From f9b4dd6aa67b39b45fdbf750c1b1e22186ead4df Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:11:19 -0400
Subject: [PATCH 01/17] drop py36, py37, deprecate py38, add py312

---
 .github/workflows/tests.yml | 11 +++++------
 CHANGES.rst                 |  6 ++++++
 requirements.txt            |  5 +----
 requirements_dev.txt        |  2 +-
 setup.py                    |  5 ++---
 5 files changed, 15 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 9890192..218aa50 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -42,7 +42,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest]
-        python-version: ["3.7", "3.8", "3.9", "3.10", "3.11"]
+        python-version: ["3.9", "3.10", "3.11", "3.12"]
         allow-failure: [false]
         test-case: [test-local]
         include:
@@ -62,8 +62,7 @@ jobs:
             allow-failure: false
             test-case: docker-test
           # deprecated versions
-          - os: ubuntu-20.04
-            python-version: 3.6
+          - python-version: 3.8  # EOL 2024-10
             allow-failure: false
             test-case: test-local
     steps:
@@ -71,7 +70,7 @@ jobs:
         with:
           fetch-depth: "0"
       - name: Setup Python
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v5
         if: ${{ matrix.python-version != 'None' }}
         with:
           python-version: ${{ matrix.python-version }}
@@ -114,9 +113,9 @@ jobs:
         with:
           fetch-depth: "0"
       - name: Setup Python
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v5
         with:
-          python-version: "3.7"
+          python-version: "3.11"
       - name: Build Distribution Package
         run: make develop dist
       - name: Push Package to PyPi
diff --git a/CHANGES.rst b/CHANGES.rst
index f0a386a..65f74f5 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -4,6 +4,12 @@ Changes
 Unreleased
 ==========
 
+Changes:
+
+* Drop Python 3.6, 3.7 support.
+* Deprecate Python 3.8 (EOL 2024-10 planed, supported until then).
+* Add Python 3.12 support.
+
 0.9.0 (2023-02-08)
 ==================
 
diff --git a/requirements.txt b/requirements.txt
index ef41545..f734690 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -32,7 +32,4 @@ pyramid_oauthlib>=0.4.1
 oauthlib<3
 requests_oauthlib<1.2.0
 PyJWT>=2
-# typing extension required for TypedDict
-typing_extensions; python_version < "3.8"
-setuptools<60; python_version <= "3.6"  # pyup: ignore
-setuptools>=65.5.1; python_version >= "3.7"
+setuptools>=65.5.1
diff --git a/requirements_dev.txt b/requirements_dev.txt
index 3e4cdb8..cf2f419 100644
--- a/requirements_dev.txt
+++ b/requirements_dev.txt
@@ -7,4 +7,4 @@ nbsphinx
 bump2version
 twine
 mock
-tornado>=6.3.3; python_version >= "3.8"  # not directly required, pinned by Snyk to avoid a vulnerability
+tornado>=6.3.3  # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/setup.py b/setup.py
index c2c2075..6ddb51f 100644
--- a/setup.py
+++ b/setup.py
@@ -24,12 +24,11 @@
           "License :: OSI Approved :: Apache Software License",
           "Natural Language :: English",
           "Programming Language :: Python",
-          "Programming Language :: Python :: 3.6",
-          "Programming Language :: Python :: 3.7",
           "Programming Language :: Python :: 3.8",
           "Programming Language :: Python :: 3.9",
           "Programming Language :: Python :: 3.10",
           "Programming Language :: Python :: 3.11",
+          "Programming Language :: Python :: 3.12",
           "Topic :: Internet :: WWW/HTTP",
           "Topic :: Internet :: WWW/HTTP :: WSGI :: Application",
       ],
@@ -42,7 +41,7 @@
       include_package_data=True,
       zip_safe=False,
       test_suite='twitcher',
-      python_requires=">=3.6, <4",
+      python_requires=">=3.8, <4",
       install_requires=reqs,
       extras_require={
           "dev": dev_reqs,              # pip install ".[dev]"

From f8cf0b3e2ef4763d3218a7f7cc01f58aaabe5d63 Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:17:33 -0400
Subject: [PATCH 02/17] include setuptools vulnerability fix (closes #132,
 closes #135)

---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index f734690..8b48311 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -32,4 +32,4 @@ pyramid_oauthlib>=0.4.1
 oauthlib<3
 requests_oauthlib<1.2.0
 PyJWT>=2
-setuptools>=65.5.1
+setuptools>=71.0.3

From 3c4c114ea5a2794b94fde2f83902dab6007cb90f Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:18:11 -0400
Subject: [PATCH 03/17] include urllib vulnerability fix (closes #131)

---
 requirements.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/requirements.txt b/requirements.txt
index 8b48311..d951043 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -33,3 +33,4 @@ oauthlib<3
 requests_oauthlib<1.2.0
 PyJWT>=2
 setuptools>=71.0.3
+urllib3>=2.2.2

From 36362d5e640e005208eec82ff2ab0b7fc27a5a6b Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:18:54 -0400
Subject: [PATCH 04/17] include zipp vulnerability fix (closes #134)

---
 requirements.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/requirements.txt b/requirements.txt
index d951043..2ae9078 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -34,3 +34,4 @@ requests_oauthlib<1.2.0
 PyJWT>=2
 setuptools>=71.0.3
 urllib3>=2.2.2
+zipp>=3.19.1

From fd89ad7d4b6db1dc9ab4f5f49bc8c350a082573b Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:20:17 -0400
Subject: [PATCH 05/17] include requests vulnerability fix (closes #130)

---
 requirements.txt     | 1 +
 requirements_dev.txt | 1 +
 2 files changed, 2 insertions(+)

diff --git a/requirements.txt b/requirements.txt
index 2ae9078..cbcdb0f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -30,6 +30,7 @@ zope.sqlalchemy>=1.3,!=1.4.*
 # oauth2
 pyramid_oauthlib>=0.4.1
 oauthlib<3
+requests>=2.32.2
 requests_oauthlib<1.2.0
 PyJWT>=2
 setuptools>=71.0.3
diff --git a/requirements_dev.txt b/requirements_dev.txt
index cf2f419..8893b49 100644
--- a/requirements_dev.txt
+++ b/requirements_dev.txt
@@ -1,3 +1,4 @@
+-r requirements.txt
 pytest>=5.0.0
 pytest-cov
 WebTest

From ab3acfeb965d807554cb44568a2c62cc12858aa0 Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:26:44 -0400
Subject: [PATCH 06/17] fix invalid CI skip definition

---
 .github/workflows/tests.yml | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 218aa50..29071cd 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -13,7 +13,7 @@ jobs:
     continue-on-error: true
     runs-on: ubuntu-latest
     outputs:
-      should_skip: ${{ steps.skip_check.outputs.should_skip }}
+      should_skip: ${{ steps.skip_duplicate.outputs.should_skip }}
     steps:
       - id: skip_check
         uses: fkirc/skip-duplicate-actions@master
@@ -24,10 +24,7 @@ jobs:
 
   # see: https://github.com/actions/setup-python
   tests:
-    # FIXME: https://github.com/fkirc/skip-duplicate-actions/issues/90
-    #   disable for now because the tests never run... somehow similar config works in Magpie...
-    # needs: skip_duplicate
-    # if: ${{ needs.skip_duplicate.outputs.should_skip != 'true' }}
+    if: ${{ needs.skip_duplicate.outputs.should_skip != 'true' }}
     runs-on: ${{ matrix.os }}
     continue-on-error: ${{ matrix.allow-failure }}
     env:

From 1d8ee7d004d05c2a21138bc62fd5670d54d2704d Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:28:30 -0400
Subject: [PATCH 07/17] add CI dependency for tests

---
 .github/workflows/tests.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 29071cd..d3fa6b1 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -24,6 +24,7 @@ jobs:
 
   # see: https://github.com/actions/setup-python
   tests:
+    needs: skip_duplicate
     if: ${{ needs.skip_duplicate.outputs.should_skip != 'true' }}
     runs-on: ${{ matrix.os }}
     continue-on-error: ${{ matrix.allow-failure }}

From 0ddb2951bd1c2b3483b68800f57ba2ba029c8582 Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:29:35 -0400
Subject: [PATCH 08/17] fix CI skip ID

---
 .github/workflows/tests.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index d3fa6b1..7e09a74 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -15,8 +15,7 @@ jobs:
     outputs:
       should_skip: ${{ steps.skip_duplicate.outputs.should_skip }}
     steps:
-      - id: skip_check
-        uses: fkirc/skip-duplicate-actions@master
+      - uses: fkirc/skip-duplicate-actions@master
         with:
           concurrent_skipping: "same_content_newer"
           skip_after_successful_duplicate: "true"

From 1fb8bc18dcfd73d41ed05ac810af7aa67b8558d5 Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:30:33 -0400
Subject: [PATCH 09/17] remove skip still not working

---
 .github/workflows/tests.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 7e09a74..c0e469e 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -23,8 +23,8 @@ jobs:
 
   # see: https://github.com/actions/setup-python
   tests:
-    needs: skip_duplicate
-    if: ${{ needs.skip_duplicate.outputs.should_skip != 'true' }}
+    #needs: skip_duplicate
+    #if: ${{ needs.skip_duplicate.outputs.should_skip != 'true' }}
     runs-on: ${{ matrix.os }}
     continue-on-error: ${{ matrix.allow-failure }}
     env:

From 0760b89a1a3354b690ad0aa1cc8f8ab70fd37613 Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:33:07 -0400
Subject: [PATCH 10/17] remove skip completely

---
 .github/workflows/tests.yml | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index c0e469e..5d87e7e 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -9,17 +9,17 @@ on:
 
 jobs:
   # see: https://github.com/fkirc/skip-duplicate-actions
-  skip_duplicate:
-    continue-on-error: true
-    runs-on: ubuntu-latest
-    outputs:
-      should_skip: ${{ steps.skip_duplicate.outputs.should_skip }}
-    steps:
-      - uses: fkirc/skip-duplicate-actions@master
-        with:
-          concurrent_skipping: "same_content_newer"
-          skip_after_successful_duplicate: "true"
-          do_not_skip: '["pull_request", "workflow_dispatch", "schedule", "release"]'
+#  skip_duplicate:
+#    continue-on-error: true
+#    runs-on: ubuntu-latest
+#    outputs:
+#      should_skip: ${{ steps.skip_duplicate.outputs.should_skip }}
+#    steps:
+#      - uses: fkirc/skip-duplicate-actions@master
+#        with:
+#          concurrent_skipping: "same_content_newer"
+#          skip_after_successful_duplicate: "true"
+#          do_not_skip: '["pull_request", "workflow_dispatch", "schedule", "release"]'
 
   # see: https://github.com/actions/setup-python
   tests:

From bdf18df26da520eb6b39b73eea6986c6a7f1e48a Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:34:44 -0400
Subject: [PATCH 11/17] CI patches

---
 .github/workflows/tests.yml | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 5d87e7e..84dc01a 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -67,7 +67,7 @@ jobs:
         with:
           fetch-depth: "0"
       - name: Setup Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v2
         if: ${{ matrix.python-version != 'None' }}
         with:
           python-version: ${{ matrix.python-version }}
@@ -79,10 +79,6 @@ jobs:
       - name: Display Packages
         if: ${{ matrix.python-version != 'None' }}
         run: pip freeze
-      #- name: Setup Environment Variables
-      #  uses: c-py/action-dotenv-to-setenv@v2
-      #  with:
-      #    env-file: ./ci/weaver.env
       - name: Display Environment Variables
         run: |
           hash -r
@@ -110,7 +106,7 @@ jobs:
         with:
           fetch-depth: "0"
       - name: Setup Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v2
         with:
           python-version: "3.11"
       - name: Build Distribution Package

From 72b10a2bcb360570669dd1bcd11a3392d1a7ddc6 Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:36:39 -0400
Subject: [PATCH 12/17] fix setup dev

---
 setup.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/setup.py b/setup.py
index 6ddb51f..6537a70 100644
--- a/setup.py
+++ b/setup.py
@@ -10,7 +10,10 @@
     exec(f.read(), about)
 
 reqs = [line.strip() for line in open('requirements.txt')]
-dev_reqs = [line.strip() for line in open('requirements_dev.txt')]
+dev_reqs = [
+    line.strip() for line in open('requirements_dev.txt')
+    if not line.startswith("-r ")
+]
 
 setup(name='pyramid_twitcher',
       version=about['__version__'],

From 8f232f0874b0da70f8b27ae7bbad1c06dbd66fb2 Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:38:16 -0400
Subject: [PATCH 13/17] fix requirements

---
 requirements.txt | 1 -
 1 file changed, 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index cbcdb0f..060a622 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,6 +1,5 @@
 pyramid>=1.10,<2
 webob
-requests
 argcomplete
 pytz
 lxml

From 09950a4a75eeda0747f25e1a16e716eb1cd1cb95 Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 12:58:56 -0400
Subject: [PATCH 14/17] CI reenable skip with concurrency

---
 .github/workflows/tests.yml | 37 ++++++++++++++++++++++---------------
 1 file changed, 22 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 84dc01a..96c0df1 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -7,24 +7,31 @@ on:
   - release
   - workflow_dispatch
 
+# cancel the current workflow if another commit was pushed on the same PR or reference
+# uses the GitHub workflow name to avoid collision with other workflows running on the same PR/reference
+concurrency:
+  group: "${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}"
+  cancel-in-progress: true
+
 jobs:
   # see: https://github.com/fkirc/skip-duplicate-actions
-#  skip_duplicate:
-#    continue-on-error: true
-#    runs-on: ubuntu-latest
-#    outputs:
-#      should_skip: ${{ steps.skip_duplicate.outputs.should_skip }}
-#    steps:
-#      - uses: fkirc/skip-duplicate-actions@master
-#        with:
-#          concurrent_skipping: "same_content_newer"
-#          skip_after_successful_duplicate: "true"
-#          do_not_skip: '["pull_request", "workflow_dispatch", "schedule", "release"]'
+  skip_duplicate:
+    continue-on-error: true
+    runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip_duplicate.outputs.should_skip && ! contains(github.ref, 'refs/tags') }}
+    steps:
+      - id: skip_check
+        uses: fkirc/skip-duplicate-actions@master
+        with:
+          concurrent_skipping: "same_content"
+          skip_after_successful_duplicate: "true"
+          do_not_skip: '["pull_request", "workflow_dispatch", "schedule", "release"]'
 
   # see: https://github.com/actions/setup-python
   tests:
-    #needs: skip_duplicate
-    #if: ${{ needs.skip_duplicate.outputs.should_skip != 'true' }}
+    needs: skip_duplicate
+    if: ${{ needs.skip_duplicate.outputs.should_skip != 'true' }}
     runs-on: ${{ matrix.os }}
     continue-on-error: ${{ matrix.allow-failure }}
     env:
@@ -67,7 +74,7 @@ jobs:
         with:
           fetch-depth: "0"
       - name: Setup Python
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v5
         if: ${{ matrix.python-version != 'None' }}
         with:
           python-version: ${{ matrix.python-version }}
@@ -106,7 +113,7 @@ jobs:
         with:
           fetch-depth: "0"
       - name: Setup Python
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v5
         with:
           python-version: "3.11"
       - name: Build Distribution Package

From d39a1ccb6ba919401ec0c7a95860c33ad79a4e19 Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 13:05:48 -0400
Subject: [PATCH 15/17] fix missing OS for CI Py38

---
 .github/workflows/tests.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 96c0df1..712c0e1 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -66,7 +66,8 @@ jobs:
             allow-failure: false
             test-case: docker-test
           # deprecated versions
-          - python-version: 3.8  # EOL 2024-10
+          - os: ubuntu-latest
+            python-version: 3.8  # EOL 2024-10
             allow-failure: false
             test-case: test-local
     steps:

From e862325f4d74624f79da042e7eca1f4530d66382 Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 13:12:33 -0400
Subject: [PATCH 16/17] update codecov action

---
 .github/workflows/tests.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 712c0e1..4644c76 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -97,9 +97,10 @@ jobs:
         if: ${{ matrix.python-version == 'None' }}
         run: make docker-stop
       - name: Upload coverage report
-        uses: codecov/codecov-action@v1
+        uses: codecov/codecov-action@v4.0.1
         if: ${{ success() && matrix.test-case == 'coverage' }}
         with:
+          token: ${{ secrets.CODECOV_TOKEN }}
           files: ./coverage/coverage.xml
           fail_ci_if_error: true
           verbose: true

From b38ae73f292bdc3e8a7b32a0f8fdca9332b37b86 Mon Sep 17 00:00:00 2001
From: Francis Charette Migneault <francis.charette.migneault@gmail.com>
Date: Fri, 19 Jul 2024 13:18:04 -0400
Subject: [PATCH 17/17] use docker base python:3.11-alpine3.20 (closes #133)

---
 CHANGES.rst | 1 +
 Dockerfile  | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGES.rst b/CHANGES.rst
index 65f74f5..b304af5 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -9,6 +9,7 @@ Changes:
 * Drop Python 3.6, 3.7 support.
 * Deprecate Python 3.8 (EOL 2024-10 planed, supported until then).
 * Add Python 3.12 support.
+* Update docker with latest ``python:3.11-alpine3.20`` base.
 
 0.9.0 (2023-02-08)
 ==================
diff --git a/Dockerfile b/Dockerfile
index bd64a2c..2f69e95 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 # vim:set ft=dockerfile:
-FROM python:3.11-alpine3.17
+FROM python:3.11-alpine3.20
 LABEL Description="Twitcher" Vendor="Birdhouse" Maintainer="https://github.com/bird-house/twitcher"
 
 # Configure hostname and ports for services