This is an automated email from the ASF dual-hosted git repository.
tomaz pushed a commit to branch pip_audit_gha_check
in repository https://gitbox.apache.org/repos/asf/libcloud.git
commit f875502c4b1034feeebbef889f5d2f4a1efc9853
Author: Tomaz Muraus <to...@tomaz.me>
AuthorDate: Fri Sep 2 20:31:37 2022 +0200
Add new GHA step which runs pip audit check.
---
.github/workflows/main.yml | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 10e2bc0ed..3ff399ea1 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -201,6 +201,17 @@ jobs:
run: |
pip install "tox==3.24.4"
+ - name: Install Library Into Virtualenv
+ run: |
+ python -m venv venv/
+ source venv/bin/activate
+ python -m pip install .
+
+ - name: Run Pip Audit Check
+ uses:
pypa/gh-action-pip-audit@cce88443a7a495d91316565f5cc077f815a8f1c7 # v1.0.0
+ with:
+ virtual-environment: venv/
+
- name: Run Checks
run: |
script -e -c "tox -e black-check,checks,import-timings,lint,pylint"
