-
Notifications
You must be signed in to change notification settings - Fork 0
58 lines (56 loc) · 1.61 KB
/
static_code_checks.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
name: code checks
on:
push:
branches:
- main
paths:
- .pre-commit-config.yaml
- .github/workflows/code_checks.yml
- '**.py'
- poetry.lock
- pyproject.toml
- '**.ipynb'
pull_request:
branches:
- main
paths:
- .pre-commit-config.yaml
- .github/workflows/code_checks.yml
- '**.py'
- poetry.lock
- pyproject.toml
- '**.ipynb'
jobs:
run-code-check:
runs-on: ubuntu-latest
steps:
- uses: actions/[email protected]
- name: Install and configure Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
- uses: actions/[email protected]
with:
python-version: '3.9'
cache: 'poetry'
- name: Install dependencies and check code
run: |
poetry env use '3.9'
source .venv/bin/activate
poetry install --with test --all-extras
pre-commit run --all-files
- name: pip-audit (gh-action-pip-audit)
uses: pypa/[email protected]
with:
virtual-environment: .venv/
# Ignoring security vulnerabilities in Pillow because pycyclops cannot update it to the
# version that fixes them (>10.0.1).
# Remove those when the issue below is fixed and pycyclops changes its requirements:
# https://github.com/SeldonIO/alibi/issues/991
ignore-vulns: |
PYSEC-2023-175
PYSEC-2023-227
GHSA-j7hp-h8jx-5ppr
GHSA-56pw-mpj4-fxww
GHSA-3f63-hfp8-52jq