v0.2.0 releases + new packages (email, limiter, pytest)#16
Open
PenguinzTech wants to merge 20 commits into
Open
v0.2.0 releases + new packages (email, limiter, pytest)#16PenguinzTech wants to merge 20 commits into
PenguinzTech wants to merge 20 commits into
Conversation
…ter CI
Version bumps:
- penguin-dal, penguin-libs, penguin-utils → 0.2.0
- penguin-aaa, penguin-licensing, penguin-secrets → 0.2.0
New packages (first publish):
- penguin-email 0.1.0 — SMTP/Gmail email client with Jinja2 templates
- penguin-limiter 0.1.0 — rate limiting (fixed window, sliding window, token bucket)
- penguin-pytest 0.1.0 — shared pytest fixtures and utilities
CI / housekeeping:
- Add penguin-limiter publish job (environment: py-limiter) to publish.yml
- Replace hardcoded ghp_* token in .npmrc (root + react-libs) with ${GITHUB_TOKEN}
- Add .coverage and .npmrc.local to .gitignore to prevent future accidental commits
- Pin dependency digests across workflows and configs
- Restructure .claude/ skills/rules to new standard layout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
Sorry @PenguinzTech, your pull request is larger than the review limit of 150000 diff characters
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
penguin-sal had a complete core framework (base adapter, types, exceptions, URI parser, adapter registry) but zero concrete adapter implementations. This adds all 11 registered backends with full unit tests (484 total). Adapters: Vault, AWS SM, GCP SM, Azure KV, Kubernetes, Infisical, CyberArk Conjur, OCI Vault, 1Password, Passbolt, Doppler. Also includes standard updates (rules/skills symlink cleanup, LICENSE.md). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
penguin-dal now provides drop-in PyDAL compatibility:
- Field class with PyDAL-style type system (string, text, integer, reference, etc.)
- define_table() method on DB/AsyncDB for programmatic schema creation
- DAL = DB alias for PyDAL consumers
- All types mapped to SQLAlchemy columns
- Auto-id primary key when not explicitly provided
- Validator integration with requires parameter
- 243 tests passing, lint clean
Enables seamless migration from pydal:
from penguin_dal import DAL, Field
db = DAL("sqlite:///app.db", migrate=False)
db.define_table("users", Field("name", "string"), Field("email", "string", notnull=True))
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
penguin-dal 0.2.1: Add Field class and define_table() for PyDAL compatibility penguin-sal 0.2.0: Add all 11 secrets backend adapters (Vault, AWS, GCP, Azure, K8s, Infisical, CyberArk, OCI, 1Password, Passbolt, Doppler) Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
…v0.3.0 Implements all 12 missing validator classes from issue #19: IS_NOT_EMPTY, IS_LENGTH, IS_EMAIL, IS_IN_SET, IS_MATCH, IS_NOT_IN_DB, IS_IN_DB, IS_INT_IN_RANGE, IS_IPADDRESS, IS_JSON, IS_DATETIME, IS_NULL_OR. Validators follow PyDAL's (value, error_or_None) tuple return convention. TableProxy._run_validators updated to handle both the new tuple-style and legacy raise-style validators transparently. All 12 classes exported from penguin_dal top-level package. Closes #19 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Fix react-aaa, react-libs, react-testutils: typescript@5.3.0 was never published as a stable release; pin to 5.3.3 (actual 5.3.x stable) - Fix python-secrets: add hvac>=2.0.0 to [dev] deps so test_vault_adapter can import it during CI - Bump patch versions: penguin-sal 0.2.0->0.2.1, react-libs 1.3.0->1.3.1, react-aaa 0.1.0->0.1.1, react-testutils 0.1.0->0.1.1 - Regenerate package-lock.json Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
TypeScript 5.3.x is stricter about JSX component types and Zod param shapes.
- Bump @types/react 18.2.0 -> 18.2.79 (fixes TS2786 JSX component errors)
- Bump @types/react-dom 18.2.0 -> 18.2.25 in react-libs
- Fix FormModalBuilder.tsx: use { invalid_type_error } instead of bare
string for z.enum, z.literal, z.coerce.number params (Zod 3.22 API)
- Regenerate package-lock.json
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…eact-aaa to 0.1.2, react-libs to 1.3.2 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…React CI jobs - react-aaa 0.1.1 → 0.1.2, react-libs 1.3.1 → 1.3.2 - Add npm audit --omit=dev to build-react and build-react-testutils jobs - Run audit at repo root (covers all workspaces) instead of per-package dir Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…ishing
setup-node action injects the token as NODE_AUTH_TOKEN, not GITHUB_TOKEN.
Root and react-libs .npmrc were using ${GITHUB_TOKEN} which is not set as
an env var in GHA — causing E401 on npm publish since March 29 when these
files were added.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…rc auth fix) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
…registry - Update publishConfig in react-libs, react-aaa, react-testutils to registry.npmjs.org - Switch publish workflow to use NPM_TOKEN secret and registry.npmjs.org - Update .npmrc auth token lines to point to registry.npmjs.org - Bump react-libs 1.3.3→1.3.4, react-aaa 0.1.3→0.1.4, react-testutils 0.1.1→0.1.2 Requires NPM_TOKEN secret to be set in GitHub repo settings. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
All alerts resolved. Learn more about Socket for GitHub. This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. |
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
PenguinzTech
added a commit
that referenced
this pull request
May 1, 2026
- Fix react-aaa, react-libs, react-testutils: typescript@5.3.0 was never published as a stable release; pin to 5.3.3 (actual 5.3.x stable) - Fix python-secrets: add hvac>=2.0.0 to [dev] deps so test_vault_adapter can import it during CI - Bump patch versions: penguin-sal 0.2.0->0.2.1, react-libs 1.3.0->1.3.1, react-aaa 0.1.0->0.1.1, react-testutils 0.1.0->0.1.1 - Regenerate package-lock.json Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
penguin-limiterpublish job topublish.yml(environment:py-limiter)ghp_*token in.npmrc(root +react-libs/) with${GITHUB_TOKEN}.coverageand.npmrc.localto.gitignoreto prevent future accidental commits.claude/skills/rules to new standard layoutTest plan
penguin-dal==0.2.0,penguin-libs==0.2.0,penguin-utils==0.2.0visible on PyPIpenguin-email==0.1.0,penguin-limiter==0.1.0,penguin-pytest==0.1.0visible on PyPI.npmrcfiles no longer contain hardcoded tokens🤖 Generated with Claude Code