From 4d1af96ca8701aa31a68b291ae398234372e159b Mon Sep 17 00:00:00 2001
From: Lorenz Herzberger <lorenzherzberger@gmail.com>
Date: Wed, 15 Feb 2023 14:48:30 +0100
Subject: [PATCH] updated CI audit step to use poetry

Signed-off-by: Lorenz Herzberger <lorenzherzberger@gmail.com>
---
 .github/workflows/audit.yml | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index 9f557e9..b09f49c 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -22,13 +22,16 @@ jobs:
           python-version: 3.9
 
       - name: Install pip-audit
-        run: pip install --upgrade pip pip-audit
+        run: pip install --upgrade pip
+
+      - name: Setup poetry
+        uses: Gr1N/setup-poetry@v7
 
       - name: Install dependencies
-        run: pip install .
+        run: poetry install
 
       - name: Create requirements.txt
-        run: pip freeze > requirements.txt
+        run: poetry run pip freeze > requirements.txt
 
       - name: Audit dependencies
-        run: pip-audit --ignore-vuln PYSEC-2022-42969 --ignore-vuln PYSEC-2022-203 --ignore-vuln GHSA-r9hx-vwmv-q579
+        run: poetry run pip-audit --ignore-vuln PYSEC-2022-42969 --ignore-vuln PYSEC-2022-203 --ignore-vuln GHSA-r9hx-vwmv-q579