Fix landing page to focus on project, not infrastructure #28
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Tests | |
| on: | |
| push: | |
| branches: [ main, master ] | |
| pull_request: | |
| branches: [ main, master ] | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| python-version: ["3.12", "3.11"] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v3 | |
| with: | |
| version: "latest" | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install dependencies | |
| run: uv sync --dev | |
| - name: Run tests | |
| run: uv run pytest | |
| - name: Security audit | |
| run: | | |
| # Ignore vulnerabilities we can't control or are being fixed by dependabot | |
| # pip: GHSA-4xh5-x5gv-qwph - Runner environment pip, not in our control | |
| # filelock: GHSA-w853-jp5j-5j7f - TOCTOU race condition, dependency of virtualenv | |
| # fonttools: GHSA-768j-98cg-p3fv - RCE in varLib, being fixed by dependabot PR #27 | |
| # fonttools: GHSA-jc8q-39xc-w3v7 - Additional fonttools vuln, being fixed by dependabot PR #27 | |
| # scrapy: PYSEC-2017-83 - Old DoS from 2017, low severity, informational only | |
| uv run pip-audit --desc \ | |
| --ignore-vuln GHSA-4xh5-x5gv-qwph \ | |
| --ignore-vuln GHSA-w853-jp5j-5j7f \ | |
| --ignore-vuln GHSA-768j-98cg-p3fv \ | |
| --ignore-vuln GHSA-jc8q-39xc-w3v7 \ | |
| --ignore-vuln PYSEC-2017-83 | |
| - name: Lint with flake8 | |
| run: | | |
| uv run flake8 python-examples/ --count --select=E9,F63,F7,F82 --show-source --statistics | |
| uv run flake8 python-examples/ --count --exit-zero --max-complexity=10 --max-line-length=100 --statistics |