def _encrypt_secret(public_key: str, value: str) -> str:
     """Encrypt a secret value using a LibSodium sealed box.
@@ -132,8 +161,19 @@ class GitHub:
         return resp
     def _extract_all(
-        self, url: str, params: dict[str, Any] | None = None, n: int = 0
+        self,
+        url: str,
+        params: dict[str, Any] | None = None,
+        n: int = 0,
+        key: str | None = None,
     ) -> list[dict[str, Any]]:
+        """Collect all paginated items from a GitHub REST API endpoint.
+        :param url: The endpoint URL to request.
+        :param params: Query parameters forwarded to each request.
+        :param n: The maximum number of items to return (0 means all).
+        :param key: The key under which the list is nested in the response.
+            Defaults to None for endpoints that return a plain JSON array.
+        """
         params = params.copy() if params else {}
         if "per_page" not in params:
             params["per_page"] = min(100, n) if n > 0 else 100
@@ -143,10 +183,11 @@ class GitHub:
             resp = self._get(url=url, params=params.copy())
             resp.raise_for_status()
             data = resp.json()
-            res.extend(data)
+            items = data if key is None else data[key]
+            res.extend(items)
             if n and len(res) >= n:
                 return res[:n]
-            if len(data) < params["per_page"]:
+            if len(items) < params["per_page"]:
                 return res
             params["page"] += 1
@@ -315,6 +356,10 @@ class Repository(GitHub):
         """
         return self.delete_ref(ref=f"heads/{branch}")
+    def get_secrets(self, n: int = 0) -> list[dict[str, Any]]:
+        """List secrets in this repository."""
+        return self._extract_all(url=self._url_secrets, n=n, key="secrets")
     def delete_secret(self, name: str) -> requests.Response:
         """Delete a secret from this repository.
         :param name: The name of the secret to delete.
@@ -328,15 +373,19 @@ class Repository(GitHub):
         return self._get(url=f"{self._url_secrets}/public-key").json()
     def create_or_update_secret(
-        self, name: str, value: str, public_key: dict[str, Any]
+        self, name: str, value: str, public_key: dict[str, Any] | None = None
     ) -> requests.Response:
         """Create or update a secret in this repository.
         :param name: The name of the secret.
         :param value: The plaintext value of the secret.
         :param public_key: A public key (as returned by `get_secret_public_key`)
-            to encrypt the secret with. Fetch it once and reuse it to avoid a
-            redundant request when creating or updating multiple secrets.
+            to encrypt the secret with. If not provided, it is fetched
+            automatically. Fetch it once and reuse it to avoid a redundant
+            request when creating or updating multiple secrets.
         """
+        _validate_secret_name(name)
+        if public_key is None:
+            public_key = self.get_secret_public_key()
         return self._put(
             url=f"{self._url_secrets}/{name}",
             json={
@@ -494,6 +543,10 @@ class Organization(Owner):
         self._url_create_repo = self._url_repos
         self._url_secrets = f"{self._url_owner}/actions/secrets"
+    def get_secrets(self, n: int = 0) -> list[dict[str, Any]]:
+        """List secrets in this organization."""
+        return self._extract_all(url=self._url_secrets, n=n, key="secrets")
     def delete_secret(self, name: str) -> requests.Response:
         """Delete an organization secret.
         :param name: The name of the secret to delete.
@@ -510,7 +563,7 @@ class Organization(Owner):
         self,
         name: str,
         value: str,
-        public_key: dict[str, Any],
+        public_key: dict[str, Any] | None = None,
         visibility: SecretVisibility = SecretVisibility.ALL,
         selected_repository_ids: Sequence[int] = (),
     ) -> requests.Response:
@@ -518,17 +571,21 @@ class Organization(Owner):
         :param name: The name of the secret.
         :param value: The plaintext value of the secret.
         :param public_key: A public key (as returned by `get_secret_public_key`)
-            to encrypt the secret with. Fetch it once and reuse it to avoid a
-            redundant request when creating or updating multiple secrets.
+            to encrypt the secret with. If not provided, it is fetched
+            automatically. Fetch it once and reuse it to avoid a redundant
+            request when creating or updating multiple secrets.
         :param visibility: Which repositories can access the secret
             (all, private, or selected).
         :param selected_repository_ids: Repository IDs that can access the secret
             when visibility is `selected`.
         """
+        _validate_secret_name(name)
         if selected_repository_ids and visibility != SecretVisibility.SELECTED:
             raise ValueError(
                 "`selected_repository_ids` can only be provided when `visibility` is 'selected'."
             )
+        if public_key is None:
+            public_key = self.get_secret_public_key()
         json: dict[str, Any] = {
             "encrypted_value": _encrypt_secret(public_key["key"], value),
             "key_id": public_key["key_id"],

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/github_rest_api/scripts/cargo/benchmark.py RENAMED Viewed

@@ -1,18 +1,20 @@
 """Benchmark action using cargo criterion."""
-from typing import Callable
-import tempfile
-from pathlib import Path
 import datetime
 import shutil
 import subprocess as sp
+import tempfile
+from pathlib import Path
+from typing import Callable
 from dulwich import porcelain
 from ..utils import (
+    commit_benchmarks,
     config_git,
-    switch_branch,
-    push_branch,
     gen_temp_branch,
-    commit_benchmarks,
+    push_branch,
+    switch_branch,
 )

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/github_rest_api/scripts/cargo/profiling.py RENAMED Viewed

@@ -1,14 +1,16 @@
 """Utils for profiling Rust applications."""
-from typing import Iterable
-from pathlib import Path
-import time
 import datetime
 import subprocess as sp
+import time
+from pathlib import Path
+from typing import Iterable
 import psutil
-from .utils import build_project
-from ..utils import config_git, switch_branch, push_branch, commit_profiling
 from ...utils import partition
+from ..utils import commit_profiling, config_git, push_branch, switch_branch
+from .utils import build_project
 def launch_application(cmd: list[str]) -> int:

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/github_rest_api/scripts/container/build_container_images.py RENAMED Viewed

@@ -1,16 +1,17 @@
 import argparse
-from collections.abc import Sequence
 import datetime
-from pathlib import Path
 import subprocess as sp
 import sys
+from collections.abc import Sequence
+from pathlib import Path
 from typing import cast
 import yaml
-from dulwich.repo import Repo
-from dulwich.refs import Ref
-from dulwich.objects import Commit
-from dulwich.errors import NotGitRepository
 from dulwich.diff_tree import tree_changes
+from dulwich.errors import NotGitRepository
+from dulwich.objects import Commit
+from dulwich.refs import Ref
+from dulwich.repo import Repo
 from tenacity import retry, stop_after_attempt, wait_exponential

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/github_rest_api/scripts/container/config_container.py RENAMED Viewed

@@ -1,11 +1,12 @@
 import argparse
 import json
 import shutil
+import subprocess as sp
 import sys
 import tomllib
-import tomli_w
 from pathlib import Path
-import subprocess as sp
+import tomli_w
 def config_docker(data_root: str = "/mnt/docker"):

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/github_rest_api/scripts/container/update_version_containerfile.py RENAMED Viewed

@@ -1,13 +1,15 @@
 import argparse
 import datetime
 import os
+import re
 import sys
 from pathlib import Path
-import re
 from dulwich import porcelain
+from requests.exceptions import HTTPError
 from github_rest_api import Repository
 from github_rest_api.utils import next_minor_or_strip_patch
-from requests.exceptions import HTTPError
 def parse_latest_version(repo: str) -> str:

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/github_rest_api/scripts/github/add_github_repo.py RENAMED Viewed

@@ -7,9 +7,10 @@ import shutil
 import sys
 from collections.abc import Sequence
 from pathlib import Path
 from dulwich import porcelain
-from github_rest_api import User, Organization
+from github_rest_api import Organization, User
 def _validate_repo(repo: str) -> None:

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/github_rest_api/scripts/github/create_pull_request.py RENAMED Viewed

@@ -2,9 +2,10 @@
 The branch is updated (using dev) before creating the PR.
 """
-from argparse import ArgumentParser, Namespace
 import os
 import sys
+from argparse import ArgumentParser, Namespace
 from github_rest_api import Repository
 from github_rest_api.utils import compile_patterns

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/github_rest_api/scripts/github/release_on_github.py RENAMED Viewed

@@ -1,9 +1,10 @@
+import argparse
+import getpass
 import os
 import re
 import sys
-import argparse
-import getpass
 from pathlib import Path
 from github_rest_api import Repository
 from github_rest_api.scripts.utils import (
     find_project_root,

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/github_rest_api/scripts/github/remove_branch.py RENAMED Viewed

@@ -1,7 +1,8 @@
 import argparse
+import datetime
 import re
 import sys
-import datetime
 from github_rest_api import Repository

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/github_rest_api/scripts/utils.py RENAMED Viewed

@@ -1,10 +1,11 @@
 """Util functions for GitHub actions."""
+import random
 import tomllib
-from typing import Any, Iterable
-from pathlib import Path
 from collections.abc import Sequence
-import random
+from pathlib import Path
+from typing import Any, Iterable
 from dulwich import porcelain
 from dulwich.repo import Repo

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/github_rest_api/utils.py RENAMED Viewed

@@ -1,8 +1,8 @@
 """Some generally useful util functions."""
-from collections.abc import Sequence
-from itertools import tee, filterfalse
 import re
+from collections.abc import Sequence
+from itertools import filterfalse, tee
 def partition(pred, iterable):

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ requires = [ "hatchling" ]
 [project]
 name = "github-rest-api"
-version = "0.41.0"
+version = "0.42.1"
 description = "Simple wrapper of GitHub REST APIs."
 readme = "README.md"
 authors = [ { name = "Ben Du", email = "longendu@yahoo.com" } ]
@@ -41,3 +41,8 @@ dev = [
   "ruff>=0.14.10",
   "ty>=0.0.8",
 ]
+[tool.ruff.lint]
+# select the 'I' rule set for import sorting
+extend-select = ["I"]

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/tests/test_build_container_images.py RENAMED Viewed

@@ -1,5 +1,6 @@
 from pathlib import Path
 from unittest.mock import patch
 from github_rest_api.scripts.container.build_container_images import (
     has_relevant_changes,
 )

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/tests/test_github.py RENAMED Viewed

@@ -1,7 +1,16 @@
 import os
 from base64 import b64decode
+import pytest
 from nacl import encoding, public
-from github_rest_api.github import User, Organization, Repository, _encrypt_secret
+from github_rest_api.github import (
+    Organization,
+    Repository,
+    User,
+    _encrypt_secret,
+    _validate_secret_name,
+)
 TOKEN = os.environ.get("GITHUB_TOKEN", "")
@@ -14,6 +23,32 @@ def test_encrypt_secret_roundtrip():
     assert decrypted == b"s3cret-value"
+@pytest.mark.parametrize(
+    "name",
+    ["MY_SECRET", "_underscore", "Token123", "a"],
+)
+def test_validate_secret_name_valid(name):
+    _validate_secret_name(name)
+@pytest.mark.parametrize(
+    "name",
+    [
+        "",
+        "GITHUB_ACTIONS",
+        "GITHUB_TOKEN",
+        "github_token",
+        "GitHub_Token",
+        "1SECRET",
+        "MY-SECRET",
+        "MY SECRET",
+    ],
+)
+def test_validate_secret_name_invalid(name):
+    with pytest.raises(ValueError):
+        _validate_secret_name(name)
 def test_user_get_repositories():
     user = User(TOKEN, "dclong")
     repos = user.get_repositories()

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/tests/test_release_on_github.py RENAMED Viewed

@@ -1,6 +1,8 @@
 from pathlib import Path
 from unittest.mock import patch
 import pytest
 from github_rest_api.scripts.github.release_on_github import _get_release_tag
 ROOT = Path(".")

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/tests/test_utils.py RENAMED Viewed

@@ -1,4 +1,5 @@
 import pytest
 from github_rest_api.utils import next_minor_or_strip_patch, strip_patch_version

{github_rest_api-0.41.0 → github_rest_api-0.42.1}/uv.lock RENAMED Viewed

@@ -223,7 +223,7 @@ wheels = [
 [[package]]
 name = "github-rest-api"
-version = "0.40.0"
+version = "0.42.1"
 source = { editable = "." }
 dependencies = [
     { name = "dulwich" },