mirror of
https://github.com/planetmint/planetmint.git
synced 2025-09-13 03:30:11 +00:00
65 lines
2.1 KiB
YAML
65 lines
2.1 KiB
YAML
# Copyright © 2020 Interplanetary Database Association e.V.,
|
|
# Planetmint and IPDB software contributors.
|
|
# SPDX-License-Identifier: (Apache-2.0 AND CC-BY-4.0)
|
|
# Code is Apache-2.0 and docs are CC-BY-4.0
|
|
|
|
name: Audit
|
|
on:
|
|
schedule:
|
|
- cron: '0 2 * * *'
|
|
|
|
jobs:
|
|
audit:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Setup python
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: 3.9
|
|
|
|
- name: Setup poetry
|
|
uses: Gr1N/setup-poetry@v8
|
|
|
|
- name: Install dependencies
|
|
run: poetry install
|
|
|
|
- name: Create requirements.txt
|
|
run: poetry run pip freeze > requirements.txt
|
|
|
|
- name: Audit dependencies
|
|
run: |
|
|
poetry run pip-audit \
|
|
--ignore-vuln PYSEC-2022-203 \
|
|
--ignore-vuln PYSEC-2023-58 \
|
|
--ignore-vuln PYSEC-2023-57 \
|
|
--ignore-vuln PYSEC-2023-62 \
|
|
--ignore-vuln GHSA-8495-4g3g-x7pr \
|
|
--ignore-vuln PYSEC-2023-135 \
|
|
--ignore-vuln PYSEC-2024-230 \
|
|
--ignore-vuln PYSEC-2024-225 \
|
|
--ignore-vuln GHSA-3ww4-gg4f-jr7f \
|
|
--ignore-vuln GHSA-9v9h-cgj8-h64p \
|
|
--ignore-vuln GHSA-h4gh-qq45-vh27 \
|
|
--ignore-vuln PYSEC-2024-71 \
|
|
--ignore-vuln GHSA-84pr-m4jr-85g5 \
|
|
--ignore-vuln GHSA-w3h3-4rj7-4ph4 \
|
|
--ignore-vuln PYSEC-2024-60 \
|
|
--ignore-vuln GHSA-h5c8-rqwp-cp95 \
|
|
--ignore-vuln GHSA-h75v-3vvj-5mfj \
|
|
--ignore-vuln GHSA-q2x7-8rv6-6q7h \
|
|
--ignore-vuln GHSA-gmj6-6f8f-6699 \
|
|
--ignore-vuln PYSEC-2023-117 \
|
|
--ignore-vuln GHSA-m87m-mmvp-v9qm \
|
|
--ignore-vuln GHSA-9wx4-h78v-vm56 \
|
|
--ignore-vuln PYSEC-2023-192 \
|
|
--ignore-vuln PYSEC-2023-212 \
|
|
--ignore-vuln GHSA-34jh-p97f-mpxf \
|
|
--ignore-vuln PYSEC-2023-221 \
|
|
--ignore-vuln GHSA-2g68-c3qc-8985 \
|
|
--ignore-vuln GHSA-f9vj-2wh5-fj8j \
|
|
--ignore-vuln GHSA-q34m-jh98-gwm2
|