Release version 0.45.2

Merge pull request #273 from josegonzalez/dependabot/pip/idna-3.7
chore(deps): bump idna from 3.6 to 3.7
2025-12-05 16:18:02 +01:00 · 2024-05-04 18:36:39 +00:00 · 2024-04-15 20:33:30 -04:00 · 2024-04-12 04:16:01 +00:00 · 2024-04-04 00:18:08 -04:00 · 2024-04-03 13:34:48 +00:00
9 changed files with 463 additions and 29 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -9,3 +9,7 @@ updates:
    python-packages:
      patterns:
        - "*"
+- package-ecosystem: "github-actions"
+  directory: "/"
+  schedule:
+    interval: "weekly"
--- a/.github/workflows/automatic-release.yml
+++ b/.github/workflows/automatic-release.yml
@@ -27,7 +27,7 @@ jobs:
                git config --local user.email "action@github.com"
                git config --local user.name "GitHub Action"
            - name: Setup Python
-              uses: actions/setup-python@v4
+              uses: actions/setup-python@v5
              with:
                python-version: '3.8'
            - name: Install prerequisites
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -38,16 +38,18 @@ jobs:

    steps:
      - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: false

      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3

      - name: Log in to the Container registry
-        uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
+        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
@@ -55,7 +57,7 @@ jobs:

      - name: Extract metadata (tags, labels) for Docker
        id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
          tags: |
@@ -66,7 +68,7 @@ jobs:
            type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}

      - name: Build and push Docker image
-        uses:  docker/build-push-action@v4
+        uses:  docker/build-push-action@v5
        with:
          context: .
          push: true
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -22,7 +22,7 @@ jobs:
        with:
          fetch-depth: 0
      - name: Setup Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: "3.8"
          cache: "pip"
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -1,9 +1,423 @@
 Changelog
 =========

-0.45.0 (2024-01-29)
+0.45.2 (2024-05-04)
 -------------------
 ------------------------
+- Chore(deps): bump idna from 3.6 to 3.7. [dependabot[bot]]
+
+  Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7.
+  - [Release notes](https://github.com/kjd/idna/releases)
+  - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
+  - [Commits](https://github.com/kjd/idna/compare/v3.6...v3.7)
+
+  ---
+  updated-dependencies:
+  - dependency-name: idna
+    dependency-type: direct:production
+  ...
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [keyring](https://github.com/jaraco/keyring).
+
+
+  Updates `keyring` from 25.0.0 to 25.1.0
+  - [Release notes](https://github.com/jaraco/keyring/releases)
+  - [Changelog](https://github.com/jaraco/keyring/blob/main/NEWS.rst)
+  - [Commits](https://github.com/jaraco/keyring/compare/v25.0.0...v25.1.0)
+
+  ---
+  updated-dependencies:
+  - dependency-name: keyring
+    dependency-type: direct:production
+    update-type: version-update:semver-minor
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [jaraco-classes](https://github.com/jaraco/jaraco.classes).
+
+
+  Updates `jaraco-classes` from 3.3.1 to 3.4.0
+  - [Release notes](https://github.com/jaraco/jaraco.classes/releases)
+  - [Changelog](https://github.com/jaraco/jaraco.classes/blob/main/NEWS.rst)
+  - [Commits](https://github.com/jaraco/jaraco.classes/compare/v3.3.1...v3.4.0)
+
+  ---
+  updated-dependencies:
+  - dependency-name: jaraco-classes
+    dependency-type: direct:production
+    update-type: version-update:semver-minor
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [keyring](https://github.com/jaraco/keyring).
+
+
+  Updates `keyring` from 24.3.1 to 25.0.0
+  - [Release notes](https://github.com/jaraco/keyring/releases)
+  - [Changelog](https://github.com/jaraco/keyring/blob/main/NEWS.rst)
+  - [Commits](https://github.com/jaraco/keyring/compare/v24.3.1...v25.0.0)
+
+  ---
+  updated-dependencies:
+  - dependency-name: keyring
+    dependency-type: direct:production
+    update-type: version-update:semver-major
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [importlib-metadata](https://github.com/python/importlib_metadata).
+
+
+  Updates `importlib-metadata` from 7.0.2 to 7.1.0
+  - [Release notes](https://github.com/python/importlib_metadata/releases)
+  - [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst)
+  - [Commits](https://github.com/python/importlib_metadata/compare/v7.0.2...v7.1.0)
+
+  ---
+  updated-dependencies:
+  - dependency-name: importlib-metadata
+    dependency-type: direct:production
+    update-type: version-update:semver-minor
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump actions/setup-python from 4 to 5. [dependabot[bot]]
+
+  Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5.
+  - [Release notes](https://github.com/actions/setup-python/releases)
+  - [Commits](https://github.com/actions/setup-python/compare/v4...v5)
+
+  ---
+  updated-dependencies:
+  - dependency-name: actions/setup-python
+    dependency-type: direct:production
+    update-type: version-update:semver-major
+  ...
+- Scheduled dependabot for GitHub Actions. [paranerd]
+- Chore(deps): bump the python-packages group with 2 updates.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 2 updates: [autopep8](https://github.com/hhatto/autopep8) and [black](https://github.com/psf/black).
+
+
+  Updates `autopep8` from 2.0.4 to 2.1.0
+  - [Release notes](https://github.com/hhatto/autopep8/releases)
+  - [Commits](https://github.com/hhatto/autopep8/compare/v2.0.4...v2.1.0)
+
+  Updates `black` from 24.2.0 to 24.3.0
+  - [Release notes](https://github.com/psf/black/releases)
+  - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
+  - [Commits](https://github.com/psf/black/compare/24.2.0...24.3.0)
+
+  ---
+  updated-dependencies:
+  - dependency-name: autopep8
+    dependency-type: direct:production
+    update-type: version-update:semver-minor
+    dependency-group: python-packages
+  - dependency-name: black
+    dependency-type: direct:production
+    update-type: version-update:semver-minor
+    dependency-group: python-packages
+  ...
+- Added Docker info to README. [paranerd]
+- Disable credential persistance on checkout. [paranerd]
+- Bumped actions versions to latest. [paranerd]
+
+
+0.45.1 (2024-03-17)
+-------------------
+- Remove trailing whitespaces. [dale-primer-e]
+
+  That are triggering flake.
+- Fix error with as_app flag. [dale-primer-e]
+- Fix error downloading assets. [dale-primer-e]
+
+  When downloading assets using a fine grained token you will get a "can't
+  concat str to bytes" error. This is due to the fine grained token being
+  concatenated onto bytes in the line:
+
+  `request.add_header("Authorization", "Basic ".encode("ascii") + auth)`
+
+  This is better handled in the function `_construct_request` so I changed
+  the lines that construct the request in `download_file` to use the
+  function `_construct_request` and updated the function signature to
+  reflect that.
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [zipp](https://github.com/jaraco/zipp).
+
+
+  Updates `zipp` from 3.18.0 to 3.18.1
+  - [Release notes](https://github.com/jaraco/zipp/releases)
+  - [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst)
+  - [Commits](https://github.com/jaraco/zipp/compare/v3.18.0...v3.18.1)
+
+  ---
+  updated-dependencies:
+  - dependency-name: zipp
+    dependency-type: direct:production
+    update-type: version-update:semver-patch
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [zipp](https://github.com/jaraco/zipp).
+
+
+  Updates `zipp` from 3.17.0 to 3.18.0
+  - [Release notes](https://github.com/jaraco/zipp/releases)
+  - [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst)
+  - [Commits](https://github.com/jaraco/zipp/compare/v3.17.0...v3.18.0)
+
+  ---
+  updated-dependencies:
+  - dependency-name: zipp
+    dependency-type: direct:production
+    update-type: version-update:semver-minor
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 2 updates.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 2 updates: [importlib-metadata](https://github.com/python/importlib_metadata) and [packaging](https://github.com/pypa/packaging).
+
+
+  Updates `importlib-metadata` from 7.0.1 to 7.0.2
+  - [Release notes](https://github.com/python/importlib_metadata/releases)
+  - [Changelog](https://github.com/python/importlib_metadata/blob/main/NEWS.rst)
+  - [Commits](https://github.com/python/importlib_metadata/compare/v7.0.1...v7.0.2)
+
+  Updates `packaging` from 23.2 to 24.0
+  - [Release notes](https://github.com/pypa/packaging/releases)
+  - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
+  - [Commits](https://github.com/pypa/packaging/compare/23.2...24.0)
+
+  ---
+  updated-dependencies:
+  - dependency-name: importlib-metadata
+    dependency-type: direct:production
+    update-type: version-update:semver-patch
+    dependency-group: python-packages
+  - dependency-name: packaging
+    dependency-type: direct:production
+    update-type: version-update:semver-major
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 2 updates.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 2 updates: [pkginfo](https://code.launchpad.net/~tseaver/pkginfo/trunk) and [rich](https://github.com/Textualize/rich).
+
+
+  Updates `pkginfo` from 1.9.6 to 1.10.0
+
+  Updates `rich` from 13.7.0 to 13.7.1
+  - [Release notes](https://github.com/Textualize/rich/releases)
+  - [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
+  - [Commits](https://github.com/Textualize/rich/compare/v13.7.0...v13.7.1)
+
+  ---
+  updated-dependencies:
+  - dependency-name: pkginfo
+    dependency-type: direct:production
+    update-type: version-update:semver-minor
+    dependency-group: python-packages
+  - dependency-name: rich
+    dependency-type: direct:production
+    update-type: version-update:semver-patch
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [keyring](https://github.com/jaraco/keyring).
+
+
+  Updates `keyring` from 24.3.0 to 24.3.1
+  - [Release notes](https://github.com/jaraco/keyring/releases)
+  - [Changelog](https://github.com/jaraco/keyring/blob/main/NEWS.rst)
+  - [Commits](https://github.com/jaraco/keyring/compare/v24.3.0...v24.3.1)
+
+  ---
+  updated-dependencies:
+  - dependency-name: keyring
+    dependency-type: direct:production
+    update-type: version-update:semver-patch
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [readme-renderer](https://github.com/pypa/readme_renderer).
+
+
+  Updates `readme-renderer` from 42.0 to 43.0
+  - [Release notes](https://github.com/pypa/readme_renderer/releases)
+  - [Changelog](https://github.com/pypa/readme_renderer/blob/main/CHANGES.rst)
+  - [Commits](https://github.com/pypa/readme_renderer/compare/42.0...43.0)
+
+  ---
+  updated-dependencies:
+  - dependency-name: readme-renderer
+    dependency-type: direct:production
+    update-type: version-update:semver-major
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [urllib3](https://github.com/urllib3/urllib3).
+
+
+  Updates `urllib3` from 2.2.0 to 2.2.1
+  - [Release notes](https://github.com/urllib3/urllib3/releases)
+  - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
+  - [Commits](https://github.com/urllib3/urllib3/compare/2.2.0...2.2.1)
+
+  ---
+  updated-dependencies:
+  - dependency-name: urllib3
+    dependency-type: direct:production
+    update-type: version-update:semver-patch
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [black](https://github.com/psf/black).
+
+
+  Updates `black` from 24.1.1 to 24.2.0
+  - [Release notes](https://github.com/psf/black/releases)
+  - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
+  - [Commits](https://github.com/psf/black/compare/24.1.1...24.2.0)
+
+  ---
+  updated-dependencies:
+  - dependency-name: black
+    dependency-type: direct:production
+    update-type: version-update:semver-minor
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 2 updates.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 2 updates: [tqdm](https://github.com/tqdm/tqdm) and [twine](https://github.com/pypa/twine).
+
+
+  Updates `tqdm` from 4.66.1 to 4.66.2
+  - [Release notes](https://github.com/tqdm/tqdm/releases)
+  - [Commits](https://github.com/tqdm/tqdm/compare/v4.66.1...v4.66.2)
+
+  Updates `twine` from 4.0.2 to 5.0.0
+  - [Release notes](https://github.com/pypa/twine/releases)
+  - [Changelog](https://github.com/pypa/twine/blob/main/docs/changelog.rst)
+  - [Commits](https://github.com/pypa/twine/compare/4.0.2...5.0.0)
+
+  ---
+  updated-dependencies:
+  - dependency-name: tqdm
+    dependency-type: direct:production
+    update-type: version-update:semver-patch
+    dependency-group: python-packages
+  - dependency-name: twine
+    dependency-type: direct:production
+    update-type: version-update:semver-major
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [jaraco-classes](https://github.com/jaraco/jaraco.classes).
+
+
+  Updates `jaraco-classes` from 3.3.0 to 3.3.1
+  - [Release notes](https://github.com/jaraco/jaraco.classes/releases)
+  - [Changelog](https://github.com/jaraco/jaraco.classes/blob/main/NEWS.rst)
+  - [Commits](https://github.com/jaraco/jaraco.classes/compare/v3.3.0...v3.3.1)
+
+  ---
+  updated-dependencies:
+  - dependency-name: jaraco-classes
+    dependency-type: direct:production
+    update-type: version-update:semver-patch
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [certifi](https://github.com/certifi/python-certifi).
+
+
+  Updates `certifi` from 2023.11.17 to 2024.2.2
+  - [Commits](https://github.com/certifi/python-certifi/compare/2023.11.17...2024.02.02)
+
+  ---
+  updated-dependencies:
+  - dependency-name: certifi
+    dependency-type: direct:production
+    update-type: version-update:semver-major
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 2 updates.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 2 updates: [platformdirs](https://github.com/platformdirs/platformdirs) and [urllib3](https://github.com/urllib3/urllib3).
+
+
+  Updates `platformdirs` from 4.1.0 to 4.2.0
+  - [Release notes](https://github.com/platformdirs/platformdirs/releases)
+  - [Changelog](https://github.com/platformdirs/platformdirs/blob/main/CHANGES.rst)
+  - [Commits](https://github.com/platformdirs/platformdirs/compare/4.1.0...4.2.0)
+
+  Updates `urllib3` from 2.1.0 to 2.2.0
+  - [Release notes](https://github.com/urllib3/urllib3/releases)
+  - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
+  - [Commits](https://github.com/urllib3/urllib3/compare/2.1.0...2.2.0)
+
+  ---
+  updated-dependencies:
+  - dependency-name: platformdirs
+    dependency-type: direct:production
+    update-type: version-update:semver-minor
+    dependency-group: python-packages
+  - dependency-name: urllib3
+    dependency-type: direct:production
+    update-type: version-update:semver-minor
+    dependency-group: python-packages
+  ...
+- Chore(deps): bump the python-packages group with 1 update.
+  [dependabot[bot]]
+
+  Bumps the python-packages group with 1 update: [black](https://github.com/psf/black).
+
+
+  Updates `black` from 24.1.0 to 24.1.1
+  - [Release notes](https://github.com/psf/black/releases)
+  - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
+  - [Commits](https://github.com/psf/black/compare/24.1.0...24.1.1)
+
+  ---
+  updated-dependencies:
+  - dependency-name: black
+    dependency-type: direct:production
+    update-type: version-update:semver-patch
+    dependency-group: python-packages
+  ...
+
+
+0.45.0 (2024-01-29)
+-------------------

 Fix
 ~~~
--- a/README.rst
+++ b/README.rst
@@ -212,6 +212,13 @@ When you use the ``--lfs`` option, you will need to make sure you have Git LFS i
 Instructions on how to do this can be found on https://git-lfs.github.com.


+Run in Docker container
+-----------------------
+
+To run the tool in a Docker container use the following command:
+
+    sudo docker run --rm -v /path/to/backup:/data --name github-backup ghcr.io/josegonzalez/python-github-backup -o /data $OPTIONS $USER
+
 Gotchas / Known-issues
 ======================

--- a/github_backup/init.py
+++ b/github_backup/init.py
@@ -1 +1 @@
-__version__ = "0.45.0"
+__version__ = "0.45.2"
--- a/github_backup/github_backup.py
+++ b/github_backup/github_backup.py
@@ -777,14 +777,19 @@ class S3HTTPRedirectHandler(HTTPRedirectHandler):
        return request


-def download_file(url, path, auth):
+def download_file(url, path, auth, as_app=False, fine=False):
    # Skip downloading release assets if they already exist on disk so we don't redownload on every sync
    if os.path.exists(path):
        return

-    request = Request(url)
+    request = _construct_request(per_page=100,
+                                 page=1,
+                                 query_args={},
+                                 template=url,
+                                 auth=auth,
+                                 as_app=as_app,
+                                 fine=fine)
    request.add_header("Accept", "application/octet-stream")
-    request.add_header("Authorization", "Basic ".encode("ascii") + auth)
    opener = build_opener(S3HTTPRedirectHandler)

    try:
@@ -1255,6 +1260,8 @@ def backup_releases(args, repo_cwd, repository, repos_template, include_assets=F
                        asset["url"],
                        os.path.join(release_assets_cwd, asset["name"]),
                        get_auth(args),
+                        as_app=args.as_app,
+                        fine=True if args.token_fine is not None else False
                    )


--- a/release-requirements.txt
+++ b/release-requirements.txt
@@ -1,38 +1,38 @@
-autopep8==2.0.4
-black==24.1.0
+autopep8==2.1.0
+black==24.3.0
 bleach==6.1.0
-certifi==2023.11.17
+certifi==2024.2.2
 charset-normalizer==3.3.2
 click==8.1.7
 colorama==0.4.6
 docutils==0.20.1
 flake8==7.0.0
 gitchangelog==3.0.4
-idna==3.6
-importlib-metadata==7.0.1
-jaraco.classes==3.3.0
-keyring==24.3.0
+idna==3.7
+importlib-metadata==7.1.0
+jaraco.classes==3.4.0
+keyring==25.1.0
 markdown-it-py==3.0.0
 mccabe==0.7.0
 mdurl==0.1.2
 more-itertools==10.2.0
 mypy-extensions==1.0.0
-packaging==23.2
+packaging==24.0
 pathspec==0.12.1
-pkginfo==1.9.6
-platformdirs==4.1.0
+pkginfo==1.10.0
+platformdirs==4.2.0
 pycodestyle==2.11.1
 pyflakes==3.2.0
 Pygments==2.17.2
-readme-renderer==42.0
+readme-renderer==43.0
 requests==2.31.0
 requests-toolbelt==1.0.0
 restructuredtext-lint==1.4.0
 rfc3986==2.0.0
-rich==13.7.0
+rich==13.7.1
 six==1.16.0
-tqdm==4.66.1
-twine==4.0.2
-urllib3==2.1.0
+tqdm==4.66.2
+twine==5.0.0
+urllib3==2.2.1
 webencodings==0.5.1
-zipp==3.17.0
+zipp==3.18.1