Skip to content

Bump tox from 4.15.0 to 4.24.1 #4826

Bump tox from 4.15.0 to 4.24.1

Bump tox from 4.15.0 to 4.24.1 #4826

Workflow file for this run

---
name: CI
on: # yamllint disable-line rule:truthy
push:
branches:
- main # forward-compatibility with new GitHub default branch naming
- master # backward-compatibility with old GitHub default branch naming
pull_request:
branches:
- main # forward-compatibility with new GitHub default branch naming
- master # backward-compatibility with old GitHub default branch naming
workflow_dispatch:
jobs:
# Quality jobs ----------------------
code-quality:
strategy:
matrix:
python-version: ["3.11"]
name: Code Quality
runs-on: "ubuntu-latest"
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Set up Python
uses: actions/[email protected]
with:
python-version: ${{ matrix.python-version }}
- name: Install Poetry
run: |
pip install --constraint=.github/workflows/constraints.txt poetry
poetry --version
- name: Configure Poetry
run: |
poetry config cache-dir "${GITHUB_WORKSPACE}/.cache/pypoetry"
poetry config virtualenvs.in-project true
poetry config --list
- name: Install Tox
run: |
pip install --constraint=.github/workflows/constraints.txt tox
tox --version
- name: Load cached tox testenv(s) (if they exist)
id: cached-poetry-dependencies
uses: actions/cache@v4
with:
path: |
.tox
key: tox-${{ github.workflow }}-${{ github.job }}-${{ runner.os }}-CPython${{ matrix.python-version }}-${{ hashFiles('**/poetry.lock') }}
- name: Run static analysis
run: |
make pre-commit
# Security jobs ----------------------
dependency-security-vulnerability-analysis:
strategy:
matrix:
python-version: ["3.11"]
name: Dependency Security Vulnerability Analysis
runs-on: "ubuntu-latest"
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Set up Python
uses: actions/[email protected]
with:
python-version: ${{ matrix.python-version }}
- name: Install Poetry
run: |
pip install --constraint=.github/workflows/constraints.txt poetry
poetry --version
- name: Configure Poetry
run: |
poetry config cache-dir "${GITHUB_WORKSPACE}/.cache/pypoetry"
poetry config virtualenvs.in-project true
poetry config --list
- name: Install Tox
run: |
pip install --constraint=.github/workflows/constraints.txt tox
tox --version
- name: Load cached tox testenv(s) (if they exist)
id: cached-poetry-dependencies
uses: actions/cache@v4
with:
path: |
.tox
key: tox-${{ github.workflow }}-${{ github.job }}-${{ runner.os }}-CPython${{ matrix.python-version }}-${{ hashFiles('**/poetry.lock') }}
- name: Run dependency security vulnerability analysis
run: |
make scan-dependencies
# Code quality AND security job ----------------------
semgrep:
runs-on: ubuntu-latest
name: Semgrep
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Disable Git LFS
run: |
rm .git/hooks/post-checkout || true
- name: Run Semgrep
id: semgrep
uses: returntocorp/semgrep-action@v1
with:
config: r/python
# Documentation build testing jobs ------------------------
test-documentation-building:
strategy:
matrix:
python-version: ["3.11"]
name: Documentation build testing
runs-on: "ubuntu-latest"
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Set up Python
uses: actions/[email protected]
with:
python-version: ${{ matrix.python-version }}
- name: Install Poetry
run: |
pip install --constraint=.github/workflows/constraints.txt poetry
poetry --version
- name: Configure Poetry
run: |
poetry config cache-dir "${GITHUB_WORKSPACE}/.cache/pypoetry"
poetry config virtualenvs.in-project true
poetry config --list
- name: Load cached venv(s) (if they exist)
id: cached-poetry-dependencies
uses: actions/cache@v4
with:
path: |
.venv
key: venv-${{ runner.os }}-CPython${{ matrix.python-version }}-${{ hashFiles('**/poetry.lock') }}
- name: Install dependencies
run: |
make install-dependencies
- name: Install project
run: |
make install-project
- name: Build Documentation
run: |
make docs-html \
LAUNCH_DOCS_PREVIEW=false