Skip to content

upgrade pip to fix CVE #530

upgrade pip to fix CVE

upgrade pip to fix CVE #530

Workflow file for this run

# .github/workflows/test.yml
name: continuous-integration
on:
workflow_dispatch:
push:
branches:
- master
pull_request:
permissions:
contents: read
jobs:
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1
with:
python-version: '3.8' # needed for 'pyupgrade'
- uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507 # v3.0.0
ci:
needs: pre-commit
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Setup Python
uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1
with:
python-version: '3.7'
- name: Install dependencies
run: |
pip install --upgrade pip
pip install -r requirements.txt
pip install -r requirements-dev.txt
- run: invoke build.install-package
- run: invoke test.type-check
- run: invoke integration.clean
- run: invoke integration.version
- run: invoke integration.initialize
- run: invoke unit.pytest
- run: invoke test.security
- run: invoke integration.query
- run: invoke integration.write-policy
- run: invoke build.uninstall-package
python-version:
needs: pre-commit
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
timeout-minutes: 15
strategy:
fail-fast: true
matrix:
python: ['3.8', '3.9', '3.10', '3.11', '3.12']
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1
with:
python-version: ${{ matrix.python }}
allow-prereleases: true
- name: Install dependencies
run: |
pip install -r requirements.txt
pip install -r requirements-dev.txt
- run: invoke build.install-package
- run: invoke integration.clean
- run: invoke integration.version
- run: invoke integration.initialize
- run: invoke unit.pytest
- run: invoke integration.query
- run: invoke integration.write-policy
- run: invoke build.uninstall-package