Skip to content
Dependency scan

Bump senzing-abstract from 0.1.4 to 0.1.8 #91

Sign in to view logs

Bump senzing-abstract from 0.1.4 to 0.1.8

Bump senzing-abstract from 0.1.4 to 0.1.8 #91

Workflow file for this run

.github/workflows/dependency-scan.yaml at 60531b2
name: Dependency scan
on:
pull_request:
branches: [main]
permissions:
contents: read
jobs:
fpvs:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
python-version: ["3.11"]
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m venv ./venv
source ./venv/bin/activate
echo "PATH=${PATH}" >> "${GITHUB_ENV}"
python -m pip install --upgrade pip
python -m pip install --requirement requirements.txt
python -m pip install wheel
python -m pip wheel -r requirements.txt --wheel-dir=vendor
- name: Run fpvs scan
run: |
source ./venv/bin/activate
python -m pip install fpvs
git clone https://gitlab.com/gitlab-org/security-products/gemnasium-db.git
fpvs-scan --verbose
pip-audit:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
python-version: ["3.11"]
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m venv ./venv
source ./venv/bin/activate
echo "PATH=${PATH}" >> "${GITHUB_ENV}"
python -m pip install --upgrade pip
python -m pip install --requirement requirements.txt
- name: Run pip-audit
uses: pypa/gh-action-pip-audit@v1.1.0
with:
inputs: requirements.txt