33 schedule :
44 - cron : " 0 10 * * 1" # Monday @ 10am UTC
55 workflow_dispatch :
6+ push :
7+ paths :
8+ - pyproject.toml
9+ - ' .github/workflows/snyk.yml'
610
711env :
812 SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
@@ -12,33 +16,17 @@ jobs:
1216 snyk-monitor :
1317 runs-on : ubuntu-latest
1418 steps :
15- - uses : actions/checkout@v3
16- with :
17- fetch-depth : 0
18-
19- # - name: Run Snyk (setup.py)
20- # uses: snyk/actions/python@master
21- # with:
22- # command: monitor
23- # args: --file=setup.py --package-manager=pip --project-name=setup.py --org=${{ env.SNYK_ORG }}
19+ - uses : actions/checkout@v4
2420
25- # - name: Run Snyk (requirements.txt)
26- # uses: snyk/actions/python@master
27- # with:
28- # command: monitor
29- # args: --file=requirements.txt --package-manager=pip --project-name=requirements.txt --org=${{ env.SNYK_ORG }}
30-
31- # On Oct 2 2023, the steps using snyk/actions/python@master started failing with "undefined".
32- # Nothing obvious changed in our code or in the Snyk action or Docker image.
33- # Setting up and running snyk generically seems to work, so we'll go with that.
34- - name : Set up Python
35- uses : actions/setup-python@v4
21+ - name : Set up uv and Python
22+ uses : astral-sh/setup-uv@v6
3623 with :
3724 python-version : ' 3.11'
38- - name : Install dependencies
25+
26+ - name : Prepare requirements.txt
3927 run : |
40- python -m pip install --upgrade pip
41- pip install -r requirements.txt
28+ uv pip compile pyproject.toml --output-file requirements.txt
29+ uv pip install -r requirements.txt
4230
4331uses : snyk/actions/setup@master
4432
0 commit comments