Skip to content

fix: requirements.txt to reduce vulnerabilities #621

fix: requirements.txt to reduce vulnerabilities

fix: requirements.txt to reduce vulnerabilities #621

name: CI
on: [push]
jobs:
pytest:
name: pytest for py${{ matrix.python-version }} on ${{ matrix.os }}
runs-on: ${{ matrix.os }}
strategy:
matrix:
python-version: [3.9, '3.10', '3.11', '3.12']
os: ['ubuntu-latest', 'macos-latest', 'windows-latest']
steps:
- uses: actions/checkout@main
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@main
with:
python-version: ${{ matrix.python-version }}
- name: Setup Ubuntu environment
if: startsWith(matrix.os, 'ubuntu')
run: sudo apt-get install -y python3-gmsh libglu1
- name: Setup MacOS environment
if: startsWith(matrix.os, 'macos')
run: brew install gmsh
- name: Install test dependencies
run: |
python -m pip install --upgrade pip
pip install setuptools wheel
pip install flake8 pytest==6.2.5 pytest-cov coveralls
- name: Install package requirements
run: pip install -r requirements.txt
- name: Install package
run: pip install -e .
- name: Lint with flake8
run: |
# stop the build if there are Python syntax errors or undefined names
flake8 src tests setup.py --exclude=__init__.py --count --select=E9,F63,F7,F82 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
flake8 src tests setup.py --exclude=__init__.py --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- name: Test with pytest
run: pytest --cov=src tests/
- name: Coveralls
env:
COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }}
COVERALLS_FLAG_NAME: py${{ matrix.python-version }} on ${{ matrix.os }}
run: coveralls
package-checks:
name: package checks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@main
- name: Set up Python
uses: actions/setup-python@main
with:
python-version: '3.x'
- name: Cache pip
uses: actions/cache@main
with:
# This path is specific to Ubuntu
path: ~/.cache/pip
# Look to see if there is a cache hit for the corresponding requirements file
key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-
${{ runner.os }}-
- name: Install check dependencies
run: |
python -m pip install --upgrade pip
pip install setuptools wheel check-manifest isort twine
- name: Check package import order
run: |
isort --verbose --check-only --diff src tests setup.py
- name: Check package contents
run: |
python setup.py sdist check --strict --metadata
check-manifest
twine check dist/*