PyPI - python-bsblan - Versions diffs - 5.1.4__tar.gz → 5.1.5__tar.gz - Mend

python-bsblan 5.1.4tar.gz → 5.1.5tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (119) hide show

{python_bsblan-5.1.4 → python_bsblan-5.1.5}/.editorconfig RENAMED Viewed

@@ -15,8 +15,11 @@ trim_trailing_whitespace = false
 [*.json]
 indent_size = 2
+[*.{yaml,yml}]
+indent_size = 2
 [{.gitignore,.gitkeep,.editorconfig}]
 indent_size = 2
 [Makefile]
-ident_style = tab
+indent_style = tab

python_bsblan-5.1.5/.github/CONTRIBUTING.md ADDED Viewed

@@ -0,0 +1,103 @@
+# Contributing to python-bsblan
+When contributing to this repository, please first discuss the change you wish
+to make via issue, email, or any other method with the owners of this repository
+before making a change.
+Please note we have a [code of conduct][coc], please follow it in all your
+interactions with the project.
+## Issues and feature requests
+You've found a bug in the source code, a mistake in the documentation or maybe
+you'd like a new feature? You can help us by [submitting an issue][issues].
+Before you create an issue, make sure you search
+the archive, maybe your question was already answered.
+Even better: You could submit a pull request with a fix / new feature!
+## Development setup
+This project uses [uv](https://docs.astral.sh/uv/) for Python dependency
+management and [Node.js](https://nodejs.org/) for Prettier (formatting of
+JSON, Markdown, and YAML files).
+### Prerequisites
+- **Python 3.12+**
+- **uv** — install via `pip install uv` or see [uv docs](https://docs.astral.sh/uv/getting-started/installation/)
+- **Node.js** (LTS) — required for the Prettier pre-commit hook
+### Setup
+```bash
+# Clone the repository
+git clone https://github.com/liudger/python-bsblan.git
+cd python-bsblan
+# Install all dependencies and git hooks
+make setup
+```
+This runs `uv sync --dev` (Python deps), `npm ci` (Prettier), and
+`uv run prek install` (pre-commit hooks).
+## Coding standards
+All contributions must follow these requirements:
+- **Python 3.12+** — use modern Python features and type hints on all functions
+- **Line length** — maximum 88 characters (enforced by Ruff)
+- **Linting** — code must pass Ruff, ty, and Pylint checks
+- **Formatting** — code is formatted with Ruff (based on Black style)
+- **Naming** — use `snake_case` for all parameter names and follow existing
+  patterns in the codebase
+- **Docstrings** — required on all public methods
+### Running quality checks
+Before submitting a pull request, run all pre-commit hooks:
+```bash
+uv run prek run --all-files
+```
+This runs Ruff (linting + formatting), ty (type checking), and Pylint
+(code analysis) in one command.
+## Testing requirements
+- **Test coverage** — aim for **95%+ total coverage**
+- **Patch coverage** — all new or modified code should have **100% coverage**
+- **Framework** — tests use `pytest` with `pytest-asyncio`
+Coverage is tracked via [Codecov](https://codecov.io/) and reviewed during
+pull requests. Please ensure your changes include adequate tests.
+Run the test suite:
+```bash
+uv run pytest --cov=src/bsblan --cov-report=term-missing
+```
+## Pull request process
+1. Search our repository for open or closed [pull requests][prs] that relate
+   to your submission. You don't want to duplicate effort.
+2. Fork the repository and create your branch from `main`.
+3. Make your changes, ensuring all coding standards and testing requirements
+   above are met.
+4. Run `uv run prek run --all-files` to verify all checks pass.
+5. Submit your pull request with a clear description of the changes.
+6. You may merge the pull request once you have the sign-off of the project
+   maintainer, or if you do not have permission to do that, you may request
+   the maintainer to merge it for you.
+[issues]: https://github.com/liudger/python-bsblan/issues
+[prs]: https://github.com/liudger/python-bsblan/pulls
+[coc]: https://github.com/liudger/python-bsblan/blob/main/.github/CODE_OF_CONDUCT.md

python_bsblan-5.1.5/.github/SECURITY.md ADDED Viewed

@@ -0,0 +1,70 @@
+# Security Policy
+The security of this project is taken seriously. We appreciate your efforts to
+responsibly disclose any findings and will make every effort to acknowledge your
+contributions.
+## Supported Versions
+Security updates are provided only for the latest released version of this
+library on PyPI. Users are strongly encouraged to keep their installations up to
+date.
+|                | Supported |
+| -------------- | --------- |
+| Latest release | ✅        |
+| Older releases | ❌        |
+## Reporting a Vulnerability
+Please do not report security vulnerabilities through public GitHub issues,
+discussions, or pull requests.
+Instead, report them privately through GitHub's private vulnerability reporting:
+[Report a vulnerability](https://github.com/liudger/python-bsblan/security/advisories/new)
+If for any reason you are unable to use GitHub's private vulnerability
+reporting, you may also reach out to the maintainer by email at
+[liudgervr@gmail.com](mailto:liudgervr@gmail.com).
+When reporting, please include as much of the following as possible:
+- A clear description of the vulnerability and its potential impact.
+- Steps to reproduce, or a proof of concept.
+- Affected version(s) of the library.
+- Any known mitigations or workarounds.
+## Disclosure Timeline
+- **Acknowledgement**: you will receive an acknowledgement of your report
+  within 48 hours.
+- **Initial assessment**: a triage and initial severity assessment will be
+  shared within 7 days of the acknowledgement.
+- **Fix and disclosure**: valid reports are targeted for resolution and
+  coordinated public disclosure within 90 days of the initial report,
+  depending on complexity and impact.
+You will be kept informed throughout the process and credited in the release
+notes for the fix, unless you prefer to remain anonymous.
+## Out of Scope
+The following are not considered security vulnerabilities in this project:
+- Vulnerabilities in upstream or transitive dependencies. These are handled
+  continuously by [Renovate](https://github.com/renovatebot/renovate) and
+  addressed through regular dependency updates.
+- Issues only reproducible on Python versions older than those listed as
+  supported in `pyproject.toml`.
+- Issues in the BSB-LAN firmware itself; please report those directly to the
+  [BSB-LAN project](https://github.com/fredlcore/BSB-LAN).
+- Denial-of-service or data-exposure conditions resulting from malformed or
+  hostile responses from a BSB-LAN device the client is explicitly pointed at.
+  This library assumes the configured endpoint is trusted.
+## Scope
+This security policy covers the `python-bsblan` Python package published on
+[PyPI](https://pypi.org/project/python-bsblan/) and its source code in this
+repository.

{python_bsblan-5.1.4 → python_bsblan-5.1.5}/.github/copilot-instructions.md RENAMED Viewed

@@ -16,13 +16,13 @@ This repository contains the `python-bsblan` library, an asynchronous Python cli
 Always run these commands after making changes:
 ```bash
-# Run all prek hooks (ruff, mypy, pylint)
+# Run all prek hooks (ruff, ty, pylint)
 uv run prek run --all-files
 ```
 ### Prek Includes
 - **Ruff**: Linting and formatting (88 char line limit)
-- **MyPy**: Static type checking
+- **ty**: Static type checking
 - **Pylint**: Code analysis
 ### Coverage Requirements
@@ -84,9 +84,15 @@ Parameters are identified by numeric IDs and mapped to readable names in `consta
    ```python
    async def set_hot_water(
        self,
-       legionella_function_setpoint: float | None = None,
+       params: SetHotWaterParam,
    ) -> None:
    ```
+   And add the field to `SetHotWaterParam` in `models.py`:
+   ```python
+   @dataclass
+   class SetHotWaterParam:
+       legionella_function_setpoint: float | None = None
+   ```
 4. **Add tests in `tests/test_*.py`**
@@ -149,9 +155,11 @@ Each parameter returns an `EntityInfo[T]` (generic `BaseModel`) with:
 ### Client Usage
 ```python
-async with BSBLAN(host="192.168.1.100") as client:
+from bsblan import BSBLAN, BSBLANConfig, SetHotWaterParam
+async with BSBLAN(BSBLANConfig(host="192.168.1.100")) as client:
     state = await client.state()
-    await client.set_hot_water(nominal_setpoint=55.0)
+    await client.set_hot_water(SetHotWaterParam(nominal_setpoint=55.0))
 ```
 ### Lazy Loading Architecture
@@ -199,7 +207,9 @@ This prevents duplicate network requests when concurrent calls access the same s
 @pytest.mark.asyncio
 async def test_set_hot_water(mock_bsblan: BSBLAN) -> None:
     """Test setting BSBLAN hot water state."""
-    await mock_bsblan.set_hot_water(nominal_setpoint=60.0)
+    await mock_bsblan.set_hot_water(
+        SetHotWaterParam(nominal_setpoint=60.0)
+    )
     mock_bsblan._request.assert_awaited_with(
         base_path="/JS",
         data={"Parameter": "1610", "Value": "60.0", "Type": "1"},

{python_bsblan-5.1.4 → python_bsblan-5.1.5}/.github/skills/bsblan-parameters/SKILL.md RENAMED Viewed

@@ -105,7 +105,9 @@ Create tests in `tests/test_*.py`:
 @pytest.mark.asyncio
 async def test_set_hot_water(mock_bsblan: BSBLAN) -> None:
     """Test setting BSBLAN hot water state."""
-    await mock_bsblan.set_hot_water(nominal_setpoint=60.0)
+    await mock_bsblan.set_hot_water(
+        SetHotWaterParam(nominal_setpoint=60.0)
+    )
     mock_bsblan._request.assert_awaited_with(
         base_path="/JS",
         data={"Parameter": "1610", "Value": "60.0", "Type": "1"},

{python_bsblan-5.1.4 → python_bsblan-5.1.5}/.github/workflows/auto-approve-renovate.yml RENAMED Viewed

@@ -9,12 +9,13 @@ on:
       - synchronize
       - reopened
-permissions:
-  pull-requests: write
+permissions: read-all
 jobs:
   auto-approve:
     runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
     if: >-
       github.actor == 'renovate[bot]' &&
       github.actor_id == '29139614' &&

python_bsblan-5.1.5/.github/workflows/codeql.yaml ADDED Viewed

@@ -0,0 +1,32 @@
+---
+name: "CodeQL"
+# yamllint disable-line rule:truthy
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  workflow_dispatch:
+  schedule:
+    - cron: "30 1 * * 0"
+permissions: read-all
+jobs:
+  codeql:
+    name: Scanning
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    steps:
+      - name: ⤵️ Check out code from GitHub
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+      - name: 🏗 Initialize CodeQL
+        uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
+      - name: 🚀 Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2

python_bsblan-5.1.5/.github/workflows/dependency-review.yaml ADDED Viewed

@@ -0,0 +1,21 @@
+---
+name: Dependency Review
+# yamllint disable-line rule:truthy
+on: [pull_request]
+permissions:
+  contents: read
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: ⤵️ Check out code from GitHub
+        # yamllint disable-line rule:line-length
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+      - name: 👀 Dependency review
+        # yamllint disable-line rule:line-length
+        uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0

python_bsblan-5.1.5/.github/workflows/docs.yaml ADDED Viewed

@@ -0,0 +1,60 @@
+---
+name: Documentation
+# yamllint disable-line rule:truthy
+on:
+  push:
+    branches: [main]
+  workflow_dispatch:
+permissions:
+  contents: read
+concurrency:
+  group: pages
+  cancel-in-progress: false
+env:
+  DEFAULT_PYTHON: "3.13"
+jobs:
+  build:
+    name: Build documentation
+    runs-on: ubuntu-latest
+    steps:
+      - name: ⤵️ Check out code from GitHub
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+      - name: 🏗 Set up uv
+        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
+        with:
+          enable-cache: true
+      - name: 🏗 Set up Python ${{ env.DEFAULT_PYTHON }}
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        with:
+          python-version: ${{ env.DEFAULT_PYTHON }}
+      - name: 🏗 Install dependencies
+        run: uv sync --group docs
+      - name: 🏗 Build documentation
+        run: uv run mkdocs build --strict
+      - name: 📤 Upload artifact
+        uses: actions/upload-pages-artifact@fc324d3547104276b827a68afc52ff2a11cc49c9 # v5.0.0
+        with:
+          path: site
+  deploy:
+    name: Deploy to GitHub Pages
+    runs-on: ubuntu-latest
+    needs: build
+    if: github.ref == 'refs/heads/main'
+    permissions:
+      pages: write
+      id-token: write
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    steps:
+      - name: 🚀 Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5.0.0

{python_bsblan-5.1.4 → python_bsblan-5.1.5}/.github/workflows/labels.yaml RENAMED Viewed

@@ -10,18 +10,21 @@ on:
       - .github/labels.yml
   workflow_dispatch:
-permissions:
-  contents: read
-  issues: write
+permissions: read-all
 jobs:
   labels:
     name: ♻️ Sync labels
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      issues: write
     steps:
       - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
       - name: 🚀 Run Label Syncer
-        uses: micnncim/action-label-syncer@v1.3.0
+        uses: micnncim/action-label-syncer@3abd5ab72fda571e69fffd97bd4e0033dd5f495c # v1.3.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

{python_bsblan-5.1.4 → python_bsblan-5.1.5}/.github/workflows/linting.yaml RENAMED Viewed

@@ -21,14 +21,16 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
       - name: 🏗 Set up uv
-        uses: astral-sh/setup-uv@v7
+        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
         with:
           enable-cache: true
       - name: 🏗 Set up Python ${{ env.DEFAULT_PYTHON }}
         id: python
-        uses: actions/setup-python@v6.2.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
           python-version: ${{ env.DEFAULT_PYTHON }}
       - name: 🏗 Install Python dependencies
@@ -43,24 +45,26 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
       - name: 🏗 Set up uv
-        uses: astral-sh/setup-uv@v7
+        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
         with:
           enable-cache: true
       - name: 🏗 Set up Python ${{ env.DEFAULT_PYTHON }}
         id: python
-        uses: actions/setup-python@v6.2.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
           python-version: ${{ env.DEFAULT_PYTHON }}
       - name: 🏗 Install Python dependencies
         run: uv sync --dev
       - name: 🏗 Set up Node.js
-        uses: actions/setup-node@v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
         with:
           node-version-file: ".nvmrc"
           cache: "npm"
       - name: 🏗 Install NPM dependencies
-        run: npm install
+        run: npm ci
       - name: 🚀 Run prettier
         run: uv run prek run prettier --all-files

{python_bsblan-5.1.4 → python_bsblan-5.1.5}/.github/workflows/lock.yaml RENAMED Viewed

@@ -7,16 +7,18 @@ on:
     - cron: "0 9 * * *"
   workflow_dispatch:
-permissions:
-  issues: write
-  pull-requests: write
+permissions: read-all
 jobs:
   lock:
     name: 🔒 Lock closed issues and PRs
     runs-on: ubuntu-latest
+    permissions:
+      issues: write
+      pull-requests: write
     steps:
-      - uses: dessant/lock-threads@v6.0.0
+      # yamllint disable-line rule:line-length
+      - uses: dessant/lock-threads@7266a7ce5c1df01b1c6db85bf8cd86c737dadbe7 # v6.0.0
         with:
           github-token: ${{ github.token }}
           issue-inactive-days: "30"

{python_bsblan-5.1.4 → python_bsblan-5.1.5}/.github/workflows/pr-labels.yaml RENAMED Viewed

@@ -20,7 +20,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 🏷 Verify PR has a valid label
-        uses: jesusvasquez333/verify-pr-label-action@v1.4.0
+        # yamllint disable-line rule:line-length
+        uses: jesusvasquez333/verify-pr-label-action@657d111bbbe13e22bbd55870f1813c699bde1401 # v1.4.0
         with:
           pull-request-number: "${{ github.event.pull_request.number }}"
           github-token: "${{ secrets.GITHUB_TOKEN }}"

{python_bsblan-5.1.4 → python_bsblan-5.1.5}/.github/workflows/release-drafter.yaml RENAMED Viewed

@@ -23,18 +23,20 @@ on:
           - alpha
           - rc
-permissions:
-  contents: write
-  issues: read
-  pull-requests: read
+permissions: read-all
 jobs:
   update_release_draft:
     name: ✏️ Draft release
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      issues: read
+      pull-requests: read
     steps:
       - name: 🚀 Run Release Drafter
-        uses: release-drafter/release-drafter@v7.2.0
+        # yamllint disable-line rule:line-length
+        uses: release-drafter/release-drafter@5de93583980a40bd78603b6dfdcda5b4df377b32 # v7.2.0
         with:
           prerelease: ${{ github.event.inputs.prerelease == 'true' }}
           prerelease-identifier: ${{ github.event.inputs.prerelease_identifier }}

{python_bsblan-5.1.4 → python_bsblan-5.1.5}/.github/workflows/release.yaml RENAMED Viewed

@@ -7,6 +7,8 @@ on:
     types:
       - published
+permissions: read-all
 env:
   DEFAULT_PYTHON: "3.13"
@@ -18,37 +20,46 @@ jobs:
       name: release
       url: https://pypi.org/p/python-bsblan
     permissions:
+      attestations: write
       contents: write
       id-token: write
     steps:
       - name: ⤵️ Check out code from GitHub
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
       - name: 🏗 Set up uv
-        uses: astral-sh/setup-uv@v7
+        uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
         with:
-          enable-cache: true
+          enable-cache: false
       - name: 🏗 Set up Python ${{ env.DEFAULT_PYTHON }}
         id: python
-        uses: actions/setup-python@v6.2.0
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
         with:
           python-version: ${{ env.DEFAULT_PYTHON }}
       - name: 🏗 Install dependencies
         run: uv sync
       - name: 🏗 Set package version
+        env:
+          RELEASE_TAG: ${{ github.event.release.tag_name }}
         run: |
-          version="${{ github.event.release.tag_name }}"
+          version="${RELEASE_TAG}"
           version="${version,,}"
           version="${version#v}"
           sed -i '0,/version = ".*"/{s/version = ".*"/version = "'"${version}"'"/}' pyproject.toml
       - name: 🏗 Build package
         run: uv build
+      - name: 🔏 Attest build provenance
+        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0
+        with:
+          subject-path: ./dist/*
       - name: 🚀 Publish to PyPi
-        uses: pypa/gh-action-pypi-publish@v1.14.0
+        uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0
         with:
           verbose: true
           print-hash: true
       - name: ✍️ Sign published artifacts
-        uses: sigstore/gh-action-sigstore-python@v3.3.0
+        uses: sigstore/gh-action-sigstore-python@04cffa1d795717b140764e8b640de88853c92acc # v3.3.0
         with:
           inputs: ./dist/*.tar.gz ./dist/*.whl
           release-signing-artifacts: false
@@ -128,13 +139,16 @@ jobs:
           echo "Found files: $FILES"
       - name: 📤 Upload signature files to release
         if: github.event_name == 'release' && github.event.action == 'published'
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          RELEASE_TAG: ${{ github.event.release.tag_name }}
         run: |
           # Upload files individually to avoid Node.js file handle issues
           for file in ./dist/*.sigstore.json; do
             if [ -f "$file" ]; then
               echo "Uploading $file..."
               # Use GitHub CLI for more reliable uploads
-              gh release upload ${{ github.event.release.tag_name }} "$file" --clobber
+              gh release upload "${RELEASE_TAG}" "$file" --clobber
               if [ $? -ne 0 ]; then
                 echo "✗ Failed to upload $file" >&2
                 exit 1
@@ -143,5 +157,3 @@ jobs:
               sleep 1  # Small delay between uploads
             fi
           done
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

python-bsblan 5.1.4__tar.gz → 5.1.5__tar.gz

python-bsblan 5.1.4tar.gz → 5.1.5tar.gz