stacklet · jtroup · Sep 23, 2025 · Sep 20, 2025
@@ -1 +1,3 @@
+*.py text diff=python
+uv.lock linguist-generated=true
 justfile linguist-language=Makefile
@@ -34,21 +34,19 @@ jobs:
       - uses: extractions/setup-just@v1
         with:
           just-version: ${{ env.JUST_TOOL_VERSION }}
-      - name: Install and configure Poetry
-        uses: snok/install-poetry@v1
+      - name: Install uv
+        uses: astral-sh/setup-uv@v6
         with:
-          version: ${{ env.POETRY_TOOL_VERSION }}
-          virtualenvs-in-project: true
+          version: ${{ env.UV_TOOL_VERSION }}
+          activate-environment: true
+          enable-cache: true
 
-      - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v5
-        with:
-          python-version: ${{ matrix.python-version }}
-          cache: poetry
+      - name: Install Python
+        run: uv python install ${{ matrix.python-version }}
 
       - name: Install dependencies
         shell: bash
-        run: poetry install
+        run: uv sync
 
       - name: Pytest run
         run: just test -v
@@ -12,20 +12,18 @@ jobs:
       - uses: extractions/setup-just@v1
         with:
           just-version: ${{ env.JUST_TOOL_VERSION }}
-      - name: Install and configure Poetry
-        uses: snok/install-poetry@v1
+      - name: Install uv
+        uses: astral-sh/setup-uv@v6
         with:
-          version: ${{ env.POETRY_TOOL_VERSION }}
-          virtualenvs-in-project: true
+          version: ${{ env.UV_TOOL_VERSION }}
+          activate-environment: true
+          enable-cache: true
 
-      - name: Set up Python ${{ env.PYTHON_TOOL_VERSION }}
-        uses: actions/setup-python@v5
-        with:
-          python-version: ${{ env.PYTHON_TOOL_VERSION }}
-          cache: poetry
+      - name: Install Python
+        run: uv python install ${{ env.PYTHON_TOOL_VERSION }}
 
       - name: Build a binary wheel and a source tarball
-        run: poetry build
+        run: uv build
 
       - name: Store the distribution packages
         uses: actions/upload-artifact@v4

@@ -1,7 +1,7 @@
 repos:
   - repo: https://github.com/astral-sh/ruff-pre-commit
     # Ruff version.
-    rev: v0.6.3
+    rev: v0.13.1
     hooks:
       # Run the linter.
       - id: ruff
@@ -16,3 +16,11 @@ repos:
       - id: end-of-file-fixer
         exclude: ^tests/.*/fixtures/.*
       - id: debug-statements
+
+  # A hack to get dependabot to find security vulnerabilities in our dependencies
+  - repo: https://github.com/astral-sh/uv-pre-commit
+    rev: 0.8.19
+    hooks:
+      - id: uv-export
+        files: ^(uv\.lock|pyproject\.toml|uv\.toml)$
+        args: ["--frozen", "--no-emit-project", "--no-hashes", "--output-file=requirements.txt", "--quiet"]
@@ -1,3 +1,3 @@
 just 1.40.0
-poetry 2.1.3
 python 3.12.10
+uv 0.8.14
@@ -2,29 +2,28 @@ default:
 	@just --list
 
 install:
-	poetry install
-	poetry run pre-commit install
+	uv sync
+	uv run pre-commit install
 
 lint:
-  poetry run ruff check
-  poetry run ruff format --check
-  poetry run deptry .
+  uv run ruff check
+  uv run ruff format --check
+  uv run deptry .
 
 format:
-  poetry run ruff format
-  poetry run ruff check --fix
+  uv run ruff format
+  uv run ruff check --fix
 
 test *flags:
-	poetry run pytest --cov=stacklet tests {{ flags }}
+	uv run pytest --cov=stacklet tests {{ flags }}
 
 compile: install
-	poetry run python -m nuitka stacklet/client/platform/cli.py -o stacklet-admin --standalone --onefile --assume-yes-for-downloads --include-package-data=* --remove-output --static-libpython=no
+	uv run python -m nuitka stacklet/client/platform/cli.py -o stacklet-admin --standalone --onefile --assume-yes-for-downloads --include-package-data=* --remove-output --static-libpython=no
 	chmod +x stacklet-admin
 	export PATH=$PWD/:$PATH
 
 pkg-prep bump="--bump-patch":
-	poetry run python scripts/upgrade.py upgrade {{bump}}
-	poetry update
-	poetry lock
-	git add justfile pyproject.toml poetry.lock
+	uv run python scripts/upgrade.py upgrade {{bump}}
+	uv lock --upgrade
+	git add justfile pyproject.toml uv.lock
 	git status
@@ -1,44 +1,57 @@
 [build-system]
-requires = [ "poetry-core>=1.0.0",]
-build-backend = "poetry.core.masonry.api"
+requires = ["hatchling"]
+build-backend = "hatchling.build"
 
-[tool.poetry]
+[project]
 name = "stacklet.client.platform"
 version = "0.1.6"
 description = "Stacklet Platform Client"
+authors = [{ name = "Sonny Shi", email = "[email protected]" }]
+requires-python = ">=3.9,<=3.13"
 readme = "README.md"
-authors = ["Sonny Shi <[email protected]>"]
-maintainers = ["Stacklet <[email protected]>"]
 license = "Apache-2.0"
-include = [ "stacklet/client/platform/vendored/auth_landing_pages/ok.html", "stacklet/client/platform/vendored/auth_landing_pages/fail.html",]
-[[tool.poetry.packages]]
-include = "stacklet"
+maintainers = [{ name = "Stacklet", email = "[email protected]" }]
+dependencies = [
+    "click>=8.0.1,<9",
+    "requests>=2.32.4,<3",
+    "jsonschema>=4.9.0,<5",
+    "PyYAML~=6.0",
+    "PyJWT>=2.4.0,<3",
+    "boto3>=1.39.16,<2",
+    "charset_normalizer>=3.4.2,<4",
+    "jmespath>=1.0.1,<2",
+]
 
-[tool.poetry.scripts]
+[project.scripts]
 stacklet-admin = "stacklet.client.platform.cli:cli"
 
-[tool.poetry.dependencies]
-python = "^3.9"
-click = "^8.0.1"
-requests = "^2.32.4"
-jsonschema = "^4.9.0"
-PyYAML = "^6.0"
-PyJWT = "^2.4.0"
-boto3 = "^1.39.16"
-charset_normalizer = "^3.4.2"
-jmespath = "^1.0.1"
-
-[tool.poetry.group.dev.dependencies]
-ruff = "^0.12.7"
-moto = { version = "^5.1.9", extras = ["cognitoidp"] }
-pytest = "^8.4"
-pytest-cov = "^6.2.1"
-requests-mock = "^1.8.0"
-pre-commit = "^2.12.0"
-Nuitka = "^2.7.12"
-semver = "^2.13.0"
-toml = "^0.10.2"
-deptry = "^0.23.1"
+[dependency-groups]
+dev = [
+    "ruff>=0.12.7,<0.13",
+    "moto[cognitoidp]>=5.1.9,<6",
+    "pytest~=8.4",
+    "pytest-cov>=6.2.1,<7",
+    "requests-mock>=1.8.0,<2",
+    "pre-commit>=2.12.0,<3",
+    "Nuitka>=2.7.12,<3",
+    "semver>=2.13.0,<3",
+    "toml>=0.10.2,<0.11",
+    "deptry>=0.23.1,<0.24",
+]
+
+[tool.hatch.build.targets.sdist]
+include = [
+    "stacklet",
+    "stacklet/client/platform/vendored/auth_landing_pages/ok.html",
+    "stacklet/client/platform/vendored/auth_landing_pages/fail.html",
+]
+
+[tool.hatch.build.targets.wheel]
+include = [
+    "stacklet",
+    "stacklet/client/platform/vendored/auth_landing_pages/ok.html",
+    "stacklet/client/platform/vendored/auth_landing_pages/fail.html",
+]
 
 [tool.ruff]
 line-length = 100

@@ -0,0 +1,159 @@
+# This file was autogenerated by uv via the following command:
+#    uv export --frozen --no-emit-project --no-hashes --output-file=requirements.txt
+attrs==24.2.0
+    # via
+    #   jsonschema
+    #   referencing
+boto3==1.39.16
+    # via
+    #   moto
+    #   stacklet-client-platform
+botocore==1.39.16
+    # via
+    #   boto3
+    #   moto
+    #   s3transfer
+certifi==2024.8.30
+    # via requests
+cffi==1.17.1
+    # via
+    #   cryptography
+    #   zstandard
+cfgv==3.4.0
+    # via pre-commit
+charset-normalizer==3.4.2
+    # via
+    #   requests
+    #   stacklet-client-platform
+click==8.1.7
+    # via
+    #   deptry
+    #   stacklet-client-platform
+colorama==0.4.6 ; sys_platform == 'win32'
+    # via
+    #   click
+    #   deptry
+    #   pytest
+coverage==7.6.1
+    # via pytest-cov
+cryptography==45.0.5
+    # via
+    #   joserfc
+    #   moto
+deptry==0.23.1
+distlib==0.3.8
+    # via virtualenv
+exceptiongroup==1.3.0 ; python_full_version < '3.11'
+    # via pytest
+filelock==3.15.4
+    # via virtualenv
+identify==2.6.0
+    # via pre-commit
+idna==3.8
+    # via requests
+iniconfig==2.0.0
+    # via pytest
+jinja2==3.1.6
+    # via moto
+jmespath==1.0.1
+    # via
+    #   boto3
+    #   botocore
+    #   stacklet-client-platform
+joserfc==1.2.2
+    # via moto
+jsonschema==4.23.0
+    # via stacklet-client-platform
+jsonschema-specifications==2023.12.1
+    # via jsonschema
+markupsafe==2.1.5
+    # via
+    #   jinja2
+    #   werkzeug
+moto==5.1.9
+nodeenv==1.9.1
+    # via pre-commit
+nuitka==2.7.12
+ordered-set==4.1.0
+    # via nuitka
+packaging==24.1
+    # via
+    #   deptry
+    #   pytest
+    #   requirements-parser
+platformdirs==4.2.2
+    # via virtualenv
+pluggy==1.5.0
+    # via
+    #   pytest
+    #   pytest-cov
+pre-commit==2.21.0
+pycparser==2.22
+    # via cffi
+pygments==2.19.2
+    # via pytest
+pyjwt==2.9.0
+    # via stacklet-client-platform
+pytest==8.4.1
+    # via pytest-cov
+pytest-cov==6.2.1
+python-dateutil==2.9.0.post0
+    # via
+    #   botocore
+    #   moto
+pyyaml==6.0.2
+    # via
+    #   pre-commit
+    #   responses
+    #   stacklet-client-platform
+referencing==0.35.1
+    # via
+    #   jsonschema
+    #   jsonschema-specifications
+requests==2.32.4
+    # via
+    #   moto
+    #   requests-mock
+    #   responses
+    #   stacklet-client-platform
+requests-mock==1.12.1
+requirements-parser==0.13.0
+    # via deptry
+responses==0.25.3
+    # via moto
+rpds-py==0.20.0
+    # via
+    #   jsonschema
+    #   referencing
+ruff==0.12.7
+s3transfer==0.13.1
+    # via boto3
+semver==2.13.0
+six==1.16.0
+    # via python-dateutil
+toml==0.10.2
+tomli==2.2.1 ; python_full_version <= '3.11'
+    # via
+    #   coverage
+    #   deptry
+    #   pytest
+typing-extensions==4.15.0 ; python_full_version < '3.11'
+    # via exceptiongroup
+urllib3==1.26.20 ; python_full_version < '3.10'
+    # via
+    #   botocore
+    #   requests
+    #   responses
+urllib3==2.5.0 ; python_full_version >= '3.10'
+    # via
+    #   botocore
+    #   requests
+    #   responses
+virtualenv==20.32.0
+    # via pre-commit
+werkzeug==3.1.3
+    # via moto
+xmltodict==0.13.0
+    # via moto
+zstandard==0.15.2
+    # via nuitka
@@ -29,7 +29,7 @@ def upgrade(bump_patch, bump_minor, bump_major):
     with open("pyproject.toml") as f:
         pyproject = toml.load(f)
 
-    current = pyproject["tool"]["poetry"]["version"]
+    current = pyproject["project"]["version"]
     current_parsed = semver.VersionInfo.parse(current)
 
     major = current_parsed.major
@@ -45,7 +45,7 @@ def upgrade(bump_patch, bump_minor, bump_major):
 
     upgraded = ".".join([str(x) for x in (major, minor, patch)])
     click.echo(f"stacklet-admin: {current_parsed} -> {upgraded}")
-    pyproject["tool"]["poetry"]["version"] = upgraded
+    pyproject["project"]["version"] = upgraded
 
     with open("pyproject.toml", "w+") as f:
         toml.dump(pyproject, f)