Skip to content

Move all Python tool configs to pyproject.toml #235

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Nov 17, 2025
Merged

Move all Python tool configs to pyproject.toml #235

merged 7 commits into from
Nov 17, 2025
+19 −31

Conversation

@jsf9k
Copy link
Member

@jsf9k jsf9k commented Nov 6, 2025
edited
Loading

🗣 Description

This pull request:

  • Moves the flake8 and isort configurations to a pyproject.toml file.
  • Removes the bandit configuration

See also cisagov/skeleton-python-library#164.

💭 Motivation and context

  • It is cleaner to have all Python tool configurations live in a single file.
  • The bandit configuration wasn't actually doing anything due to its contents.

Resolves #233. Resolves #234.

🧪 Testing

All automated tests pass.

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All new and existing tests pass.

jsf9k added 3 commits November 6, 2025 16:23
@jsf9k
Rename .flake8 to pyproject.toml and update syntax
ad708bd 
We can configure all our Python tooling in a single pyproject.toml
file.

Note that using pyproject.toml to configure flake8 requires the
addition of the flake8-pyproject Python library.
@jsf9k
Add flake8-pyproject as an additional dependency of the flake8 pre-co…
2a3bb8b 
…mmit hook

This will ensure that, even when run as a pre-commit hook, flake8
reads its configuration from the pyproject.toml file.
@jsf9k
Move isort config to pyproject.toml file
a70cf3c
@jsf9k jsf9k self-assigned this Nov 6, 2025
@jsf9k jsf9k added the improvement This issue or pull request will add or improve functionality, maintainability, or ease of use label Nov 6, 2025
@github-actions github-actions bot added dependencies Pull requests that update a dependency file test This issue or pull request adds or otherwise modifies test code labels Nov 6, 2025
@jsf9k
Add pyproject.toml as a trigger for the test label
c1861e6 
Also remove .flake8 and .isort.cfg as triggers for the same label.
@jsf9k jsf9k changed the title Move flake8 and isort configs to pyproject.toml Move all Python tool configs to pyproject.toml Nov 6, 2025
@jsf9k jsf9k moved this from In progress to Review in progress in Skeleton Maintenance Nov 6, 2025
@jsf9k jsf9k marked this pull request as ready for review November 6, 2025 21:49
@jsf9k jsf9k requested review from dav3r and mcdonnnj as code owners November 6, 2025 21:49
@jsf9k jsf9k mentioned this pull request Nov 6, 2025
Open
10 tasks
jsf9k added 2 commits November 7, 2025 09:06
@jsf9k
Remove the .bandit.yml file
22c6f40 
This file was doing nothing due to its contents.
@jsf9k
Pin the flake8-pyproject dependency in the pre-commit configuration
15cb601 
The flake8-docstrings dependency is pinned, so this one should be too.
@jsf9k jsf9k force-pushed the improvement/move-flake8-config-to-pyproject-toml branch from b5d84c8 to 15cb601 Compare November 7, 2025 14:06
@jsf9k jsf9k added the kraken 🐙 This pull request is ready to merge during the next Lineage Kraken release label Nov 7, 2025
@jsf9k jsf9k added this to Next Kraken Nov 7, 2025
@jsf9k jsf9k moved this to In Progress in Next Kraken Nov 7, 2025
@dav3r dav3r requested a review from Copilot November 7, 2025 15:22
dav3r
dav3r approved these changes Nov 7, 2025
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 👍 This all makes sense to me.

Copilot AI reviewed Nov 7, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR consolidates Python tool configurations into pyproject.toml, migrating from separate configuration files (.flake8, .isort.cfg, .bandit.yml) to a centralized TOML-based approach. This modernizes the project's configuration management by leveraging the standard pyproject.toml file.

Key Changes:

  • Migrated flake8 configuration to pyproject.toml using the flake8-pyproject plugin
  • Consolidated isort configuration into pyproject.toml
  • Removed bandit custom configuration file and simplified to use defaults
  • Updated GitHub labeler to track pyproject.toml instead of removed config files

Reviewed Changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
requirements-test.txt Added flake8-pyproject dependency to enable flake8 to read configuration from pyproject.toml
pyproject.toml Migrated flake8 and isort configurations from separate files to TOML format; updated flake8 config to use [tool.flake8] section with array syntax and extend-ignore
.pre-commit-config.yaml Removed bandit config file argument and added flake8-pyproject==1.2.3 dependency to flake8 hook
.isort.cfg Deleted file - configuration moved to pyproject.toml
.github/labeler.yml Updated test-related file tracking to include pyproject.toml and remove deleted config files
.bandit.yml Deleted file - using bandit defaults instead of custom configuration

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@jsf9k jsf9k mentioned this pull request Nov 7, 2025
Open
6 tasks
@jsf9k
Remove flake8-pyproject dependency from requirements-test.txt
bc6bf8c 
flake8 itself isn't installed here, so this dependency shouldn't be
either.  This jibes with the fact that we don't install
flake8-docstrings (another dependency of the flake8 pre-commit hook)
into the virtual environment either.
@jsf9k jsf9k enabled auto-merge November 17, 2025 15:47
@jsf9k jsf9k disabled auto-merge November 17, 2025 15:47
@jsf9k jsf9k merged commit 4a1bb4d into develop Nov 17, 2025
13 checks passed
@jsf9k jsf9k deleted the improvement/move-flake8-config-to-pyproject-toml branch November 17, 2025 15:47
@github-project-automation github-project-automation bot moved this from In Progress to Done in Next Kraken Nov 17, 2025
@github-project-automation github-project-automation bot moved this from Review in progress to Done in Skeleton Maintenance Nov 17, 2025
This was referenced Nov 17, 2025
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@dav3r dav3r dav3r approved these changes

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

Assignees

@jsf9k jsf9k

Labels

dependencies Pull requests that update a dependency file improvement This issue or pull request will add or improve functionality, maintainability, or ease of use kraken 🐙 This pull request is ready to merge during the next Lineage Kraken release test This issue or pull request adds or otherwise modifies test code

Projects

Next Kraken
Status: Done
Skeleton Maintenance
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Consider moving contents of .flake8 and .isort.cfg to a pyproject.toml file Remove .bandit.yml file

3 participants

@jsf9k @dav3r