Improve GH Workflows (#94)

.github/workflows/codeql.yml

@@ -23,29 +23,34 @@ jobs:
     steps:
     - name: Checkout Repository
       uses: actions/checkout@v4
+
     - name: Set up Python 3.12
       id: setup-python
-      uses: actions/setup-python@v4
+      uses: actions/setup-python@v5
       with:
         python-version: '3.12'
-    - name: Set up Poetry
-      uses: Gr1N/setup-poetry@v8
-    - name: Cache Poetry
-      id: cache-poetry
-      uses: actions/cache@v3
+
+    - name: Cache Dependencies
+      id: cache-pip
+      uses: actions/cache@v4
       with:
-        path: ~/.cache/pypoetry/virtualenvs
-        key: ${{ runner.os }}-codeql-python-${{ hashFiles('**/poetry.lock') }}
-    - name: Install Poetry Dependencies
-      if: steps.cache-poetry.outputs.cache-hit != 'true'
+        path: ~/.cache/pip
+        key: ${{ runner.os }}-codeql-pip-${{ hashFiles('**/requirements.txt') }}
+        restore-keys: |
+          ${{ runner.os }}-codeql-pip-
+    
+    - name: Install Dependencies
+      if: steps.cache-pip.outputs.cache-hit != 'true'
       run: |
-        poetry install
+        pip install -r requirements.txt
+    
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       with:
         languages: python
         setup-python-dependencies: false
+
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3
       with:
         upload: true

.github/workflows/dependabot-auto-merge.yml

@@ -20,7 +20,7 @@ jobs:
     steps:
       - name: Dependabot metadata
         id: metadata
-        uses: dependabot/fetch-metadata@v1
+        uses: dependabot/fetch-metadata@v2
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
       - name: Enable auto-merge for Dependabot PRs

.github/workflows/lint.yml

@@ -22,30 +22,16 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Python ${{ matrix.version }}
-        id: setup-python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: ${{ matrix.version }}
-
-      - name: Set up Poetry
-        uses: Gr1N/setup-poetry@v8
-
-      - name: Cache Poetry
-        id: cache-poetry
-        uses: actions/cache@v3
-        with:
-          path: ~/.cache/pypoetry/virtualenvs
-          key: ${{ runner.os }}-poetry-cache-${{ matrix.version }}-${{ hashFiles('**/poetry.lock') }}
-
-      - name: Install Poetry Dependencies
-        if: steps.cache-poetry.outputs.cache-hit != 'true'
-        run: |
-          poetry install --with dev
-          
-      - name: Run Pyright
+
+      - name: Install Tox
         run: |
-          poetry run pyright bot
+          pip install "tox>=4.13.0,<5"
 
-      - name: Run Ruff
+      - name: Lint Codebase
         run: |
-          poetry run ruff bot
+          RAW_PYTHON_VERSION=${{ matrix.version }}
+          PYTHON_VERSION=$(echo $RAW_PYTHON_VERSION | sed 's/\.//')
+          tox -e py$PYTHON_VERSION

pyproject.toml

@@ -31,6 +31,7 @@ typing-extensions = "^4.10.0"
 pre-commit = "^3"
 pyright = "^1.1"
 ruff = "^0.3"
+tox = "^4"
 
 [tool.poetry.group.docs.dependencies]
 sphinx = "^7.2.6"
@@ -58,7 +59,7 @@ reportUnnecessaryTypeIgnoreComment = "warning"
 [tool.bandit]
 skips = ["B311", "B101"]
 
-[tool.ruff]
+[tool.ruff.lint]
 ignore = ["E501", "N999", "E402", "S311"]
 select = ["E", "F", "N", "ASYNC", "S", "ERA"]
 

tox.ini

@@ -0,0 +1,15 @@
+[tox]
+requires =
+    tox>=4
+env_list = py{39,310,311,312}
+no_package = true
+
+[testenv]
+description = run linting workflows
+deps = 
+    pyright>=1.1.355,<2
+    ruff>=0.3.4,<1
+    -r requirements.txt
+commands = 
+    pyright bot
+    ruff check bot