Bump bandit from 1.7.9 to 1.7.10 #41
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Linting | |
# yamllint disable-line rule:truthy | |
on: [pull_request] | |
jobs: | |
precommit: | |
name: ${{ matrix.name }} | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
- id: bandit | |
name: Check with bandit | |
- id: black | |
name: Check code style | |
- id: check-ast | |
name: Check Python AST | |
- id: check-case-conflict | |
name: Check for case conflicts | |
- id: check-docstring-first | |
name: Check docstring is first | |
- id: check-executables-have-shebangs | |
name: Check that executables have shebangs | |
- id: check-json | |
name: Check JSON files | |
- id: check-merge-conflict | |
name: Check for merge conflicts | |
- id: check-symlinks | |
name: Check for broken symlinks | |
- id: check-toml | |
name: Check TOML files | |
- id: check-yaml | |
name: Check YAML files | |
- id: codespell | |
name: Check code for common misspellings | |
- id: debug-statements | |
name: Debug Statements and imports (Python) | |
- id: detect-private-key | |
name: Detect Private Keys | |
- id: end-of-file-fixer | |
name: Check End of Files | |
- id: fix-byte-order-marker | |
name: Check UTF-8 byte order marker | |
# - id: flake8 | |
# name: Enforcing style guide with flake8 | |
- id: isort | |
name: Check imports are sorted | |
- id: poetry | |
name: Check pyproject file | |
- id: pylint | |
name: Check with pylint | |
- id: pyupgrade | |
name: Check for upgradable syntax | |
- id: trailing-whitespace | |
name: Trim Trailing Whitespace | |
- id: vulture | |
name: Check for unused Python code | |
- id: yamllint | |
name: Check YAML style | |
steps: | |
- name: Check out code from GitHub | |
uses: actions/checkout@v4 | |
- name: Set up Python 3.9 | |
id: python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: 3.9 | |
- name: Get pip cache dir | |
id: pip-cache | |
run: | | |
echo "::set-output name=dir::$(pip cache dir)" | |
- name: Restore cached Python PIP packages | |
uses: actions/cache@v4 | |
with: | |
path: ${{ steps.pip-cache.outputs.dir }} | |
key: pip-${{ runner.os }}-v1-${{ steps.python.outputs.python-version }}-${{ hashFiles('.github/workflows/requirements.txt') }} | |
restore-keys: | | |
pip-${{ runner.os }}-v1-${{ steps.python.outputs.python-version }}- | |
- name: 🏗 Install workflow dependencies | |
run: | | |
pip install -r .github/workflows/requirements.txt | |
poetry config virtualenvs.create true | |
poetry config virtualenvs.in-project true | |
- name: Restore cached Python virtual environment | |
id: cached-poetry-dependencies | |
uses: actions/cache@v4 | |
with: | |
path: .venv | |
key: >- | |
venv-${{ runner.os }}-v1-${{ steps.python.outputs.python-version }}-${{ hashFiles('poetry.lock') }} | |
venv-${{ runner.os }}-v1-${{ steps.python.outputs.python-version }}- | |
- name: Install Python dependencies | |
run: poetry install --no-interaction | |
- name: Run pre-commit for ${{ matrix.id }} | |
run: poetry run pre-commit run ${{ matrix.id }} --all-files |