mirror of
https://github.com/planetmint/planetmint.git
synced 2025-11-24 14:35:45 +00:00
updated CI audit step to use poetry
Signed-off-by: Lorenz Herzberger <lorenzherzberger@gmail.com>
This commit is contained in:
Lorenz Herzberger
parent
4bfbcbc298
commit
4d1af96ca8
11
.github/workflows/audit.yml
vendored
11
.github/workflows/audit.yml
vendored
@ -22,13 +22,16 @@ jobs:
|
|||||||
python-version: 3.9
|
python-version: 3.9
|
||||||
|
|
||||||
- name: Install pip-audit
|
- name: Install pip-audit
|
||||||
run: pip install --upgrade pip pip-audit
|
run: pip install --upgrade pip
|
||||||
|
|
||||||
|
- name: Setup poetry
|
||||||
|
uses: Gr1N/setup-poetry@v7
|
||||||
|
|
||||||
- name: Install dependencies
|
- name: Install dependencies
|
||||||
run: pip install .
|
run: poetry install
|
||||||
|
|
||||||
- name: Create requirements.txt
|
- name: Create requirements.txt
|
||||||
run: pip freeze > requirements.txt
|
run: poetry run pip freeze > requirements.txt
|
||||||
|
|
||||||
- name: Audit dependencies
|
- name: Audit dependencies
|
||||||
run: pip-audit --ignore-vuln PYSEC-2022-42969 --ignore-vuln PYSEC-2022-203 --ignore-vuln GHSA-r9hx-vwmv-q579
|
run: poetry run pip-audit --ignore-vuln PYSEC-2022-42969 --ignore-vuln PYSEC-2022-203 --ignore-vuln GHSA-r9hx-vwmv-q579
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user