tests

docs: changelog #863

	name: tests

	on:
	push:
	branches-ignore:
	- 'wip-*'
	paths-ignore:
	- 'docs/**'
	- 'README.md'
	pull_request:
	branches-ignore:
	- 'wip-*'
	paths-ignore:
	- 'docs/**'

	env:
	FORCE_COLOR: '1'

	jobs:
	build:

	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	max-parallel: 3
	matrix:
	python:
	- version: "3.10"
	- version: "3.11"
	- version: "3.12"
	- version: "3.13"
	- version: "3.14"
	- version: "pypy@3.11"

	steps:
	- uses: actions/checkout@v6
	with:
	fetch-depth: 0

	- name: Install uv
	uses: astral-sh/setup-uv@v7
	with:
	enable-cache: true
	cache-dependency-glob: \|
	**/uv.lock

	- name: Set up Python ${{ matrix.python.version }}
	run: \|
	uv python install ${{ matrix.python.version }}
	uv python pin ${{ matrix.python.version }}

	- name: Install dependencies
	run: \|
	uv sync

	- name: Test with tox
	env:
	TOXENV: py,jose,clients,flask,django
	run: \|
	uvx --with tox-uv tox -p auto

	- name: Report coverage
	run: \|
	uv run coverage combine
	uv run coverage report
	uv run coverage xml

	- name: Check diff coverage for modified files
	if: github.event_name == 'pull_request'
	run: \|
	uv run diff-cover coverage.xml --compare-branch=origin/${{ github.base_ref }} --fail-under=100 --format github-annotations:warning

	- name: Upload coverage to Codecov
	uses: codecov/codecov-action@v5
	with:
	token: ${{ secrets.CODECOV_TOKEN }}
	files: ./coverage.xml
	flags: unittests
	name: GitHub

	- name: SonarCloud Scan
	uses: SonarSource/sonarqube-scan-action@v6
	continue-on-error: true
	env:
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

	- name: Minimize cache
	run: \|
	uv cache prune --ci

Provide feedback