{"id":17046469,"url":"https://github.com/reubano/pkutils","last_synced_at":"2025-09-05T02:04:01.957Z","repository":{"id":1950477,"uuid":"45390398","full_name":"reubano/pkutils","owner":"reubano","description":"A Python packaging utility library","archived":false,"fork":false,"pushed_at":"2023-08-31T14:44:07.000Z","size":147,"stargazers_count":19,"open_issues_count":0,"forks_count":2,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-08-20T04:55:13.288Z","etag":null,"topics":["library","packaging"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/reubano.png","metadata":{"files":{"readme":"README.rst","changelog":"CHANGES.rst","contributing":"CONTRIBUTING.rst","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-11-02T11:26:14.000Z","updated_at":"2021-12-28T18:21:37.000Z","dependencies_parsed_at":"2024-06-19T22:59:38.274Z","dependency_job_id":null,"html_url":"https://github.com/reubano/pkutils","commit_stats":{"total_commits":148,"total_committers":3,"mean_commits":"49.333333333333336","dds":"0.020270270270270285","last_synced_commit":"4130e80147f029325ea2ab1c4fbafe86e8e3e57d"},"previous_names":[],"tags_count":40,"template":false,"template_full_name":null,"purl":"pkg:github/reubano/pkutils","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reubano%2Fpkutils","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reubano%2Fpkutils/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reubano%2Fpkutils/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reubano%2Fpkutils/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/reubano","download_url":"https://codeload.github.com/reubano/pkutils/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reubano%2Fpkutils/sbom","scorecard":{"id":772469,"data":{"date":"2025-08-11","repo":{"name":"github.com/reubano/pkutils","commit":"a1c5ffde53b6657f3cc648d1ae6f1932927d3c91"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.2,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 2/29 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: pipCommand not pinned by hash: helpers/pippy:19","Warn: pipCommand not pinned by hash: helpers/pippy:22","Warn: pipCommand not pinned by hash: helpers/pippy:28","Warn: pipCommand not pinned by hash: helpers/pippy:32","Warn: pipCommand not pinned by hash: helpers/pippy:38","Info: 0 out of 5 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":5,"reason":"5 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2024-48 / GHSA-fj7x-q9j7-g6q6","Warn: Project is vulnerable to: PYSEC-2025-49 / GHSA-5rjg-fvgr-3xxf","Warn: Project is vulnerable to: GHSA-cx63-2mw6-8hw5","Warn: Project is vulnerable to: PYSEC-2022-43012 / GHSA-r9hx-vwmv-q579","Warn: Project is vulnerable to: PYSEC-2022-43017 / GHSA-qwmp-2cf2-g9g6"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 3 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-23T02:33:32.486Z","repository_id":1950477,"created_at":"2025-08-23T02:33:32.487Z","updated_at":"2025-08-23T02:33:32.487Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273699712,"owners_count":25152286,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-05T02:00:09.113Z","response_time":402,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["library","packaging"],"created_at":"2024-10-14T09:46:21.556Z","updated_at":"2025-09-05T02:04:01.929Z","avatar_url":"https://github.com/reubano.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"pkutils: a Python packaging library\n===================================\n\n|travis| |versions| |pypi|\n\nIndex\n-----\n`Introduction`_ | `Requirements`_ | `Motivation`_ | `Usage`_ | `Installation`_ |\n`Project Structure`_ | `Design Principles`_ | `Scripts`_ | `Contributing`_ | `License`_\n\nIntroduction\n------------\n\npkutils is a Python library_ that simplifies python module packaging. It is\nintended to be used in your package's ``setup.py`` file.\n\nWith pkutils, you can\n\n- Parse requirements files\n- Determine your project's development status\n- Read text files\n- and much more...\n\nRequirements\n------------\n\npkutils has been tested and is known to work on Python 3.7, 3.8, and 3.9; and PyPy3.7.\n\nMotivation\n----------\n\nPython has a great packaging system, but to actually create and publish a\npackage requires a lot of work to do well. I designed pkutils to provide\nmany useful packaging use-cases out of the box. For example, to automatically\ninclude the contents of your ``requirements.txt`` file, simply add the following\nto ``setup.py``:\n\n.. code-block:: python\n\n import pkutils\n\n ...\n\n requirements = list(pkutils.parse_requirements('requirements.txt'))\n dev_requirements = list(pkutils.parse_requirements('dev-requirements.txt'))\n\n setup(\n ...\n install_requires=requirements,\n tests_require=dev_requirements,\n ...)\n\n.. _library:\n\nUsage\n-----\n\npkutils is intended to be used directly as a Python library.\n\n``my_package/__init__.py``\n\n.. code-block:: python\n\n __version__ = '0.5.4'\n\n __author__ = 'Reuben Cummings'\n __description__ = 'My super awesome great package'\n __email__ = 'reubano@gmail.com'\n __license__ = 'MIT'\n __copyright__ = 'Copyright 2015 Reuben Cummings'\n\nYou can set ``__title__`` explicitly in your Python file. If you leave\n``__title__`` unset, pkutils will use:\n\n* The parent directory for paths ending in ``__init__.py``.\n* The filename before the extention for other paths\n (e.g. ``my_package`` for ``my_package.py``).\n\n``setup.py``\n\n.. code-block:: python\n\n import pkutils\n\n try:\n from setuptools import setup\n except ImportError:\n from distutils.core import setup\n\n requirements = list(pkutils.parse_requirements('requirements.txt'))\n dependencies = list(pkutils.parse_requirements('requirements.txt', True))\n dev_requirements = list(pkutils.parse_requirements('dev-requirements.txt'))\n readme = pkutils.read('README.rst')\n module = pkutils.parse_module('my_package/__init__.py')\n version = module.__version__\n project = module.__title__\n email = module.__email__\n user = pkutils.get_user(email)\n\n setup(\n name=project,\n version=version,\n description=module.__description__,\n long_description=readme,\n author=module.__author__,\n author_email=email,\n install_requires=requirements,\n tests_require=dev_requirements,\n dependency_links=dependencies,\n setup_requires=['pkutils'],\n url=pkutils.get_url(project, user),\n download_url=pkutils.get_dl_url(project, user, version),\n classifiers=[\n pkutils.get_license(module.__license__),\n pkutils.get_status(version),\n ...\n ],\n ...\n )\n\nThis is then converted into something like the following:\n\n.. code-block:: python\n\n ...\n\n setup(\n name='my_package',\n version='0.5.4',\n description='My super awesome great package',\n long_description='my_package: a super awesome great...',\n author='Reuben Cummings',\n author_email='reubano@gmail.com',\n install_requires=['semver==2.2.1'],\n tests_require=['semver==2.2.1', 'wheel==0.24.0', 'flake8==2.5.1', ...],\n dependency_links=[],\n setup_requires=['pkutils'],\n url='https://github.com/reubano/pkutils',\n download_url='https://github.com/reubano/pkutils/archive/v0.5.4.tar.gz',\n classifiers=[\n 'License :: OSI Approved :: MIT License',\n 'Development Status :: 4 - Beta',\n ...\n ],\n ...\n )\n\nInstallation\n------------\n\n(You are using a `virtualenv`_, right?)\n\nAt the command line, install pkutils using either ``pip`` (*recommended*)\n\n.. code-block:: bash\n\n pip install -u pkutils\n\nor ``easy_install``\n\n.. code-block:: bash\n\n easy_install pkutils\n\nPlease see the `installation doc`_ for more details.\n\nProject Structure\n-----------------\n\n.. code-block:: bash\n\n ┌── CHANGES.rst\n ├── CONTRIBUTING.rst\n ├── LICENSE\n ├── MANIFEST.in\n ├── Makefile\n ├── README.md\n ├── dev-requirements.txt\n ├── helpers\n │   ├── check-stage\n │   ├── clean\n │   ├── srcdist\n │   ├── test\n │   └── wheel\n ├── manage.py\n ├── pkutils.py\n ├── requirements.txt\n ├── setup.cfg\n ├── setup.py\n ├── tests\n │   ├── __init__.py\n │   └── standard.rc\n └── tox.ini\n\nDesign Principles\n-----------------\n\n- minimize external dependencies\n- prefer functions over objects\n- keep the API as simple as possible\n\nScripts\n-------\n\npkutils comes with a built in task manager ``manage.py``\n\nSetup\n~~~~~\n\n.. code-block:: bash\n\n pip install -r dev-requirements.txt\n\nExamples\n~~~~~~~~\n\n*View available commands*\n\n.. code-block:: bash\n\n manage\n\n*Show help for a given command*\n\n.. code-block:: bash\n\n manage \u003ccommand\u003e -h\n\n*Run python linter and nose tests*\n\n.. code-block:: bash\n\n manage lint\n manage test\n\nOr if ``make`` is more your speed...\n\n.. code-block:: bash\n\n make lint\n make test\n\nContributing\n------------\n\nPlease mimic the coding style/conventions used in this repo.\nIf you add new classes or functions, please add the appropriate doc blocks with\nexamples. Also, make sure the python linter and nose tests pass.\n\nPlease see the `contributing doc`_ for more details.\n\nLicense\n-------\n\npkutils is distributed under the `MIT License`_.\n\n.. |travis| image:: https://img.shields.io/travis/reubano/pkutils.svg\n :target: https://app.travis-ci.com/github/reubano/pkutils\n\n.. |versions| image:: https://img.shields.io/pypi/pyversions/pkutils.svg\n :target: https://pypi.python.org/pypi/pkutils\n\n.. |pypi| image:: https://img.shields.io/pypi/v/pkutils.svg\n :target: https://pypi.python.org/pypi/pkutils\n\n.. _MIT License: http://opensource.org/licenses/MIT\n.. _virtualenv: http://www.virtualenv.org/en/latest/index.html\n.. _contributing doc: https://github.com/reubano/pkutils/blob/master/CONTRIBUTING.rst\n.. _installation doc: https://github.com/reubano/bump/blob/master/INSTALLATION.rst\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Freubano%2Fpkutils","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Freubano%2Fpkutils","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Freubano%2Fpkutils/lists"}