Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

pypi-version

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

pypi-version

Check if you haven't forgotten to bump the PyPi package version number before you merge a release pull request.

  • 0.2.0
  • PyPI
  • Socket score

Maintainers
1

pypi-version

Release PyPI version shields.io Build Status codecov

Downloads PyPI license PyPI pyversions

Getting started

How to install

Install the pypi-version with the following command using pip3:

$ pip3 install pypi-version

What is pypi-version

pypi-version checks if you haven't forgotten to bump the PyPi package version number before you merge a release pull request.

It would be useful if you:

If you do not know these concepts, go ahead to the references section first. After, start reading from the next section.

Motivation

Python packages have version number such as 0.1.0 or 1.3.3. Python packages commonly are uploaded to PyPi. Sometimes after adding new functionality to your package you forget to increase the version number of the package. So when you try to upload it, you get the error message Package version number already in use. It is okay if you develop the package locally and alone, you just modify the version number and upload it again. But if you develop the package using particular development flow such as Gitflow workflow and continuous integration services — then you should create separated pull request to bump the version, the resources and time you will spend on it are increasing in few times. The cost of the mistake is high.

So if you integrate the pypi-version to your continuous integration service by checking the version using simple command line tool, it will never allow your pull request to be merged if you forget to increase the version.

Examples

There is the test repository of the Python package that has integrated pypi-versiontest-pypi-version-travis-ci. It uses Travis CI as continuous integration service.

It contains:

Version number in the setup.py

Version number on the PyPi

Release pull request

Not increased version number in the setup.py

CI failed

Travis CI configuration file

  • as the result, pypi-version checks if release pull request's (from develop to master) changes contain an increasing the package version number before it will be merged. In the example that is described above there is no increasing the version — pypi-version check is failed. If one of the declared checking in the configuration file is failed — it means pull request continuous integration checking is failed and pull request does not allowed to be merged with wrong version number.

PyPi version checking

Usage

Command line interface

To check if you haven't forgotten to bump the PyPi package version number before you merge a release pull request:

$ pypi-version check

To fetch the version of the pypi-version package:

$ pypi-version --version
pypi-version, version 0.1.0

To fetch all available package commands, use the following command:

$ pypi-version --help
Usage: pypi-version [OPTIONS] COMMAND [ARGS]...

  Command line interface for PyPi version checking.

Options:
  --version  Show the version and exit.
  --help     Show this message and exit.

Commands:
  check  Check if you haven't forgotten to bump the PyPi package version.

Configuration file

pypi-version requires a configuration file called .pypi-version.yml to be located in the root of the project:

package
 |
 - ...
 - source
 - README.md
 - setup.py
 - .pypi-version.yml
 ...

The configuration file should contains:

  • the section with your PyPi package name that is the same with the name in the setup.py:
package:
  name: test-pypi-version-travis-ci
  • name of the continuous integration service you use. Available options are: travis.
ci:
  name: travis
  • development and release branch names. In the configurations which are illustrated below means package version number will be checked only when you do a pull request from develop to master.
branches:
  development: develop
  release: master

The full example of the configuration file is:

package:
  name: pypi-version

ci:
  name: travis

branches:
  development: develop
  release: master

Continuous integration services

Travis-CI

The example of the configuration file which install and use pypi-version:

language: python

python:
  - "3.6"

install:
  - pip install pypi-version

script:
  - pypi-version check

The example of the failed build (version hasn't been bumped):

The example of the Travis-CI failed build

CircleCI

The example of the configuration file which install and use pypi-version:

version: 2
jobs:
  build:
    docker:
      - image: circleci/python:3.6.4
    steps:
      - checkout
      - run:
          name: Install pypi-version package
          command: sudo pip3 install pypi-version
      - run:
          name: Check if PyPi should be bumped
          command: sudo -H -E pypi-version check

The example of the failed build (version hasn't been bumped):

The example of the CircleCI failed build:

Contributing

Clone the project and install requirements:

$ git clone git@github.com:dmytrostriletskyi/pypi-version.git && cd pypi-version
$ pip3 install -r requirements.txt
$ pip3 install -r requirements-dev.txt
$ pip3 install -r requirements-tests.txt

When you will make changes, ensure your code pass the checkers and is covered by tests using pytest.

If you are new for the contribution, please read:

References

Python package

Python package is redistributed and reused couple of the Python scripts. They exist to solve the typical problems. So if you have common problem in your project — instead of writing own code and spend a time for it, use the package that already have required functionality. The examples of Python packages you should know are requests and Django.

Gitflow workflow

Instead of a single master branch, this workflow uses two branches to record the history of the project. The master branch stores the official release history, and the develop branch serves as an integration branch for features.

So when you complete the feature, you open the pull request from feature branch to the develop branch. When you complete the bunch of features, you open the pull request from develop branch to master branch which are going to merge this bunch of features that means you do new release.

Example of the release pull request

According to the changes that contains new features, you should increase your version number (e.g. from 1.0.0 to 1.1.0) in the file called setup.py in the same pull request.

Increase version in setup.pt

Upload to PyPi

When your features with increased version number have been merged to the master branch, you are going to upload your source code to the Python Package Index.

Being in the root of you project,

package
 |
 - ...
 - source
 - README.md
 - setup.py
 ...

you do the following command:

$ python3 setup.py sdist
$ twine upload dist/*

And if you haven't forgotten to bump the PyPi package version number, the upload is successful.

Continuous integration services

Continuous integration services are useful when you want add some robotic checking for your pull request changes. For instance, you can run checking code style with flake8 and run tests with pytest to check your changes does not break existing functionality on the few version of Python. The configuration file example for Travis CI is presented below.

language: python

python:
  - "3.4"
  - "3.5"
  - "3.6"
  - "3.7-dev"

install:
  - pip install -r requirements-dev.txt
  - pip install -r requirements-tests.txt

script:
  - cat requirements-tests.txt requirements-dev.txt | safety check --stdin
  - radon cc accessify -nb --total-average
  - isort -rc accessify --diff && isort -rc tests --diff
  - flake8 accessify
  - coverage run -m pytest -vv tests

after_success:
  - coverage report -m && coverage xml
  - bash <(curl -s https://codecov.io/bash)

Each pull request the checking report will be presented. By clicking on the details you will see full report.

Pull request checks

FAQs


Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc