From a06d7199b5e2bc0f0334af5840c7061e8b9e9e1a Mon Sep 17 00:00:00 2001 From: Marie Backman Date: Wed, 25 Mar 2026 11:55:15 -0400 Subject: [PATCH 1/2] Modify versioning format to use committer date Updated versioning configuration to include committer date in distance format. --- pyproject.toml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 0111b66..c86f49b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -65,21 +65,18 @@ packages = ["src/packagenamepy"] [tool.versioningit.vcs] method = "git" default-tag = "0.1.0" -# Ignore RC tags when calculating distance from the latest tag. -# This ensures dev versions increase monotonically relative to the latest production release. -exclude = ["*rc*"] [tool.versioningit.next-version] method = "minor" [tool.versioningit.format] -distance = "{next_version}.dev{distance}" +distance = "{next_version}.dev{committer_date:%Y%m%d%H%M%S}" # Since pixi builds currently require the package version to be set statically in pyproject.toml, # and we solve that by temporarily changing pyproject.toml during build using the pixi tasks # sync-version and reset-toml, then we need to ignore uncommitted changes in order for the wheel # version to be consistent with the package version dirty = "{version}" -distance-dirty = "{next_version}.dev{distance}" +distance-dirty = "{next_version}.dev{committer_date:%Y%m%d%H%M%S}" [tool.versioningit.write] file = "src/packagenamepy/_version.py" From af0bbe1797652b3ed14761773a1e3d21ba9b19c3 Mon Sep 17 00:00:00 2001 From: Marie Backman Date: Wed, 25 Mar 2026 12:39:25 -0400 Subject: [PATCH 2/2] Modify audit-deps to ignore CVE-2026-4539 Updated the audit-deps command to ignore specific vulnerability CVE-2026-4539. --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index c86f49b..995d82b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -214,7 +214,7 @@ conda-publish = { cmd = "anaconda upload *.conda", description = "Publish the .c "conda-build", ] } # Misc -audit-deps = { cmd = "pip-audit --local -s osv", description = "Audit the package dependencies for vulnerabilities" } +audit-deps = { cmd = "pip-audit --local -s osv --ignore-vuln CVE-2026-4539", description = "Audit the package dependencies for vulnerabilities" } # Cleaning clean = { cmd = 'rm -rf .pytest_cache .ruff_cache **/*.egg-info **/dist **/__pycache__', description = "Clean up various caches and build artifacts" } clean-conda = { cmd = "rm -f *.conda", description = "Clean the local .conda build artifacts" }