From cc5c53fb1774913aa82b39912514498be15c0fc1 Mon Sep 17 00:00:00 2001
From: arielev <levinsonarie@gmail.com>
Date: Fri, 2 Jan 2026 14:06:17 +0200
Subject: [PATCH 1/6] upgrade flake/coverage and add test-results

---
 .github/workflows/pythonpackage.yml | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml
index e65ac01..165d2d3 100644
--- a/.github/workflows/pythonpackage.yml
+++ b/.github/workflows/pythonpackage.yml
@@ -22,6 +22,7 @@ on:
 
 jobs:
   test:
+    name: Python Test - ${{ matrix.python-version }}
     runs-on: ubuntu-latest
     strategy:
       max-parallel: 4
@@ -41,7 +42,7 @@ jobs:
 
     - name: Lint with flake8
       run: |
-        pip install flake8==7.1.2
+        pip install flake8==7.3.0
         # stop the build if there are Python syntax errors or undefined names
         flake8 . --count --show-source --statistics --exclude=.venv
         # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
@@ -50,7 +51,7 @@ jobs:
     - name: Test with unittest (codecov)
       run: |
         pip install -r requirements.txt
-        pip install coverage==7.6
+        pip install coverage==7.13
         # discover all tests in the test directory
         python -m coverage run --omit '.venv/*' -m unittest discover test -vv -t .
 
@@ -68,14 +69,27 @@ jobs:
         fail_ci_if_error: true
         verbose: true
 
+  test-results:
+    name: Python test results
+    needs: [test]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Tests passed
+        if: ${{ !(contains(needs.*.result, 'failure')) }}
+        run: exit 0
+      - name: Tests failed
+        if: ${{ (contains(needs.*.result, 'failure')) }}
+        run: exit 1
+
   test-container-image:
+    name: Container Image Test
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v4
 
     - name: Run Checkov action
       id: checkov
-      uses: bridgecrewio/checkov-action@v12.1347.0
+      uses: bridgecrewio/checkov-action@v12
       with:
         framework: dockerfile
         dockerfile_path: Dockerfile
@@ -98,6 +112,7 @@ jobs:
           --verify v2.3.5+test
 
   simulate:
+    name: Publish Simulation
     if: github.ref != 'refs/heads/master'
     needs: [test, test-container-image]
     runs-on: ubuntu-latest

From 7aa1d4973145e1ee5cf5e0a94994af0af058d6a5 Mon Sep 17 00:00:00 2001
From: arielev <levinsonarie@gmail.com>
Date: Fri, 2 Jan 2026 14:09:12 +0200
Subject: [PATCH 2/6] remove python 3.8

---
 .github/workflows/pythonpackage.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml
index 165d2d3..95201d5 100644
--- a/.github/workflows/pythonpackage.yml
+++ b/.github/workflows/pythonpackage.yml
@@ -28,7 +28,6 @@ jobs:
       max-parallel: 4
       matrix:
         python-version:
-          - "3.8" # EOL 2024-10
           - "3.9"
           - "3.12"
           #- "3.13"

From 6d9998c79d3bb831eceb52cf12ffae8f19f60cc2 Mon Sep 17 00:00:00 2001
From: arielev <levinsonarie@gmail.com>
Date: Fri, 2 Jan 2026 14:10:16 +0200
Subject: [PATCH 3/6] remove python 3.9

---
 .github/workflows/pythonpackage.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml
index 95201d5..7612573 100644
--- a/.github/workflows/pythonpackage.yml
+++ b/.github/workflows/pythonpackage.yml
@@ -28,7 +28,7 @@ jobs:
       max-parallel: 4
       matrix:
         python-version:
-          - "3.9"
+          - "3.11"
           - "3.12"
           #- "3.13"
     steps:

From 155f656f31f0110ed60fe90a0d2fb77a83eaf643 Mon Sep 17 00:00:00 2001
From: arielev <levinsonarie@gmail.com>
Date: Fri, 2 Jan 2026 14:16:36 +0200
Subject: [PATCH 4/6] remove usage of local versions

---
 .github/workflows/pythonpackage.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml
index 7612573..75af4f2 100644
--- a/.github/workflows/pythonpackage.yml
+++ b/.github/workflows/pythonpackage.yml
@@ -128,6 +128,8 @@ jobs:
           # Using --metadata flag for PEP 440 compatibility (+ instead of -)
           pybump bump --level patch --file pyproject.toml
           echo "app_version=$(pybump set --auto --metadata --file pyproject.toml)" >> $GITHUB_OUTPUT
+          # PyPI/TestPyPI reject PEP 440 local versions (1.2.3+sha); normalize version for publishing
+          sed -i '/^version *= */ s/+/\./g' pyproject.toml
       - name: Install uv
         uses: astral-sh/setup-uv@v5
         with:

From 954aa4b7a0ef0807725501df18f74ad57cce1fb5 Mon Sep 17 00:00:00 2001
From: arielev <levinsonarie@gmail.com>
Date: Fri, 2 Jan 2026 14:20:12 +0200
Subject: [PATCH 5/6] set valid version for pep 440

---
 .github/workflows/pythonpackage.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml
index 75af4f2..fe8fd66 100644
--- a/.github/workflows/pythonpackage.yml
+++ b/.github/workflows/pythonpackage.yml
@@ -128,8 +128,9 @@ jobs:
           # Using --metadata flag for PEP 440 compatibility (+ instead of -)
           pybump bump --level patch --file pyproject.toml
           echo "app_version=$(pybump set --auto --metadata --file pyproject.toml)" >> $GITHUB_OUTPUT
-          # PyPI/TestPyPI reject PEP 440 local versions (1.2.3+sha); normalize version for publishing
-          sed -i '/^version *= */ s/+/\./g' pyproject.toml
+          # PyPI/TestPyPI do not accept PEP 440 local versions (1.2.3+sha);
+          # replace local version with a PEP 440–compliant dev release for publishing
+          sed -i 's/^\(version *= *"\)\([^+"]*\)+\([^"]*\)"/\1\2.dev\3"/' pyproject.toml
       - name: Install uv
         uses: astral-sh/setup-uv@v5
         with:

From a28c57e5ac7316470784c53aec4c7b38268c0ea4 Mon Sep 17 00:00:00 2001
From: arielev <levinsonarie@gmail.com>
Date: Fri, 2 Jan 2026 14:35:38 +0200
Subject: [PATCH 6/6] remove any sha in version as its not valid pep 440

---
 .github/workflows/pythonpackage.yml | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml
index fe8fd66..c65a0d3 100644
--- a/.github/workflows/pythonpackage.yml
+++ b/.github/workflows/pythonpackage.yml
@@ -127,10 +127,8 @@ jobs:
           # Bump patch, then set commit SHA as metadata (+sha) for unique test.pypi.org versions
           # Using --metadata flag for PEP 440 compatibility (+ instead of -)
           pybump bump --level patch --file pyproject.toml
-          echo "app_version=$(pybump set --auto --metadata --file pyproject.toml)" >> $GITHUB_OUTPUT
-          # PyPI/TestPyPI do not accept PEP 440 local versions (1.2.3+sha);
-          # replace local version with a PEP 440–compliant dev release for publishing
-          sed -i 's/^\(version *= *"\)\([^+"]*\)+\([^"]*\)"/\1\2.dev\3"/' pyproject.toml
+          # Append GitHub run number as a numeric release segment (PEP 440 / PyPI compliant)
+          sed -i 's/^\(version *= *"\)\([0-9.]*\)\("\)/\1\2.'"$GITHUB_RUN_NUMBER"'\3/' pyproject.toml
       - name: Install uv
         uses: astral-sh/setup-uv@v5
         with: