Merge pull request #11 from python-dev-tools/security

Add vulnerability checks
python-dev-tools · Jun 10, 2024 · 48e545d · 48e545d
2 parents 6ee87c4 + 7298e6a
commit 48e545d
Show file tree

Hide file tree

Showing 5 changed files with 1,575 additions and 4 deletions.
diff --git a/.github/workflows/tests.yml → .github/workflows/build_and_tests.yml b/.github/workflows/tests.yml → .github/workflows/build_and_tests.yml
diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml
@@ -0,0 +1,41 @@
+# This workflow will install Python dependencies, build the package, and run safety checks
+# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
+
+name: Package
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+  merge_group:
+    types: [checks_requested]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}-${{ github.head_ref }}
+  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
+permissions: {}
+
+jobs:
+  package_and_vulenrability:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.12
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install poetry
+          poetry install
+
+      - name: Package Check
+        run: |
+          poetry build
+
+      - name: Run Safety Check
+        # Remove below ignore line once the vulnerability is fixed
+        run: poetry run poetry audit --ignore-package=jinja2
diff --git a/README.md b/README.md
@@ -2,7 +2,7 @@
 
 pydtl-relativepath tool from pydtl community can be used to solve many issues that occurs with relative paths and imports from various modules in your complex framework.
 
-[![Tests](https://github.com/python-dev-tools/pydtl-relativepath/actions/workflows/tests.yml/badge.svg)](https://github.com/python-dev-tools/pydtl-relativepath/actions/workflows/tests.yml)
+[![Tests](https://github.com/python-dev-tools/pydtl-relativepath/actions/workflows/build_and_tests.yml/badge.svg)](https://github.com/python-dev-tools/pydtl-relativepath/actions/workflows/build_and_tests.yml)
 [![codecov](https://codecov.io/gh/python-dev-tools/pydtl-relativepath/graph/badge.svg?token=WULZU647T4)](https://codecov.io/gh/python-dev-tools/pydtl-relativepath)
 [![Linting](https://github.com/python-dev-tools/pydtl-relativepath/actions/workflows/lint.yml/badge.svg)](https://github.com/python-dev-tools/pydtl-relativepath/actions/workflows/lint.yml)
 ![Python Version](https://img.shields.io/badge/Python%20Versions-3.9%20%7C%203.10%20%7C%203.11%20%7C%203.12-blue)