Update dependency requests to v2.32.2 [SECURITY] #196
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Test Python Package | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| jobs: | |
| build-and-test: | |
| name: Build and Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checkout the repository using GITHUB_TOKEN | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| # Set up Python | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.10' # Align with your `pyproject.toml` | |
| # Cache Poetry packages (optional but recommended) | |
| - name: Cache Poetry packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/pypoetry | |
| key: ${{ runner.os }}-poetry-${{ hashFiles('**/poetry.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-poetry- | |
| # Install Poetry | |
| - name: Install Poetry | |
| run: | | |
| curl -sSL https://install.python-poetry.org | python3 - | |
| echo "$HOME/.local/bin" >> $GITHUB_PATH | |
| # Install dependencies | |
| - name: Install dependencies | |
| run: | | |
| poetry install --no-interaction --no-root | |
| # Run tests (optional but recommended) | |
| - name: Run tests | |
| run: | | |
| poetry run pytest | |
| # Lint with flake8 | |
| - name: Lint with flake8 | |
| run: | | |
| poetry run flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics | |
| poetry run flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics | |
| # Build distribution | |
| - name: Build distribution | |
| run: | | |
| poetry build | |
| # Publish to Test PyPI | |
| - name: Publish to Test PyPI | |
| env: | |
| TWINE_USERNAME: __token__ | |
| TWINE_PASSWORD: ${{ secrets.TEST_PYPI_API_TOKEN }} | |
| run: | | |
| poetry publish --repository test-pypi --username $TWINE_USERNAME --password $TWINE_PASSWORD | |
| # Publish to PyPI (conditional) | |
| - name: Publish to PyPI | |
| if: | | |
| github.event_name == 'push' && github.ref == 'refs/heads/main' || | |
| (github.event_name == 'workflow_dispatch' && github.event.inputs.publish_to_pypi == 'true') | |
| env: | |
| TWINE_USERNAME: __token__ | |
| TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} | |
| run: | | |
| poetry publish --username $TWINE_USERNAME --password $TWINE_PASSWORD |