feat: Update entire template setup

 * Update python version
 * Use `poetry` as package manager
 * Use ruff as linter and formatter
 * Add more pre-commit hooks
 * Add semantic-release action
 * Add makefile

 BREAKING CHANGE: Re-write entire template repository.

Author: JimFawkes

.github/dependabot.yml

@@ -0,0 +1,14 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+version: 2
+updates:
+  - package-ecosystem: "pip" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "docker" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"

.github/pull_request_template.md

@@ -5,4 +5,3 @@ _<Problem this PR solves>_
 # Validate
 
 _<How can the changes be validated?>_
-

.github/stale.yml

@@ -0,0 +1,14 @@
+name: pre-commit
+on:
+  pull_request:
+  push:
+    branches: [main]
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: 3.12
+      - uses: pre-commit/[email protected]

.github/workflows/black.yml

@@ -0,0 +1,21 @@
+name: pytest
+on: [push]
+jobs:
+  build:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+        python-version: ["3.12"]
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Run image
+        uses: abatilo/actions-poetry@v2
+      - name: Install dependencies
+        run: poetry install --with=dev
+      - name: Run tests
+        run: poetry run pytest

.github/workflows/ci.yml

@@ -0,0 +1,15 @@
+name: release
+on:
+  workflow_run:
+    workflows: [pre-commit, pytest]
+    types: [completed]
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Semantic Release
+        uses: cycjimmy/semantic-release-action@v4
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,22 @@
+name: "Stale"
+on:
+  schedule:
+    - cron: "30 1 * * 0"
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v9
+        with:
+          stale-issue-message: >
+            "This issue has been automatically marked as stale because it has not had recent activity.  It will be closed if no further activity occurs."
+
+          stale-pr-message: "This PR is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 21 days."
+          close-issue-message: "This issue was closed because it has been stalled for 14 days with no activity."
+          close-pr-message: "This PR was closed because it has been stalled for 21 days with no activity."
+          days-before-issue-stale: 60
+          days-before-pr-stale: 45
+          days-before-issue-close: 14
+          days-before-pr-close: 21
+          exempt-issue-labels: pinned, security
+          exempt-pr-labels: pinned, security

.github/workflows/pre-commit.yaml

@@ -1,7 +1,67 @@
 repos:
-  - repo: https://github.com/psf/black
-    rev: stable
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: "v4.6.0"
     hooks:
-      - id: black
-        language_version: python3.8
-
+      - id: check-yaml
+      - id: check-added-large-files
+      - id: check-case-conflict
+      - id: check-docstring-first
+      - id: check-executables-have-shebangs
+      - id: check-json
+      - id: check-merge-conflict
+      - id: check-toml
+      - id: check-yaml
+      - id: debug-statements
+      - id: detect-private-key
+      - id: double-quote-string-fixer
+      - id: end-of-file-fixer
+      - id: forbid-submodules
+      - id: name-tests-test
+        args: [--pytest-test-first]
+      - id: pretty-format-json
+      - id: trailing-whitespace
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    rev: "v0.4.2"
+    hooks:
+      - id: ruff
+        args: [--fix]
+      - id: ruff-format
+  - repo: https://github.com/pre-commit/mirrors-mypy
+    rev: "v1.10.0"
+    hooks:
+      - id: mypy
+  - repo: https://github.com/detailyang/pre-commit-shell
+    rev: "v1.0.6"
+    hooks:
+      - id: shell-lint
+        args: [--format=json]
+  - repo: https://github.com/compilerla/conventional-pre-commit
+    rev: "v3.2.0"
+    hooks:
+      - id: conventional-pre-commit
+        stages: [commit-msg]
+  - repo: https://github.com/mrtazz/checkmake.git
+    rev: "0.2.2"
+    hooks:
+      - id: checkmake
+  - repo: https://github.com/gitleaks/gitleaks
+    rev: "v8.18.2"
+    hooks:
+      - id: gitleaks
+  - repo: https://github.com/google/yamlfmt
+    rev: "v0.11.0"
+    hooks:
+      - id: yamlfmt
+  - repo: https://github.com/rhysd/actionlint
+    rev: "v1.6.27"
+    hooks:
+      - id: actionlint
+  - repo: https://github.com/python-poetry/poetry
+    rev: "1.8.2"
+    hooks:
+      - id: poetry-check
+      - id: poetry-lock
+  - repo: https://github.com/adrienverge/yamllint.git
+    rev: v1.35.1
+    hooks:
+      - id: yamllint

.github/workflows/pytest.yaml

@@ -0,0 +1,12 @@
+{
+  "branches": [
+    "main"
+  ],
+  "plugins": [
+    "@semantic-release/commit-analyzer",
+    "@semantic-release/release-notes-generator",
+    "@semantic-release/github",
+    "@semantic-release/git",
+    "@semantic-release/changelog"
+  ]
+}

.github/workflows/release.yaml

@@ -0,0 +1,8 @@
+extends: default
+rules:
+  line-length:
+    max: 180
+  document-end:
+    present: false
+  document-start:
+    present: false

.github/workflows/stale.yaml

@@ -672,4 +672,3 @@ may consider it more useful to permit linking proprietary applications with
 the library.  If this is what you want to do, use the GNU Lesser General
 Public License instead of this License.  But first, please read
 <https://www.gnu.org/licenses/why-not-lgpl.html>.
-

.pre-commit-config.yaml

@@ -0,0 +1,12 @@
+.PHONY: all clean test
+
+.PHONY: install
+install:
+	echo "Installing dependencies"
+	brew install shellcheck checkmake gitleaks yamllint
+	go install github.com/rhysd/actionlint/cmd/actionlint@latest
+	go install github.com/google/yamlfmt/cmd/yamlfmt@latest
+
+.PHONY: lint
+lint:
+	pre-commit run --all-files

.releaserc.json

@@ -1,15 +1,17 @@
-***THIS IS A TEMPLATE***
+# Python Template
 
-# <PROJECTNAME>
-<DESCRIPTION>
+This template comes with:
 
+- pre-commit hook configuration
+- a base pyproject.toml
+- dependabot configuration
+- a set of github actions
+  - pre-commit
+  - pytest
+  - semantic-release
+  - stale
 
-[![test-action](https://github.com/JimFawkes/<PROJECTNAME>/workflows/run_tests/badge.svg)](https://github.com/JimFawkes/<PROJECTNAME>/actions)
-[![codecov](https://codecov.io/gh/JimFawkes/<PROJECTNAME>/branch/master/graph/badge.svg)](https://codecov.io/gh/JimFawkes/<PROJECTNAME>)
-![python](https://img.shields.io/badge/python-3.8-blue)
-[![black](https://github.com/JimFawkes/<PROJECTNAME>/workflows/Lint/badge.svg)](https://github.com/JimFawkes/<PROJECTNAME>/actions)
-[![License: GPL v3](https://img.shields.io/badge/License-GPLv3-blue.svg)](COPYING)
-[![Latest Tag](https://img.shields.io/github/v/tag/jimfawkes/<PROJECTNAME>)](https://github.com/JimFawkes/<PROJECTNAME>/releases)
-[![CodeFactor](https://www.codefactor.io/repository/github/jimfawkes/<PROJECTNAME>/badge)](https://www.codefactor.io/repository/github/jimfawkes/<PROJECTNAME>)
-[![CodeQL](https://github.com/JimFawkes/<PROJECTNAME>/workflows/CodeQL/badge.svg)](https://github.com/JimFawkes/<PROJECTNAME>/actions)
+In order for semantic release to work properly, two steps are necessary:
 
+1. All commits need to honor [conventional-commits](https://www.conventionalcommits.org/en/v1.0.0/)
+2. The GitHub Actions need read & write permissions (Settings > Actions > Permissions)