Lorenz Herzberger 384b091d74
Migrate to poetry (#321)
* added pyproject.toml and poetry.lock

Signed-off-by: Lorenz Herzberger <lorenzherzberger@gmail.com>

* added scripts and classifiers to pyproject.toml

Signed-off-by: Lorenz Herzberger <lorenzherzberger@gmail.com>

* updated planetmint-transacitons, updated dockerfile to use poerty, updated changelog

Signed-off-by: Lorenz Herzberger <lorenzherzberger@gmail.com>

* updated CI and Makefile

Signed-off-by: Lorenz Herzberger <lorenzherzberger@gmail.com>

* updated CI audit step to use poetry

Signed-off-by: Lorenz Herzberger <lorenzherzberger@gmail.com>

* updated version number on pyproject.toml

Signed-off-by: Lorenz Herzberger <lorenzherzberger@gmail.com>

* updated version number

Signed-off-by: Lorenz Herzberger <lorenzherzberger@gmail.com>

---------

Signed-off-by: Lorenz Herzberger <lorenzherzberger@gmail.com>
2023-02-15 15:56:01 +01:00

38 lines
949 B
YAML

# Copyright © 2020 Interplanetary Database Association e.V.,
# Planetmint and IPDB software contributors.
# SPDX-License-Identifier: (Apache-2.0 AND CC-BY-4.0)
# Code is Apache-2.0 and docs are CC-BY-4.0
name: Audit
on:
schedule:
- cron: '0 2 * * *'
jobs:
audit:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup python
uses: actions/setup-python@v4
with:
python-version: 3.9
- name: Install pip-audit
run: pip install --upgrade pip
- name: Setup poetry
uses: Gr1N/setup-poetry@v7
- name: Install dependencies
run: poetry install
- name: Create requirements.txt
run: poetry run pip freeze > requirements.txt
- name: Audit dependencies
run: poetry run pip-audit --ignore-vuln PYSEC-2022-42969 --ignore-vuln PYSEC-2022-203 --ignore-vuln GHSA-r9hx-vwmv-q579