name: build on: push: branches: - main pull_request: branches: - main permissions: {} jobs: lint: name: lint runs-on: ubuntu-latest steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: 3.14 - run: python -m pip install --upgrade pip wheel tox - run: tox -eflake8 - run: tox -edocs tests: name: tests strategy: matrix: os: [windows-latest, macos-latest, ubuntu-latest] python: ['3.10', '3.11', '3.12', '3.13', '3.14', '3.14t', 'pypy3.11'] fail-fast: false runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: ${{ matrix.python }} - run: python -m pip install --upgrade pip wheel tox - run: tox -epy coverage: name: coverage runs-on: ubuntu-latest steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: 3.14 - run: python -m pip install --upgrade pip wheel tox - run: tox -epy - uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0 with: files: ./coverage.xml fail_ci_if_error: true token: ${{ secrets.CODECOV_TOKEN }} zizmor: name: zizmor runs-on: ubuntu-latest permissions: contents: read actions: read steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3 with: advanced-security: false