Merge pull request #31 from peppelinux/main

v1.2.0: improved CI and alignemtn with the eUDIW reference implementation

Author: peppelinux

.github/workflows/code-quality.yml

@@ -8,7 +8,33 @@ on:
     branches: ["*"]
 
 jobs:
+  skip-check:
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.check.outputs.should_skip }}
+    steps:
+      - uses: actions/github-script@v7
+        id: check
+        with:
+          script: |
+            const branch = process.env.BRANCH || '';
+            const { data: { workflow_runs } } = await github.rest.actions.listWorkflowRunsForRepo({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              status: 'in_progress',
+            });
+            const otherRunning = workflow_runs.filter(
+              r => r.id != context.runId &&
+                r.name === context.workflow &&
+                (!branch || r.head_branch === branch)
+            );
+            core.setOutput('should_skip', otherRunning.length > 0 ? 'true' : 'false');
+        env:
+          BRANCH: ${{ github.head_ref || github.ref_name }}
+
   lint:
+    needs: skip-check
+    if: needs.skip-check.outputs.should_skip != 'true'
     name: flake8
     runs-on: ubuntu-latest
     steps:
@@ -29,6 +55,8 @@ jobs:
           flake8 pymdoccbor
 
   isort:
+    needs: skip-check
+    if: needs.skip-check.outputs.should_skip != 'true'
     name: isort
     runs-on: ubuntu-latest
     steps:
@@ -48,6 +76,8 @@ jobs:
           isort pymdoccbor --check-only --diff
 
   bandit:
+    needs: skip-check
+    if: needs.skip-check.outputs.should_skip != 'true'
     name: Bandit security scan
     runs-on: ubuntu-latest
     steps:
@@ -67,6 +97,8 @@ jobs:
           bandit -r -x pymdoccbor/tests pymdoccbor -f txt
 
   radon:
+    needs: skip-check
+    if: needs.skip-check.outputs.should_skip != 'true'
     name: Radon complexity
     runs-on: ubuntu-latest
     steps:

.github/workflows/dependency-security.yml

@@ -8,7 +8,33 @@ on:
     branches: ["*"]
 
 jobs:
+  skip-check:
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.check.outputs.should_skip }}
+    steps:
+      - uses: actions/github-script@v7
+        id: check
+        with:
+          script: |
+            const branch = process.env.BRANCH || '';
+            const { data: { workflow_runs } } = await github.rest.actions.listWorkflowRunsForRepo({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              status: 'in_progress',
+            });
+            const otherRunning = workflow_runs.filter(
+              r => r.id != context.runId &&
+                r.name === context.workflow &&
+                (!branch || r.head_branch === branch)
+            );
+            core.setOutput('should_skip', otherRunning.length > 0 ? 'true' : 'false');
+        env:
+          BRANCH: ${{ github.head_ref || github.ref_name }}
+
   pip-audit:
+    needs: skip-check
+    if: needs.skip-check.outputs.should_skip != 'true'
     name: pip-audit
     runs-on: ubuntu-latest
     steps:
@@ -23,8 +49,8 @@ jobs:
           python -m venv env
           source env/bin/activate
           pip install --upgrade pip pip-audit
-          pip install "cbor2>=5.4.0" "cbor-diag>=1.1.0" "pycose>=1.0.1"
           pip install -r requirements-dev.txt
+          pip install -e .
 
       # Exit 1 on any vulnerability (fail CI). --skip-editable whitelists pymdoccbor (local package, not on PyPI).
       # Ignore only unfixable: ecdsa CVE-2024-23342 (no upstream fix; see docs/SECURITY-DEPENDENCIES.md).

.github/workflows/python-app.yml

@@ -10,8 +10,33 @@ on:
     branches: [ "*" ]
 
 jobs:
-  build:
+  skip-check:
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.check.outputs.should_skip }}
+    steps:
+      - uses: actions/github-script@v7
+        id: check
+        with:
+          script: |
+            const branch = process.env.BRANCH || '';
+            const { data: { workflow_runs } } = await github.rest.actions.listWorkflowRunsForRepo({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              status: 'in_progress',
+            });
+            const otherRunning = workflow_runs.filter(
+              r => r.id != context.runId &&
+                r.name === context.workflow &&
+                (!branch || r.head_branch === branch)
+            );
+            core.setOutput('should_skip', otherRunning.length > 0 ? 'true' : 'false');
+        env:
+          BRANCH: ${{ github.head_ref || github.ref_name }}
 
+  build:
+    needs: skip-check
+    if: needs.skip-check.outputs.should_skip != 'true'
     runs-on: ubuntu-22.04
 
     strategy:
@@ -21,6 +46,8 @@ jobs:
           - '3.10'
           - "3.11"
           - "3.12"
+          - "3.13"
+          - "3.14"
 
     steps:
     - uses: actions/checkout@v4

NOTICE

@@ -0,0 +1,11 @@
+IdentityPython pyMDOC-CBOR
+https://github.com/IdentityPython/pyMDOC-CBOR
+
+This project aligns with the EU Digital Identity Wallet reference implementation:
+https://github.com/eu-digital-identity-wallet/pyMDOC-CBOR
+
+Modifications in that repository are Copyright (c) European Commission
+and licensed under the Apache License, Version 2.0.
+
+This project is licensed under the Apache License, Version 2.0.
+See the LICENSE file for details.

README.md

@@ -285,6 +285,10 @@ Other examples at [cbor official documentation](https://github.com/agronholm/cbo
 
 - [Python Certvalidator](https://github.com/wbond/certvalidator/blob/master/docs/usage.md)
 
+## EUDI Wallet reference implementation
+
+This project aligns with the [EU Digital Identity Wallet pyMDOC-CBOR](https://github.com/eu-digital-identity-wallet/pyMDOC-CBOR) reference implementation. That repository may contain additional modifications for EUDI Wallet PID and mDL use cases (European Commission) since the EU Digital Identity Wallet pyMDOC-CBOR is a fork of this project.
+
 ## Authors and contributors
 
 - Giuseppe De Marco

pymdoccbor/__init__.py

@@ -1 +1 @@
-__version__ = "1.1.0"
+__version__ = "1.2.0"

pymdoccbor/exceptions.py

@@ -1,3 +1,4 @@
+# Aligns with https://github.com/eu-digital-identity-wallet/pyMDOC-CBOR
 class InvalidMdoc(Exception):
     """
     """

pymdoccbor/mdoc/exceptions.py

@@ -1,3 +1,4 @@
+# Aligns with https://github.com/eu-digital-identity-wallet/pyMDOC-CBOR
 class MissingPrivateKey(Exception):
     pass
 

pymdoccbor/mdoc/issuer.py

@@ -1,3 +1,4 @@
+# Aligns with https://github.com/eu-digital-identity-wallet/pyMDOC-CBOR
 import base64
 import binascii
 import logging

pymdoccbor/mdoc/issuersigned.py

@@ -1,3 +1,4 @@
+# Aligns with https://github.com/eu-digital-identity-wallet/pyMDOC-CBOR
 from typing import Union
 
 import cbor2