SNYK-PYTHON-PYJWT-2840625

Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.6.0 to 2.7.1.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.6.0...2.7.1)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

.archive/.gitea/workflows/ci.yml

@@ -1,86 +0,0 @@
-name: CI
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-    paths-ignore:
-      - "README.md"
-      - "LICENSE.md"
-      - ".gitignore"
-      - "renovate.json"
-      - ".gitea/CODEOWNERS"
-      - ".archive"
-
-jobs:
-  ci:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out repository code
-        uses: actions/checkout@v4.2.2
-        with:
-          fetch-depth: 0
-
-      - uses: hadolint/hadolint-action@v3.1.0
-        with:
-          dockerfile: Dockerfile
-          output-file: hadolint.out
-          format: sonarqube
-          no-fail: true
-
-      - name: Setup Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "${{ vars.PYTHON_VERSION }}"
-
-      - name: Setup Poetry
-        uses: abatilo/actions-poetry@v3
-        # run: curl -sSL https://install.python-poetry.org | python3 -
-
-      - name: Update PATH
-        run: export PATH="/root/.local/bin:$PATH"
-
-      - name: Setup virtual environment
-        run: |
-          /root/.local/bin/poetry config virtualenvs.create true --local
-          /root/.local/bin/poetry config virtualenvs.in-project true --local
-
-      - uses: actions/cache@v3
-        name: Define cache for dependencies
-        with:
-          path: ./.venv
-          key: venv-${{ hashFiles('poetry.lock') }}
-
-      - name: Install dependencies
-        run: /root/.local/bin/poetry install
-
-      - name: Lint
-        run: |
-          /root/.local/bin/poetry run pylint --verbose --fail-under=8 --recursive=yes --output-format=parseable --output=lintreport.txt .
-          cat lintreport.txt
-
-      - name: Unit Test
-        run: |
-          /root/.local/bin/poetry run coverage run -m pytest -v --junitxml=testresults.xml
-          /root/.local/bin/poetry run coverage xml
-          sed -i 's@${{ gitea.workspace }}@/github/workspace@g' coverage.xml
-
-      # TEMPORARY - DISABLED DUE TO GITHUB > GITEA MIGRATION
-      # SONARQUBE CLOUD IS CURRENTLY TIGHTLY COUPLED TO GITHUB
-      - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v4.2.1
-        continue-on-error: true
-        env:
-          # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-
-      - name: Snyk Vulnerability Scan
-        uses: snyk/actions/python-3.10@master
-        continue-on-error: true # To make sure that SARIF upload gets called
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          args: --sarif-file-output=snyk.sarif --all-projects
-
-      # - name: Upload result to GitHub Code Scanning
-      #   uses: github/codeql-action/upload-sarif@v3
-      #   with:
-      #     sarif_file: snyk.sarif

.archive/.github/CODEOWNERS

@@ -1 +0,0 @@
-*   @luketainton

.archive/.github/workflows-old/release.yml

@@ -1,57 +0,0 @@
-name: Build
-on:
-  push:
-    branches: [main]
-
-jobs:
-  release:
-    name: Release
-    runs-on: ubuntu-latest
-    outputs:
-      new_tag: ${{ steps.tag_version.outputs.new_tag }}
-    steps:
-      - uses: actions/checkout@v4
-      - name: Bump version and push tag
-        id: tag_version
-        uses: mathieudutour/github-tag-action@v6.2
-        with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          default_bump: minor
-      - name: Create a GitHub release
-        uses: ncipollo/release-action@v1
-        with:
-          tag: ${{ steps.tag_version.outputs.new_tag }}
-          name: ${{ steps.tag_version.outputs.new_tag }}
-          body: ${{ steps.tag_version.outputs.changelog }}
-          generateReleaseNotes: true
-
-  publish:
-    name: GitHub Container Registry
-    runs-on: ubuntu-latest
-    needs: release
-    steps:
-      - uses: actions/checkout@v4
-      - name: Login to GitHub Container Registry
-        run: echo ${{ secrets.GHCR_ACCESS_TOKEN }} | docker login ghcr.io -u luketainton --password-stdin
-      - name: Build image for GitHub Package Registry
-        run: |
-          docker build . --file Dockerfile \
-          --build-arg "version=${{ needs.release.outputs.new_tag }}" \
-          --tag ghcr.io/luketainton/webexmemebot:${{ needs.release.outputs.new_tag }} \
-          --tag ghcr.io/luketainton/webexmemebot:latest
-      - name: Push image to GitHub Package Registry
-        run: |
-          docker push ghcr.io/luketainton/webexmemebot:latest
-          docker push ghcr.io/luketainton/webexmemebot:${{ needs.release.outputs.new_tag }}
-
-  deploy:
-    name: Update Portainer Deployment
-    runs-on: ubuntu-latest
-    needs: publish
-    steps:
-      - uses: fjogeleit/http-request-action@v1
-        with:
-          url: ${{ secrets.PORTAINER_WEBHOOK_URL }}
-          method: POST
-          timeout: 60000
-          preventFailureOnNoResponse: "true"

.archive/.github/workflows/ci.yml

@@ -1,20 +0,0 @@
-name: CI
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-    paths-ignore:
-      - "README.md"
-      - "LICENSE.md"
-      - ".gitignore"
-      - ".github/CODEOWNERS"
-      - ".github/renovate.json"
-      - ".github/dependabot.yml"
-
-jobs:
-  ci:
-    uses: luketainton/gha-workflows/.github/workflows/ci-python-poetry-with-docker.yml@main
-    with:
-      python-version: "3.13"
-    secrets:
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-      SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

.archive/.github/workflows/release.yml

@@ -1,26 +0,0 @@
-name: Release
-on:
-  workflow_dispatch:
-  schedule:
-    - cron: "0 9 * * 0"
-
-jobs:
-  test:
-    uses: luketainton/gha-workflows/.github/workflows/ci-python-poetry-with-docker.yml@main
-    with:
-      python-version: "3.13"
-    secrets:
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-      SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-
-  create_release:
-    name: Create Release
-    uses: luketainton/gha-workflows/.github/workflows/create-release.yml@main
-
-  create_docker:
-    name: Create Docker Image
-    needs: create_release
-    if: ${{ needs.create_release.outputs.success == 'true' }}
-    uses: luketainton/gha-workflows/.github/workflows/build-push-attest-docker.yml@main
-    with:
-        release: ${{ needs.create_release.outputs.release_name }}

.archive/requirements-dev.txt

@@ -1,30 +0,0 @@
-astroid==3.2.4
-black==24.10.0
-cfgv==3.4.0
-click==8.1.8
-colorama==0.4.6 ; sys_platform == "win32" or platform_system == "Windows"
-coverage==7.6.10
-dill==0.3.9
-distlib==0.3.9
-filelock==3.16.1
-identify==2.6.4
-iniconfig==2.0.0
-isort==5.13.2
-lazy-object-proxy==1.10.0
-mccabe==0.7.0
-mypy-extensions==1.0.0
-nodeenv==1.9.1
-packaging==24.2
-pathspec==0.12.1
-platformdirs==4.3.6
-pluggy==1.5.0
-pre-commit==4.0.1
-pylint==3.2.6
-pylint-exit==1.2.0
-pytest==8.3.3
-PyYAML==6.0.2
-setuptools==75.6.0
-tomlkit==0.13.2
-virtualenv==20.28.0
-wrapt==1.17.0
-zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability

.archive/requirements.txt

@@ -1,17 +0,0 @@
-backoff==2.2.1
-certifi==2024.8.30
-charset-normalizer==3.4.1
-coloredlogs==15.0.1
-future==1.0.0
-humanfriendly==10.0
-idna==3.10
-pillow==11.0.0
-PyJWT==2.10.1
-requests==2.32.3
-requests-toolbelt==1.0.0
-sentry-sdk==2.19.0
-tomlkit==0.13.2
-urllib3==2.2.3
-webex-bot==0.5.2
-webexteamssdk==1.6.1
-websockets==11.0.3

.env.default

@@ -1,2 +1,4 @@
 APP_LIFECYCLE="dev"
+SENTRY_ENABLED="False"
+SENTRY_DSN=""
 WEBEX_API_KEY=""

.gitea/CODEOWNERS

@@ -1 +0,0 @@
-*   @luke

.gitea/workflows/ci.yml

@@ -1,62 +0,0 @@
-name: CI
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-    paths-ignore:
-      - "README.md"
-      - "LICENSE.md"
-      - ".gitignore"
-      - "renovate.json"
-      - ".gitea/CODEOWNERS"
-      - ".archive"
-
-jobs:
-  ci:
-    runs-on: ubuntu-poetry-latest
-    steps:
-      - name: Check out repository code
-        uses: actions/checkout@v4.2.2
-        with:
-          fetch-depth: 0
-
-      - name: Run Hadolint
-        uses: hadolint/hadolint-action@v3.1.0
-        with:
-          dockerfile: Dockerfile
-          output-file: hadolint.out
-          format: sonarqube
-          no-fail: true
-
-      - name: Setup Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "${{ vars.PYTHON_VERSION }}"
-          cache: 'poetry'
-
-      - name: Install dependencies
-        run: poetry install
-
-      - name: Lint
-        run: |
-          poetry run pylint --fail-under=8 --recursive=yes --output-format=parseable --output=lintreport.txt app/ tests/
-          cat lintreport.txt
-
-      - name: Unit Test
-        run: |
-          poetry run coverage run -m pytest -v --junitxml=testresults.xml
-          poetry run coverage xml
-          sed -i 's@${{ gitea.workspace }}@/github/workspace@g' coverage.xml
-
-      - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v4.2.1
-        env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-
-      - name: Snyk Vulnerability Scan
-        uses: snyk/actions/python@master
-        continue-on-error: true  # Sometimes vulns aren't immediately fixable
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          command: snyk
-          args: test --all-projects

.gitea/workflows/release.yml

@@ -1,183 +0,0 @@
-name: Release
-on:
-  schedule:
-    - cron: "0 9 * * 0"
-  issue_comment:
-    types: [created]
-
-jobs:
-  manual_trigger:
-    name: Manual Trigger Cleanup
-    runs-on: ubuntu-latest
-    if: ${{ gitea.event_name == 'issue_comment' }}
-    steps:
-      - name: Log event metadata
-        run: |
-          echo "Issue: ${{ gitea.event.issue.number }}"
-          echo "Comment: ${{ gitea.event.comment.body }}"
-          echo "User: ${{ gitea.event.comment.user.login }}"
-
-      - name: Stop workflow if required conditions are not met
-        if: ${{ !contains(gitea.event.issue.number, '436') || !contains(gitea.event.comment.body, '/trigger-release') || !contains(gitea.event.comment.user.login, 'luke') }}
-        run: exit 1
-
-      - name: Delete issue comment
-        run: |
-          curl -X DELETE \
-            -H "Authorization: token ${{ gitea.token }}" \
-            "${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}/issues/comments/${{ gitea.event.comment.id }}"
-
-  # test:
-  #   name: Unit Test
-  #   uses: https://git.tainton.uk/public/webexmemebot/.gitea/workflows/ci.yml@main
-  #   continue-on-error: true
-
-  create_release:
-    name: Create Release
-    runs-on: ubuntu-latest
-    # needs: test
-    outputs:
-      release_name: ${{ steps.get_next_version.outputs.tag }}
-    steps:
-      - name: Check out repository
-        uses: actions/checkout@v4.2.2
-        with:
-          fetch-depth: 0
-
-      - name: Changes since last tag
-        id: changes
-        run: |
-          rm -f .changes
-          git log $(git describe --tags --abbrev=0)..HEAD --no-merges --oneline >> .changes
-          cat .changes
-
-      - name: Check for changes
-        run: |
-          if [[ -z $(grep '[^[:space:]]' .changes) ]] ; then
-            echo "changes=false"
-            echo "changes=false" >> "$GITEA_OUTPUT"
-          else
-            echo "changes=true"
-            echo "changes=true" >> "$GITEA_OUTPUT"
-          fi
-
-      - name: Cancel if no changes
-        if: steps.changes.outputs.changes == 'false'
-        run: exit 1
-
-      - name: Set server URL
-        id: set_srvurl
-        run: |
-          SRVURL=$(echo "${{ gitea.server_url }}" | sed 's/https:\/\/\(.*\)/\1/')
-          echo "srvurl=$SRVURL" >> "$GITEA_OUTPUT"
-
-      - name: Get next version
-        uses: TriPSs/conventional-changelog-action@v6
-        id: get_next_version
-        with:
-          git-url: ${{ steps.set_srvurl.outputs.srvurl }}
-          github-token: ${{ gitea.token }}
-          skip-commit: true
-          release-count: 1
-          output-file: false
-          create-summary: true
-          skip-on-empty: true
-          skip-version-file: true
-          skip-tag: true
-
-      - name: Create release
-        run: |
-          curl -s -X POST \
-            -H "Authorization: token ${{ secrets.ACTIONS_TOKEN }}" \
-            -H "accept: application/json" \
-            -H "Content-Type: application/json" \
-            -d "{\"tag_name\": \"${{ steps.get_next_version.outputs.tag }}\", \"name\": \"${{ steps.get_next_version.outputs.tag }}\", \"body\": \"${{ steps.get_next_version.outputs.changelog }}\"}" \
-            "${{ gitea.server_url }}/api/v1/repos/${{ gitea.repository }}/releases"
-
-  build_docker:
-    name: Build Docker Images
-    needs: create_release
-    steps:
-      - name: Update Docker configuration
-        continue-on-error: true
-        run: |
-          mkdir -p /etc/default
-          mkdir -p /etc/docker
-          touch -a /etc/default/docker
-          touch -a /etc/docker/daemon.json
-          echo "DOCKER_OPTS=\"--insecure-registry ${{ vars.PACKAGES_REGISTRY_URL }}\"" >> /etc/default/docker
-          echo "{\"insecure-registries\": [\"${{ vars.PACKAGES_REGISTRY_URL }}\"]}" > /etc/docker/daemon.json
-
-      - name: Check out repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          ref: ${{ needs.create_release.outputs.release_name }}
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Log in to Gitea Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ vars.PACKAGES_REGISTRY_URL }}
-          username: ${{ vars.ACTIONS_USERNAME }}
-          password: ${{ secrets.ACTIONS_TOKEN }}
-
-      - name: Log in to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ vars.GHCR_USERNAME }}
-          password: ${{ secrets.GHCR_TOKEN }}
-
-      - name: Extract metadata (tags, labels) for Docker
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: |
-            ghcr.io/${{ vars.GHCR_USERNAME }}/webexmemebot
-            ${{ vars.PACKAGES_REGISTRY_URL }}/${{ gitea.repository }}
-          tags: type=semver,pattern=v{{version}},value=${{ needs.create_release.outputs.release_name }}
-
-      - name: Print metadata
-        run: |
-          printf "Annotations:\n${{ steps.meta.outputs.annotations }}"
-          echo ""
-          printf "Labels:\n${{ steps.meta.outputs.labels }}"
-          echo ""
-          printf "Tags:\n${{ steps.meta.outputs.tags }}"
-
-      - name: Build images
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          push: false
-          load: true
-          annotations: ${{ steps.meta.outputs.annotations }}
-          labels: ${{ steps.meta.outputs.labels }}
-          tags: ${{ steps.meta.outputs.tags }}
-      
-      # - name: Build images
-      #   run: |
-      #     bldcmd="docker buildx build --load"
-      #     strtags="${{ steps.meta.outputs.tags }}"
-      #     strlabels="${{ steps.meta.outputs.labels }}"
-      #     strannotations="${{ steps.meta.outputs.annotations }}"
-      #     readarray -t tags <<<"$strtags"
-      #     readarray -t labels <<<"$strlabels"
-      #     readarray -t annotations <<<"$strannotations"
-      #     for element in "${tags[@]}"; do bldcmd="$bldcmd --tag \"$element\""; done
-      #     for element in "${labels[@]}"; do bldcmd="$bldcmd --label \"$element\""; done
-      #     for element in "${annotations[@]}"; do bldcmd="$bldcmd --annotation \"$element\""; done
-      #     bldcmd="$bldcmd ${{ gitea.workspace }}"
-      #     echo "$bldcmd"
-      #     echo ""
-      #     sh -c "$bldcmd"
-      
-      - name: Push images
-        run: |
-          strtags="${{ steps.meta.outputs.tags }}"
-          readarray -t lines <<<"$strtags"
-          for element in "${lines[@]}"; do docker push "$element"; done
-          unset strtags lines

.github/renovate.json

@@ -1,42 +1,26 @@
 {
+  "extends": ["config:base"],
+  "platformCommit": true,
+  "dependencyDashboardAutoclose": true,
   "assignAutomerge": true,
   "assigneesFromCodeOwners": true,
-  "dependencyDashboardAutoclose": true,
-  "extends": [
-    "config:base"
-  ],
-  "labels": [
-    "dependencies"
-  ],
-  "packageRules": [
-    {
-      "labels": [
-        "linting"
-      ],
-      "matchPackagePatterns": [
-        "black",
-        "pylint"
-      ]
-    },
-    {
-      "labels": [
-        "unit-tests"
-      ],
-      "matchPackagePatterns": [
-        "coverage",
-        "pytest"
-      ]
-    }
-  ],
-  "platformCommit": true,
   "rebaseWhen": "behind-base-branch",
   "rollbackPrs": true,
-  "vulnerabilityAlerts": {
-    "commitMessagePrefix": "[SECURITY] ",
-    "enabled": true,
-    "labels": [
-      "security"
+  "labels": ["dependencies"],
+  "packageRules": [
+    {
+      "matchPackagePatterns": ["black", "pylint"],
+      "labels": ["linting"]
+    },
+    {
+      "matchPackagePatterns": ["coverage", "pytest"],
+      "labels": ["unit-tests"]
+    }
   ],
+  "vulnerabilityAlerts": {
+    "enabled": true,
+    "labels": ["security"],
+    "commitMessagePrefix": "[SECURITY] ",
     "prCreation": "immediate"
   }
 }

.github/workflows/ci.yml

@@ -12,9 +12,7 @@ on:
 
 jobs:
   ci:
-    uses: luketainton/gha-workflows/.github/workflows/ci-python-poetry-with-docker.yml@main
-    with:
-      python-version: "3.13"
+    uses: luketainton/gha-workflows/.github/workflows/ci-python-with-docker.yml@main
     secrets:
       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
       SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

.github/workflows/release.yml

@@ -1,26 +1,57 @@
-name: Release
+name: Build
 on:
-  workflow_dispatch:
-  schedule:
-    - cron: "0 9 * * 0"
+  push:
+    branches: [main]
 
 jobs:
-  test:
-    uses: luketainton/gha-workflows/.github/workflows/ci-python-poetry-with-docker.yml@main
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    outputs:
+      new_tag: ${{ steps.tag_version.outputs.new_tag }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Bump version and push tag
+        id: tag_version
+        uses: mathieudutour/github-tag-action@v6.2
         with:
-      python-version: "3.13"
-    secrets:
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-      SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-
-  create_release:
-    name: Create Release
-    uses: luketainton/gha-workflows/.github/workflows/create-release.yml@main
-
-  create_docker:
-    name: Create Docker Image
-    needs: create_release
-    if: ${{ needs.create_release.outputs.success == 'true' }}
-    uses: luketainton/gha-workflows/.github/workflows/build-push-attest-docker.yml@main
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          default_bump: minor
+      - name: Create a GitHub release
+        uses: ncipollo/release-action@v1
         with:
-        release: ${{ needs.create_release.outputs.release_name }}
+          tag: ${{ steps.tag_version.outputs.new_tag }}
+          name: ${{ steps.tag_version.outputs.new_tag }}
+          body: ${{ steps.tag_version.outputs.changelog }}
+          generateReleaseNotes: true
+
+  publish:
+    name: GitHub Container Registry
+    runs-on: ubuntu-latest
+    needs: release
+    steps:
+      - uses: actions/checkout@v4
+      - name: Login to GitHub Container Registry
+        run: echo ${{ secrets.GHCR_ACCESS_TOKEN }} | docker login ghcr.io -u luketainton --password-stdin
+      - name: Build image for GitHub Package Registry
+        run: |
+          docker build . --file Dockerfile \
+          --build-arg "version=${{ needs.release.outputs.new_tag }}" \
+          --tag ghcr.io/luketainton/webexmemebot:${{ needs.release.outputs.new_tag }} \
+          --tag ghcr.io/luketainton/webexmemebot:latest
+      - name: Push image to GitHub Package Registry
+        run: |
+          docker push ghcr.io/luketainton/webexmemebot:latest
+          docker push ghcr.io/luketainton/webexmemebot:${{ needs.release.outputs.new_tag }}
+
+  deploy:
+    name: Update Portainer Deployment
+    runs-on: ubuntu-latest
+    needs: publish
+    steps:
+      - uses: fjogeleit/http-request-action@v1
+        with:
+          url: ${{ secrets.PORTAINER_WEBHOOK_URL }}
+          method: POST
+          timeout: 60000
+          preventFailureOnNoResponse: "true"

.gitignore

@@ -133,6 +133,3 @@ dmypy.json
 # IDE
 .vscode
 .idea
-
-# Ruff
-.ruff_cache/

.pre-commit-config.yaml

@@ -1,60 +0,0 @@
-fail_fast: false
-
-minimum_pre_commit_version: 3.8.0
-
-default_install_hook_types: [pre-commit, commit-msg]
-
-default_language_version:
-  python: python3.11
-
-repos:
-  - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.6.0
-    hooks:
-      - id: trailing-whitespace
-      - id: mixed-line-ending
-      - id: end-of-file-fixer
-      - id: requirements-txt-fixer
-      - id: check-yaml
-      - id: check-added-large-files
-      - id: check-ast
-      - id: check-docstring-first
-      - id: check-json
-      - id: check-merge-conflict
-      - id: check-toml
-      - id: check-xml
-      - id: detect-private-key
-      - id: no-commit-to-branch
-      - id: requirements-txt-fixer
-      - id: name-tests-test
-        args: [--pytest-test-first]
-      - id: pretty-format-json
-        args: [--autofix]
-
-  - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.5.6
-    hooks:
-      - id: ruff-format # Run the formatter.
-      - id: ruff # Run the linter.
-        args: [--fix]
-
-  # - repo: https://github.com/pycqa/isort
-  #   rev: 5.13.2
-  #   hooks:
-  #     - id: isort
-
-  - repo: https://github.com/pre-commit/pygrep-hooks
-    rev: v1.10.0
-    hooks:
-      - id: python-use-type-annotations
-
-  - repo: https://github.com/asottile/pyupgrade
-    rev: v3.17.0
-    hooks:
-      - id: pyupgrade
-
-  - repo: https://github.com/compilerla/conventional-pre-commit
-    rev: v3.4.0
-    hooks:
-      - id: conventional-pre-commit
-        stages: [commit-msg]

Dockerfile

@@ -1,22 +1,17 @@
-FROM python:3.13-slim
+FROM python:3.11-slim
 LABEL maintainer="Luke Tainton <luke@tainton.uk>"
 LABEL org.opencontainers.image.source="https://github.com/luketainton/webexmemebot"
 USER root
 
-ENV PYTHONPATH="/run:/usr/local/lib/python3.13/lib-dynload:/usr/local/lib/python3.13/site-packages:/usr/local/lib/python3.13"
+ENV PYTHONPATH="/run:/usr/local/lib/python3.11/lib-dynload:/usr/local/lib/python3.11/site-packages:/usr/local/lib/python3.11"
 WORKDIR /run
 
-COPY imp.py /run/imp.py
-
 RUN mkdir -p /.local && \
     chmod -R 777 /.local && \
-    pip install -U pip poetry
+    pip install -U pip
 
-COPY pyproject.toml /run/pyproject.toml
-COPY poetry.lock /run/poetry.lock
-
-RUN poetry config virtualenvs.create false && \
-    poetry install --without dev
+COPY requirements.txt /run/requirements.txt
+RUN pip install --no-cache-dir -r requirements.txt
 
 ENTRYPOINT ["python3", "-B", "-m", "app.main"]
 

app/config.py

@@ -5,12 +5,16 @@ import os
 
 class Config:
     """Configuration module."""
-
     def __init__(self) -> None:
         """Configuration module."""
         self.__environment: str = os.environ.get("APP_LIFECYCLE", "DEV").upper()
         self.__version: str = os.environ["APP_VERSION"]
         self.__webex_token: str = os.environ["WEBEX_API_KEY"]
+        self.__sentry_dsn: str = os.environ.get("SENTRY_DSN", "")
+        self.__sentry_enabled: bool = bool(
+            os.environ.get("SENTRY_ENABLED", "False").upper() == "TRUE"
+            and self.__sentry_dsn != ""
+        )
 
     @property
     def environment(self) -> str:
@@ -22,6 +26,19 @@ class Config:
         """Returns the current app version."""
         return self.__version
 
+    @property
+    def sentry_enabled(self) -> bool:
+        """Returns True if Sentry SDK is enabled, else False."""
+        return self.__sentry_enabled
+
+    @property
+    def sentry_dsn(self) -> str:
+        """Returns the Sentry DSN value if Sentry SDK is enabled AND
+        Sentry DSN is set, else blank string."""
+        if not self.__sentry_enabled:
+            return ""
+        return self.__sentry_dsn
+
     @property
     def webex_token(self) -> str:
         """Returns the Webex API key."""

app/img.py

@@ -1,5 +1,6 @@
 import requests
 
+
 CHAR_REPLACEMENTS: list = [
     ["_", "__"],
     ["-", "--"],
@@ -18,7 +19,7 @@ CHAR_REPLACEMENTS: list = [
 
 def get_templates() -> list[dict]:
     url: str = "https://api.memegen.link/templates"
-    req: requests.Response = requests.get(url=url, timeout=10)
+    req: requests.Response = requests.get(url=url, timeout=5)
     req.raise_for_status()
     data: dict = req.json()
     templates: list = []
@@ -55,7 +56,5 @@ def generate_api_url(template: str, top_str: str, btm_str: str) -> str:
     top_str = format_meme_string(top_str)
     btm_str = format_meme_string(btm_str)
 
-    url: str = (
-        f"https://api.memegen.link/images/{tmpl_name}/{top_str}/{btm_str}.{tmpl_ext}"
-    )
+    url: str = f"https://api.memegen.link/images/{tmpl_name}/{top_str}/{btm_str}.{tmpl_ext}"
     return url

app/main.py

@@ -1,11 +1,25 @@
 #!/usr/local/bin/python3
 
+import sentry_sdk
+from sentry_sdk.integrations.stdlib import StdlibIntegration
+
 from webex_bot.webex_bot import WebexBot
 
 from app import close, meme
 from app.config import config
 
 
+if config.sentry_enabled:
+    apm = sentry_sdk.init(
+        dsn=config.sentry_dsn,
+        enable_tracing=True,
+        environment=config.environment,
+        release=config.version,
+        integrations=[StdlibIntegration()],
+        spotlight=True
+    )
+
+
 def create_bot() -> WebexBot:
     """Create a Bot object."""
     bot = WebexBot(

app/meme.py

@@ -2,25 +2,25 @@ from webex_bot.models.command import Command
 from webex_bot.models.response import Response, response_from_adaptive_card
 from webexteamssdk.models.cards import (
     AdaptiveCard,
-    Choice,
-    Choices,
     Column,
     ColumnSet,
     FontSize,
     FontWeight,
     Text,
     TextBlock,
+    Choice,
+    Choices,
 )
-from webexteamssdk.models.cards.actions import OpenUrl, Submit
+from webexteamssdk.models.cards.actions import Submit, OpenUrl
 
 from app import img
 
+
 TEMPLATES = img.get_templates()
 
 
 class MakeMemeCommand(Command):
     """Class for initial Webex interactive card."""
-
     def __init__(self) -> None:
         super().__init__(
             command_keyword="/meme",
@@ -69,8 +69,7 @@ class MakeMemeCommand(Command):
                                 id="meme_type",
                                 isMultiSelect=False,
                                 choices=[
-                                    Choice(title=x["name"], value=x["choiceval"])
-                                    for x in TEMPLATES
+                                    Choice(title=x["name"], value=x["choiceval"]) for x in TEMPLATES
                                 ],
                             ),
                             Text(id="text_top", placeholder="Top Text", maxLength=100),
@@ -101,7 +100,6 @@ class MakeMemeCommand(Command):
 
 class MakeMemeCallback(Command):
     """Class to process user data and return meme."""
-
     def __init__(self) -> None:
         super().__init__(
             card_callback_keyword="make_meme_callback_rbamzfyx",

imp.py

@@ -1,4 +0,0 @@
-"""Compatibility module that imports all symbols from the importlib module.
-and exposes them as imp."""
-
-from importlib import *

pyproject.toml

@@ -1,25 +1,23 @@
 [tool.poetry]
 name = "webexmemebot"
-version = "0.0.0"  # Version is tracked by GitHub Releases
+version = "0.1.0"
 description = "Webex-based meme generation bot using memegen.link."
 authors = ["luketainton"]
 readme = "README.md"
-package-mode = false
 
 [tool.poetry.dependencies]
 python = "^3.11.2"
-webex-bot = "^0.5.2"
-pillow = "^11.0.0"
-astroid = "<=3.3.8"
+webex-bot = "^0.5.1"
+pillow = "^10.4.0"
+sentry-sdk = "^2.7.1"
 
 [tool.poetry.group.dev.dependencies]
-black = "^24.10.0"
-coverage = "^7.6.10"
-isort = "^5.13.2"
-pylint = "^3.3.2"
+black = "^24.4.2"
+coverage = "^7.5.4"
+pylint = "^3.1.0"
 pylint-exit = "^1.2.0"
-pytest = "^8.3.4"
-pre-commit = "^4.0.1"
+pytest = "^8.2.2"
+pre-commit = "^3.7.1"
 
 [build-system]
 requires = ["poetry-core"]

renovate.json

@@ -1,25 +0,0 @@
-{
-  "assignAutomerge": true,
-  "assigneesFromCodeOwners": true,
-  "dependencyDashboardAutoclose": true,
-  "extends": [
-    "config:recommended"
-  ],
-  "ignorePaths": [
-    "**/.archive/**"
-  ],
-  "labels": [
-    "type/dependencies"
-  ],
-  "platformCommit": "enabled",
-  "rebaseWhen": "behind-base-branch",
-  "rollbackPrs": true,
-  "vulnerabilityAlerts": {
-    "commitMessagePrefix": "[SECURITY] ",
-    "enabled": true,
-    "labels": [
-      "security"
-    ],
-    "prCreation": "immediate"
-  }
-}

requirements-dev.txt

@@ -0,0 +1,30 @@
+astroid==3.2.2
+black==24.4.2
+cfgv==3.4.0
+click==8.1.7
+colorama==0.4.6 ; sys_platform == "win32" or platform_system == "Windows"
+coverage==7.5.4
+dill==0.3.8
+distlib==0.3.8
+filelock==3.15.4
+identify==2.5.36
+iniconfig==2.0.0
+isort==5.13.2
+lazy-object-proxy==1.10.0
+mccabe==0.7.0
+mypy-extensions==1.0.0
+nodeenv==1.9.1
+packaging==24.1
+pathspec==0.12.1
+platformdirs==4.2.2
+pluggy==1.5.0
+pre-commit==3.7.1
+pylint-exit==1.2.0
+pylint==3.2.5
+pylint-exit==1.2.0
+pytest==8.2.2
+PyYAML==6.0.1
+setuptools==70.2.0
+tomlkit==0.12.5
+virtualenv==20.26.3
+wrapt==1.16.0

requirements.txt

@@ -0,0 +1,17 @@
+backoff==2.2.1
+certifi==2024.7.4
+charset-normalizer==3.3.2
+coloredlogs==15.0.1
+future==1.0.0
+humanfriendly==10.0
+idna==3.7
+pillow==10.4.0
+PyJWT==2.4.0
+requests==2.32.3
+requests-toolbelt==1.0.0
+sentry-sdk==2.7.1
+tomlkit==0.12.5
+urllib3==2.2.2
+webex-bot==0.5.1
+webexteamssdk==1.6.1
+websockets==11.0.3

sonar-project.properties

@@ -1,8 +1,8 @@
 sonar.organization=luketainton
-sonar.projectKey=luketainton_webexmemebot2
+sonar.projectKey=luketainton_webexmemebot
 sonar.projectName=webexmemebot
 sonar.projectVersion=0.1.0
-sonar.python.version=3.13
+sonar.python.version=3.11
 sonar.python.coverage.reportPaths=coverage.xml
 sonar.python.pylint.reportPaths=lintreport.txt
 sonar.python.xunit.reportPath=testresults.xml

tests/test_config.py

@@ -2,9 +2,12 @@
 
 import os
 
+
 vars: dict = {
     "APP_VERSION": "dev",
     "WEBEX_API_KEY": "testing",
+    "SENTRY_ENABLED": "false",
+    "SENTRY_DSN": "http://localhost"
 }
 
 
@@ -12,9 +15,10 @@ for var, value in vars.items():
     os.environ[var] = value
 
 # needs to be imported AFTER environment variables are set
-from app.config import config  # pragma: no cover  # noqa: E402
+from app.config import config  # pragma: no cover
 
 
 def test_config() -> None:
     assert config.webex_token == vars["WEBEX_API_KEY"]
     assert config.version == vars["APP_VERSION"]
+    assert config.sentry_enabled == bool(vars["SENTRY_ENABLED"].lower() == "true")

tests/test_meme.py

@@ -30,7 +30,7 @@ def test_error_false() -> None:
     callback.text_bottom = "TEST"
     result: Response = callback.execute(None, None, {"target": {"globalId": "TEST"}})
     assert (
-        isinstance(result, Response)
-        and result.roomId == "TEST"
+        isinstance(result, Response) \
+        and result.roomId == "TEST" \
         and result.files[0] == callback.meme_filename
     )