Skip to content

chore: migrate ftrack-python from Poetry to uv #66

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
nemanjab17 wants to merge 4 commits into
base: main
Choose a base branch
from
Open

chore: migrate ftrack-python from Poetry to uv #66

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2c946dd
chore: migrate from Poetry to uv
nemanjab17 May 27, 2026
c0e6cca
fix: resolve formatting, sync and Aikido HIGH for uv migration
nemanjab17 May 28, 2026
3a10a12
ci: pin astral-sh/setup-uv to commit SHA
nemanjab17 May 28, 2026
e34473e
chore: pin uv exclude-newer = "14d"
nemanjab17 May 29, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 20 additions & 14 deletions .github/workflows/cicd.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,14 +39,19 @@ jobs:
python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13"]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
fetch-depth: 0
- name: Set up uv
uses: astral-sh/setup-uv@caf0cab7a618c569241d31dcd442f54681755d39 # v3.2.4
with:
version: "0.11.6"
enable-cache: true
- name: Set up Python ${{ matrix.python-version }}
run: uv python install ${{ matrix.python-version }}
- name: Sync dependencies
run: uv sync --all-groups --python ${{ matrix.python-version }}
- name: Run pytest
run: |
curl -sSL https://install.python-poetry.org | python - --version 1.8.5
poetry install
poetry run python -m pytest --disable-pytest-warnings
run: uv run --python ${{ matrix.python-version }} python -m pytest --disable-pytest-warnings
env:
FTRACK_SERVER: ${{ secrets.FTRACK_SERVER }}
FTRACK_API_USER: ${{ secrets.FTRACK_API_USER }}
Expand All @@ -57,16 +62,17 @@ jobs:
name: Build package distribution
steps:
- uses: actions/checkout@v1
- uses: actions/setup-python@v4
with:
python-version: "3.x"
fetch-depth: 0
Comment on lines 64 to +66
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Upgrade to actions/checkout@v4 for consistency and security.

The build job uses actions/checkout@v1 (released 2019), while the test job uses @v3. Version 1 is deprecated and missing years of security fixes and feature improvements. For consistency and security, both jobs should use the latest stable version (@v4).

⬆️ Proposed fix 
- uses: actions/checkout@v1
+ uses: actions/checkout@v4
  with:
    fetch-depth: 0
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- uses: actions/checkout@v1
- uses: actions/setup-python@v4
with:
python-version: "3.x"
fetch-depth: 0
- uses: actions/checkout@v4
with:
fetch-depth: 0
🧰 Tools
🪛 actionlint (1.7.12)

[error] 64-64: the runner of "actions/checkout@v1" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🪛 zizmor (1.25.2)

[warning] 64-66: credential persistence through GitHub Actions artifacts (artipacked): does not set persist-credentials: false

(artipacked)

[error] 64-64: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)

(unpinned-uses)

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/cicd.yml around lines 64 - 66, The workflow currently pins
the checkout action to "uses: actions/checkout@v1" in the build job; update that
reference to "actions/checkout@v4" so it matches the test job and benefits from
latest security and feature updates, and verify there are no other occurrences
of "actions/checkout@v1" in the workflow to update them as well.

- name: Set up uv
uses: astral-sh/setup-uv@caf0cab7a618c569241d31dcd442f54681755d39 # v3.2.4
with:
version: "0.11.6"
enable-cache: true
- name: Build
run: |
curl -sSL https://install.python-poetry.org | python - --version 1.8.5
poetry self add "poetry-dynamic-versioning[plugin]"
poetry install --only=dev --no-interaction
poetry build --format=wheel
poetry run twine check dist/*
run: uv build
- name: Twine check
run: uvx twine check dist/*
- uses: actions/upload-artifact@v4
with:
name: dist
Expand Down
41 changes: 22 additions & 19 deletions AGENTS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,20 +90,23 @@ source/ftrack_api/

### Prerequisites
- Python 3.8+
- Poetry for dependency management
- [uv](https://docs.astral.sh/uv/) for dependency management
- Git

### Installation

```bash
# Install dependencies
poetry install
# Install runtime + all dependency groups (dev + test)
uv sync --all-groups

# Install with dev dependencies
poetry install --with dev
# Install runtime only
uv sync --no-default-groups
Comment on lines +102 to +103
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Incorrect command for installing runtime dependencies only.

The command uv sync --no-default-groups skips the default runtime dependencies and would install nothing (no groups are specified). To install runtime dependencies only, use uv sync with no additional flags.

📝 Proposed fix 
-# Install runtime only
-uv sync --no-default-groups
+# Install runtime dependencies only
+uv sync
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
# Install runtime only
uv sync --no-default-groups
# Install runtime dependencies only
uv sync
🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@AGENTS.md` around lines 102 - 103, Replace the incorrect command "uv sync
--no-default-groups" with the correct invocation to install runtime dependencies
only: use "uv sync" (no flags). Update the AGENTS.md line that currently shows
uv sync --no-default-groups to instead show uv sync so the runtime dependencies
are installed correctly.


# Install with test dependencies
poetry install --with test
# Install with only the dev group
uv sync --group dev

# Install with only the test group
uv sync --group test
```

### Environment Variables
Expand Down Expand Up @@ -141,16 +144,16 @@ Required for API access:

```bash
# Run all tests
poetry run pytest
uv run pytest

# Run with coverage
poetry run pytest --cov=ftrack_api
uv run pytest --cov=ftrack_api

# Run specific test file
poetry run pytest test/unit/test_session.py
uv run pytest test/unit/test_session.py

# Disable warnings (CI mode)
poetry run pytest --disable-pytest-warnings
uv run pytest --disable-pytest-warnings
```

### Test Structure
Expand Down Expand Up @@ -184,19 +187,19 @@ test/

### Version Management

Uses **poetry-dynamic-versioning** for automatic versioning:
Uses **hatch-vcs** (via the `hatchling` build backend) for automatic versioning:
- Version extracted from git tags
- Format: `v{major}.{minor}.{patch}` (e.g., v2.5.1)
- Written to `source/ftrack_api/_version.py`
- Written to `source/ftrack_api/_version.py` at build time

### Building

```bash
# Build wheel
poetry build --format=wheel
uv build --wheel

# Validate distribution
poetry run twine check dist/*
uvx twine check dist/*
```

### CI/CD Pipeline
Expand Down Expand Up @@ -272,7 +275,7 @@ ftrack_api.mixin(entity, CustomMixin, name='CustomEntity')
## Important Files & Locations

### Configuration
- `pyproject.toml` - Poetry project config, dependencies
- `pyproject.toml` - PEP 621 project config (build via `hatchling` + `hatch-vcs`), runtime + dev/test dependency groups
- `pytest.ini` - Test configuration
- `.pre-commit-config.yaml` - Pre-commit hooks
- `setup.cfg` - Legacy setuptools config
Expand Down Expand Up @@ -325,13 +328,13 @@ ftrack_api.mixin(entity, CustomMixin, name='CustomEntity')

```bash
# Runtime dependency
poetry add package-name
uv add package-name

# Dev dependency
poetry add --group dev package-name
uv add --group dev package-name

# Test dependency
poetry add --group test package-name
uv add --group test package-name
```

## Integration Points
Expand Down
Loading
Loading