Rework lint-and-security workflow to add Poetry and the export plugin to work with pip-audit
All checks were successful
Lint & Security / precommit-and-security (pull_request) Successful in 59s
All checks were successful
Lint & Security / precommit-and-security (pull_request) Successful in 59s
This commit is contained in:
@@ -22,11 +22,15 @@ jobs:
|
||||
- name: Run pre-commit hooks
|
||||
run: pre-commit run --all-files --color always
|
||||
|
||||
- name: Audit dependencies
|
||||
- name: Install Poetry
|
||||
run: |
|
||||
pip install poetry
|
||||
poetry self add poetry-plugin-export
|
||||
|
||||
- name: Install pip-audit
|
||||
run: pip install pip-audit
|
||||
|
||||
- name: Audit dependencies (Poetry lockfile)
|
||||
run: |
|
||||
pip install poetry pip-audit
|
||||
poetry export -f requirements.txt --without-hashes \
|
||||
| pip-audit -r /dev/stdin
|
||||
|
||||
- name: Run pip-audit
|
||||
run: pip-audit
|
||||
|
||||
Reference in New Issue
Block a user