PyPI - rhiza - Versions diffs - 0.9.0__tar.gz → 0.9.1__tar.gz - Mend

rhiza 0.9.0tar.gz → 0.9.1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (116) hide show

rhiza-0.9.1/.github/workflows/rhiza_benchmarks.yml ADDED Viewed

@@ -0,0 +1,83 @@
+# This file is part of the jebel-quant/rhiza repository
+# (https://github.com/jebel-quant/rhiza).
+#
+# Workflow: Performance Benchmarks
+#
+# Purpose: Run performance benchmarks and detect regressions.
+#
+# Trigger: On push to main/master branches, PRs, and manual trigger.
+#
+# Regression Detection:
+#   - Compares against previous benchmark results stored in gh-pages branch
+#   - Alerts if performance degrades by more than 150% (configurable)
+#   - PRs will show a warning comment but not fail
+#   - Main branch updates the baseline for future comparisons
+name: "(RHIZA) BENCHMARKS"
+permissions:
+  contents: write
+  pull-requests: write
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+  workflow_dispatch:
+jobs:
+  benchmark:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6.0.2
+        with:
+          lfs: true
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7.2.1
+        with:
+          version: "0.9.28"
+          python-version: "3.12"
+      - name: Run benchmarks
+        env:
+          UV_EXTRA_INDEX_URL: ${{ secrets.UV_EXTRA_INDEX_URL }}
+        run: |
+          make benchmark
+      - name: Upload benchmark results
+        uses: actions/upload-artifact@v6.0.0
+        if: always()
+        with:
+          name: benchmark-results
+          path: |
+            _benchmarks/benchmarks.json
+            _benchmarks/benchmarks.svg
+            _benchmarks/benchmarks.html
+      # Regression detection using github-action-benchmark
+      # Stores benchmark history in gh-pages branch under /benchmarks
+      # Alerts if performance degrades by more than 150% of baseline
+      - name: Store benchmark result and check for regression
+        uses: benchmark-action/github-action-benchmark@v1
+        # run this only if _benchmarks/benchmarks.json exists
+        if: hashFiles('_benchmarks/benchmarks.json') != ''
+        with:
+          tool: 'pytest'
+          output-file-path: _benchmarks/benchmarks.json
+          # Store benchmark data in gh-pages branch
+          gh-pages-branch: gh-pages
+          benchmark-data-dir-path: benchmarks
+          # Only update baseline on main branch push (not PRs)
+          auto-push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
+          # Alert if performance degrades by more than 150%
+          alert-threshold: '150%'
+          # Post comment on PR if regression detected
+          comment-on-alert: ${{ github.event_name == 'pull_request' }}
+          # Fail workflow if regression detected (disabled for PRs to allow investigation)
+          fail-on-alert: ${{ github.event_name == 'push' }}
+          # GitHub token for pushing to gh-pages and commenting
+          github-token: ${{ secrets.GITHUB_TOKEN }}

{rhiza-0.9.0 → rhiza-0.9.1}/.github/workflows/rhiza_book.yml RENAMED Viewed

@@ -36,30 +36,33 @@ jobs:
     steps:
       # Check out the repository code
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v6.0.2
         with:
           lfs: true
       - name: Install uv
-        uses: astral-sh/setup-uv@v7
+        uses: astral-sh/setup-uv@v7.2.1
         with:
-          version: "0.9.26"
+          version: "0.9.28"
       - name: "Sync the virtual environment for ${{ github.repository }}"
         shell: bash
+        env:
+          UV_EXTRA_INDEX_URL: ${{ secrets.UV_EXTRA_INDEX_URL }}
         run: |
-          export UV_EXTRA_INDEX_URL="${{ secrets.uv-extra-index-url }}"
           # will just use .python-version?
           uv sync --all-extras --all-groups --frozen
       - name: "Make the book"
+        env:
+          UV_EXTRA_INDEX_URL: ${{ secrets.UV_EXTRA_INDEX_URL }}
         run: |
-          make -f .rhiza/rhiza.mk book
+          make book
       # Step 5: Package all artifacts for GitHub Pages deployment
       # This prepares the combined outputs for deployment by creating a single artifact
       - name: Upload static files as artifact
-        uses: actions/upload-pages-artifact@v4  # Official GitHub Pages artifact upload action
+        uses: actions/upload-pages-artifact@v4.0.0  # Official GitHub Pages artifact upload action
         with:
           path: _book/  # Path to the directory containing all artifacts to deploy
@@ -70,5 +73,5 @@ jobs:
       # If PUBLISH_COMPANION_BOOK is not set, it defaults to allowing deployment
       - name: Deploy to GitHub Pages
         if: ${{ !github.event.repository.fork && (vars.PUBLISH_COMPANION_BOOK == 'true' || vars.PUBLISH_COMPANION_BOOK == '') }}
-        uses: actions/deploy-pages@v4  # Official GitHub Pages deployment action
+        uses: actions/deploy-pages@v4.0.5  # Official GitHub Pages deployment action
         continue-on-error: true

{rhiza-0.9.0 → rhiza-0.9.1}/.github/workflows/rhiza_ci.yml RENAMED Viewed

@@ -24,14 +24,18 @@ jobs:
     outputs:
       matrix: ${{ steps.versions.outputs.list }}
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v6.0.2
+        with:
+          lfs: true
       - name: Install uv
-        uses: astral-sh/setup-uv@v7
+        uses: astral-sh/setup-uv@v7.2.1
         with:
-          version: "0.9.26"
+          version: "0.9.28"
       - id: versions
+        env:
+          UV_EXTRA_INDEX_URL: ${{ secrets.UV_EXTRA_INDEX_URL }}
         run: |
           # Generate Python versions JSON from the script
           JSON=$(make -f .rhiza/rhiza.mk -s version-matrix)
@@ -51,16 +55,36 @@ jobs:
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
         with:
           lfs: true
       - name: Install uv
-        uses: astral-sh/setup-uv@v7
+        uses: astral-sh/setup-uv@v7.2.1
         with:
-          version: "0.9.26"
+          version: "0.9.28"
           python-version: ${{ matrix.python-version }}
       - name: Run tests
+        env:
+          UV_EXTRA_INDEX_URL: ${{ secrets.UV_EXTRA_INDEX_URL }}
+        run: |
+          make test
+  docs-coverage:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6.0.2
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7.2.1
+        with:
+          version: "0.9.28"
+      - name: Check docs coverage
+        env:
+          UV_EXTRA_INDEX_URL: ${{ secrets.UV_EXTRA_INDEX_URL }}
         run: |
-          make -f .rhiza/rhiza.mk test
+          make docs-coverage

{rhiza-0.9.0 → rhiza-0.9.1}/.github/workflows/rhiza_codeql.yml RENAMED Viewed

@@ -81,7 +81,7 @@ jobs:
         # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v6
+      uses: actions/checkout@v6.0.2
     # Add any setup steps before running the `github/codeql-action/init` action.
     # This includes steps like installing compilers or runtimes (`actions/setup-node`
@@ -91,7 +91,7 @@ jobs:
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v4
+      uses: github/codeql-action/init@v4.32.0
       with:
         languages: ${{ matrix.language }}
         build-mode: ${{ matrix.build-mode }}
@@ -120,6 +120,6 @@ jobs:
         exit 1
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v4
+      uses: github/codeql-action/analyze@v4.32.0
       with:
         category: "/language:${{matrix.language}}"

{rhiza-0.9.0 → rhiza-0.9.1}/.github/workflows/rhiza_deptry.yml RENAMED Viewed

@@ -27,13 +27,13 @@ jobs:
     name: Check dependencies with deptry
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/astral-sh/uv:0.9.26-python3.12-trixie
+      image: ghcr.io/astral-sh/uv:0.9.28-bookworm
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v6.0.2
       - name: Run deptry
-        run: make -f .rhiza/rhiza.mk deptry
+        run: make deptry
         # NOTE: make deptry is good style because it encapsulates the folders to check
         # (e.g. src and book/marimo) and keeps CI in sync with local development.
         # Since we use a 'uv' container, the Makefile is optimised to use the

{rhiza-0.9.0 → rhiza-0.9.1}/.github/workflows/rhiza_marimo.yml RENAMED Viewed

@@ -34,13 +34,14 @@ jobs:
       notebook-list: ${{ steps.notebooks.outputs.matrix }}
     steps:
       # Check out the repository code
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v6.0.2
       # Find all Python files in the marimo folder and create a matrix for parallel execution
       - name: Find notebooks and build matrix
         id: notebooks
         run: |
           # Extract MARIMO_FOLDER from the project configuration (via Makefile)
+          # shellcheck disable=SC2016 # Single quotes intentional - Make syntax, not shell expansion
           NOTEBOOK_DIR=$(make -s -f Makefile -f - <<< 'print: ; @echo $(or $(MARIMO_FOLDER),marimo)' print)
           echo "Searching notebooks in: $NOTEBOOK_DIR"
@@ -74,18 +75,20 @@ jobs:
     name: Run notebook ${{ matrix.notebook }}
     steps:
       # Check out the repository code
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v6.0.2
         with:
           lfs: true
       # Install uv/uvx
       - name: Install uv
-        uses: astral-sh/setup-uv@v7
+        uses: astral-sh/setup-uv@v7.2.1
         with:
-          version: "0.9.26"
+          version: "0.9.28"
       # Execute the notebook with the appropriate runner based on its content
       - name: Run notebook
+        env:
+          UV_EXTRA_INDEX_URL: ${{ secrets.UV_EXTRA_INDEX_URL }}
         run: |
           uvx uv run "${{ matrix.notebook }}"
           # uvx → creates a fresh ephemeral environment

rhiza-0.9.1/.github/workflows/rhiza_mypy.yml ADDED Viewed

@@ -0,0 +1,34 @@
+# This file is part of the jebel-quant/rhiza repository
+# (https://github.com/jebel-quant/rhiza).
+#
+# Workflow: Mypy
+#
+# Purpose: Run static type checking with mypy in strict mode to ensure
+#          type safety across the codebase.
+#
+# Trigger: On push and pull requests to main/master branches.
+name: "(RHIZA) MYPY"
+permissions:
+  contents: read
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+jobs:
+  mypy:
+    name: Static type checking with mypy
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/astral-sh/uv:0.9.28-bookworm
+    steps:
+      - uses: actions/checkout@v6
+      # to brutal for now
+      # - name: Run mypy
+      #   run: make -f .rhiza/rhiza.mk mypy

{rhiza-0.9.0 → rhiza-0.9.1}/.github/workflows/rhiza_pre-commit.yml RENAMED Viewed

@@ -29,9 +29,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v6.0.2
       # Run pre-commit
       - name: Run pre-commit
         run: |
-          make -f .rhiza/rhiza.mk fmt
+          make fmt

{rhiza-0.9.0 → rhiza-0.9.1}/.github/workflows/rhiza_release.yml RENAMED Viewed

@@ -33,6 +33,7 @@
 #   - No PyPI credentials stored; relies on Trusted Publishing via GitHub OIDC
 #   - For custom feeds, PYPI_TOKEN secret is used with default username __token__
 #   - Container registry uses GITHUB_TOKEN for authentication
+#   - SLSA provenance attestations generated for build artifacts (public repos only)
 #
 # 📄 Requirements:
 #   - pyproject.toml with top-level version field (for Python packages)
@@ -61,9 +62,10 @@ on:
       - 'v*'
 permissions:
-  contents: write  # Needed to create releases
-  id-token: write  # Needed for OIDC authentication with PyPI
-  packages: write  # Needed to publish devcontainer image
+  contents: write       # Needed to create releases
+  id-token: write       # Needed for OIDC authentication with PyPI
+  packages: write       # Needed to publish devcontainer image
+  attestations: write   # Needed for SLSA provenance attestations (public repos only)
 jobs:
   tag:
@@ -73,7 +75,7 @@ jobs:
       tag: ${{ steps.set_tag.outputs.tag }}
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
         with:
           fetch-depth: 0
@@ -81,7 +83,7 @@ jobs:
         id: set_tag
         run: |
           TAG="${GITHUB_REF#refs/tags/}"
-          echo "tag=$TAG" >> $GITHUB_OUTPUT
+          echo "tag=$TAG" >> "$GITHUB_OUTPUT"
       - name: Validate Release
         env:
@@ -104,21 +106,14 @@ jobs:
     needs: tag
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
         with:
           fetch-depth: 0
       - name: Install uv
-        uses: astral-sh/setup-uv@v7
+        uses: astral-sh/setup-uv@v7.2.1
         with:
-          version: "0.9.26"
-      - name: "Sync the virtual environment for ${{ github.repository }}"
-        shell: bash
-        run: |
-          export UV_EXTRA_INDEX_URL="${{ secrets.uv-extra-index-url }}"
-          # will just use .python-version?
-          uv sync --all-extras --all-groups --frozen
+          version: "0.9.28"
       - name: Verify version matches tag
         if: hashFiles('pyproject.toml') != ''
@@ -148,10 +143,15 @@ jobs:
           printf "[INFO] Building package...\n"
           uvx hatch build
+      - name: Generate SLSA provenance attestations
+        if: steps.buildable.outputs.buildable == 'true' && github.event.repository.private == false
+        uses: actions/attest-build-provenance@v3
+        with:
+          subject-path: dist/*
       - name: Upload dist artifact
         if: steps.buildable.outputs.buildable == 'true'
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v6.0.0
         with:
           name: dist
           path: dist
@@ -182,12 +182,12 @@ jobs:
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
         with:
           fetch-depth: 0
       - name: Download dist artifact
-        uses: actions/download-artifact@v7
+        uses: actions/download-artifact@v7.0.0
         with:
           name: dist
           path: dist
@@ -199,15 +199,15 @@ jobs:
         run: |
           if [[ ! -d dist ]]; then
             echo "::warning::No folder dist/. Skipping PyPI publish."
-            echo "should_publish=false" >> $GITHUB_OUTPUT
+            echo "should_publish=false" >> "$GITHUB_OUTPUT"
           else
             if grep -R "Private :: Do Not Upload" pyproject.toml; then
-              echo "should_publish=false" >> $GITHUB_OUTPUT
+              echo "should_publish=false" >> "$GITHUB_OUTPUT"
             else
-              echo "should_publish=true" >> $GITHUB_OUTPUT
+              echo "should_publish=true" >> "$GITHUB_OUTPUT"
             fi
           fi
-          cat $GITHUB_OUTPUT
+          cat "$GITHUB_OUTPUT"
       # this should not take place, as "Private :: Do Not Upload" set in pyproject.toml
       # repository-url and password only used for custom feeds, not for PyPI with OIDC
@@ -230,7 +230,7 @@ jobs:
       image_name: ${{ steps.image_name.outputs.image_name }}
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
         with:
           fetch-depth: 0
@@ -240,10 +240,10 @@ jobs:
           PUBLISH_DEVCONTAINER: ${{ vars.PUBLISH_DEVCONTAINER }}
         run: |
           if [[ "$PUBLISH_DEVCONTAINER" == "true" ]] && [[ -d ".devcontainer" ]]; then
-            echo "should_publish=true" >> $GITHUB_OUTPUT
+            echo "should_publish=true" >> "$GITHUB_OUTPUT"
             echo "🚀 Will build and publish devcontainer image"
           else
-            echo "should_publish=false" >> $GITHUB_OUTPUT
+            echo "should_publish=false" >> "$GITHUB_OUTPUT"
             echo "⏭️  Skipping devcontainer publish (PUBLISH_DEVCONTAINER not true or .devcontainer missing)"
           fi
@@ -255,11 +255,11 @@ jobs:
           if [ -z "$REGISTRY" ]; then
             REGISTRY="ghcr.io"
           fi
-          echo "registry=$REGISTRY" >> $GITHUB_OUTPUT
+          echo "registry=$REGISTRY" >> "$GITHUB_OUTPUT"
       - name: Login to Container Registry
         if: steps.check_publish.outputs.should_publish == 'true'
-        uses: docker/login-action@v3
+        uses: docker/login-action@v3.7.0
         with:
           registry: ${{ steps.registry.outputs.registry }}
           username: ${{ github.repository_owner }}
@@ -268,7 +268,7 @@ jobs:
       - name: Get lowercase repository owner
         if: steps.check_publish.outputs.should_publish == 'true'
         id: repo_owner
-        run: echo "owner_lc=$(echo '${{ github.repository_owner }}' | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
+        run: echo "owner_lc=$(echo '${{ github.repository_owner }}' | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_OUTPUT"
       - name: Get Image Name
         if: steps.check_publish.outputs.should_publish == 'true'
@@ -297,7 +297,7 @@ jobs:
           IMAGE_NAME="${{ steps.registry.outputs.registry }}/${{ steps.repo_owner.outputs.owner_lc }}/$IMAGE_NAME"
           echo "✅ Final image name: $IMAGE_NAME"
-          echo "image_name=$IMAGE_NAME" >> $GITHUB_OUTPUT
+          echo "image_name=$IMAGE_NAME" >> "$GITHUB_OUTPUT"
       - name: Build and Publish Devcontainer Image
         if: steps.check_publish.outputs.should_publish == 'true'
@@ -315,30 +315,29 @@ jobs:
     if: needs.pypi.result == 'success' || needs.devcontainer.result == 'success'
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
         with:
           fetch-depth: 0
       - name: Install uv
-        uses: astral-sh/setup-uv@v7
+        uses: astral-sh/setup-uv@v7.2.1
         with:
-          version: "0.9.26"
+          version: "0.9.28"
       - name: "Sync the virtual environment for ${{ github.repository }}"
         shell: bash
         run: |
-          export UV_EXTRA_INDEX_URL="${{ secrets.uv-extra-index-url }}"
+          export UV_EXTRA_INDEX_URL="${{ secrets.uv_extra_index_url }}"
           # will just use .python-version?
           uv sync --all-extras --all-groups --frozen
       - name: Set up Python
-        uses: actions/setup-python@v6
+        uses: actions/setup-python@v6.2.0
       - name: Generate Devcontainer Link
         id: devcontainer_link
         if: needs.devcontainer.outputs.should_publish == 'true' && needs.devcontainer.result == 'success'
         run: |
-          OWNER_LC=$(echo "${{ github.repository_owner }}" | tr '[:upper:]' '[:lower:]')
           FULL_IMAGE="${{ needs.devcontainer.outputs.image_name }}:${{ needs.tag.outputs.tag }}"
           {
             echo "message<<EOF"
@@ -346,13 +345,13 @@ jobs:
             echo ""
             echo "\`$FULL_IMAGE\`"
             echo "EOF"
-          } >> $GITHUB_OUTPUT
+          } >> "$GITHUB_OUTPUT"
       - name: Generate PyPI Link
         id: pypi_link
         if: needs.pypi.outputs.should_publish == 'true' && needs.pypi.result == 'success'
         run: |
-          PACKAGE_NAME=$(python3 -c "import tomllib; print(tomllib.load(open('pyproject.toml', 'rb'))['project']['name'])")
+          PACKAGE_NAME=$(uv run python -c "import tomllib; print(tomllib.load(open('pyproject.toml', 'rb'))['project']['name'])")
           VERSION="${{ needs.tag.outputs.tag }}"
           VERSION=${VERSION#v}
@@ -371,7 +370,7 @@ jobs:
             echo ""
             echo "[$PACKAGE_NAME]($LINK)"
             echo "EOF"
-          } >> $GITHUB_OUTPUT
+          } >> "$GITHUB_OUTPUT"
       - name: Publish Release
         uses: softprops/action-gh-release@v2.5.0

{rhiza-0.9.0 → rhiza-0.9.1}/.github/workflows/rhiza_security.yml RENAMED Viewed

@@ -27,10 +27,18 @@ jobs:
     name: Security scanning
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/astral-sh/uv:0.9.26-python3.12-trixie
+      image: ghcr.io/astral-sh/uv:0.9.28-bookworm
     steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v6.0.2
       - name: Run security scans
+        env:
+          UV_EXTRA_INDEX_URL: ${{ secrets.UV_EXTRA_INDEX_URL }}
         run: make security
+      - name: Run typecheck
+        env:
+          UV_EXTRA_INDEX_URL: ${{ secrets.UV_EXTRA_INDEX_URL }}
+        run: make typecheck

{rhiza-0.9.0 → rhiza-0.9.1}/.github/workflows/rhiza_sync.yml RENAMED Viewed

@@ -26,7 +26,7 @@ jobs:
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
         with:
           token: ${{ secrets.PAT_TOKEN || github.token }}
           fetch-depth: 0
@@ -50,7 +50,13 @@ jobs:
           fi
       - name: Install uv
-        uses: astral-sh/setup-uv@v7
+        uses: astral-sh/setup-uv@v7.2.1
+      - name: Get Rhiza version
+        id: rhiza-version
+        run: |
+          VERSION=$(cat .rhiza/.rhiza-version 2>/dev/null || echo "0.9.0")
+          echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
       - name: Sync template
         id: sync
@@ -58,7 +64,9 @@ jobs:
         run: |
           set -euo pipefail
-          uvx rhiza materialize --force .
+          RHIZA_VERSION="${{ steps.rhiza-version.outputs.version }}"
+          uvx "rhiza>=${RHIZA_VERSION}" materialize --force .
           git add -A
@@ -70,10 +78,11 @@ jobs:
           echo "changes_detected=true" >> "$GITHUB_OUTPUT"
           # Generate PR description based on staged changes
-          uvx rhiza summarise --output pr-description.md
+          uvx "rhiza>=${RHIZA_VERSION}" summarise --output "${RUNNER_TEMP}/pr-description.md"
           git config user.name  "github-actions[bot]"
           git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config --global url."https://x-access-token:${{ secrets.PAT_TOKEN }}@github.com/".insteadOf "https://github.com/"
           git commit -m "chore: Update via rhiza"
@@ -81,11 +90,11 @@ jobs:
         if: >
           (github.event_name == 'schedule' || inputs.create-pr == true)
           && steps.sync.outputs.changes_detected == 'true'
-        uses: peter-evans/create-pull-request@v8
+        uses: peter-evans/create-pull-request@v8.1.0
         with:
           token: ${{ secrets.PAT_TOKEN || github.token }}
           base: ${{ github.event.repository.default_branch }}
           branch: ${{ steps.branch.outputs.name }}
           delete-branch: true
           title: "chore: Sync with rhiza"
-          body-path: pr-description.md
+          body-path: ${{ runner.temp }}/pr-description.md

{rhiza-0.9.0 → rhiza-0.9.1}/.github/workflows/rhiza_validate.yml RENAMED Viewed

@@ -15,11 +15,11 @@ jobs:
     # don't run this in rhiza itself. Rhiza has no template.yml file.
     if: ${{ github.repository != 'jebel-quant/rhiza' }}
     container:
-      image: ghcr.io/astral-sh/uv:0.9.26-python3.12-trixie
+      image: ghcr.io/astral-sh/uv:0.9.28-bookworm
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v6.0.2
       - name: Validate Rhiza config
         shell: bash

{rhiza-0.9.0 → rhiza-0.9.1}/.gitignore RENAMED Viewed

@@ -13,6 +13,7 @@ _book
 _pdoc
 _marimushka
 _benchmarks
+_jupyter
 # temp file used by Junie
 .output.txt

rhiza 0.9.0__tar.gz → 0.9.1__tar.gz

rhiza 0.9.0tar.gz → 0.9.1tar.gz