darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-13 16:52:23 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #95 from GSA/fix-pip-audit

Browse Source 
Only run pip-audit on runtime dependencies in CI
This commit is contained in:
Ryan Ahearn
2022-10-19 10:42:35 -04:00
committed by GitHub
parent 59732ce137 cd7da37fa9
commit f286bbdcce
3 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/checks.yml vendored
View File

@@ -73,7 +73,7 @@ jobs:
- uses: ./.github/actions/setup-project - uses: ./.github/actions/setup-project
- uses: trailofbits/gh-action-pip-audit@v1.0.0 - uses: trailofbits/gh-action-pip-audit@v1.0.0
with: with:
inputs: requirements.txt requirements_for_test.txt inputs: requirements.txt
ignore-vulns: PYSEC-2022-237 ignore-vulns: PYSEC-2022-237
static-scan: static-scan:

2
.github/workflows/daily_checks.yml vendored
View File

@@ -40,7 +40,7 @@ jobs:
- uses: ./.github/actions/setup-project - uses: ./.github/actions/setup-project
- uses: trailofbits/gh-action-pip-audit@v1.0.0 - uses: trailofbits/gh-action-pip-audit@v1.0.0
with: with:
inputs: requirements.txt requirements_for_test.txt inputs: requirements.txt
ignore-vulns: PYSEC-2022-237 ignore-vulns: PYSEC-2022-237
static-scan: static-scan:

3
Makefile
View File

@@ -75,7 +75,8 @@ freeze-requirements: ## Pin all requirements including sub dependencies into req
.PHONY: audit .PHONY: audit
audit: audit:
pip install --upgrade pip-audit pip install --upgrade pip-audit
pip-audit -r requirements.txt -r requirements_for_test.txt -l --ignore-vuln PYSEC-2022-237 pip-audit -r requirements.txt -l --ignore-vuln PYSEC-2022-237
-pip-audit -r requirements_for_test.txt -l
.PHONY: static-scan .PHONY: static-scan
static-scan: static-scan: