Skip to content

Bump jinja2 from 3.1.2 to 3.1.5 in /research/gemini #2098

Bump jinja2 from 3.1.2 to 3.1.5 in /research/gemini

Bump jinja2 from 3.1.2 to 3.1.5 in /research/gemini #2098

# only has to pass for python 3.10
name: Static code checks
on:
push:
branches:
main
pull_request:
branches:
main
jobs:
run-code-check:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Python 3.10
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Install and configure Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
- name: Set up cache
uses: actions/cache@v4
id: cached-poetry-dependencies
with:
path: .venv
key: venv-${{ runner.os }}-${{ steps.full-python-version.outputs.version }}-${{ hashFiles('**/poetry.lock') }}
- name: Install dependencies
run: poetry install --with "dev, test, codestyle"
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
- name: Pre-commit Checks
run: |
source .venv/bin/activate
pre-commit run --all-files
- name: pip-audit (gh-action-pip-audit)
uses: pypa/[email protected]
with:
virtual-environment: .venv/
# Ignoring vulnerability in cryptography
# Fix is 43.0.1 but flwr 1.9 depends on < 43
ignore-vulns: |
GHSA-h4gh-qq45-vh27
GHSA-q34m-jh98-gwm2
GHSA-f9vj-2wh5-fj8j