Fix reported vulnerability #391
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main, 3.x.x] | |
| paths: | |
| - "**.py" | |
| - "**.toml" | |
| - "**.lock" | |
| pull_request: | |
| branches: [main, 3.x.x] | |
| types: [opened, synchronize] | |
| paths: | |
| - ".github/workflows/ci.yaml" # self | |
| - "**.py" | |
| - "**.toml" | |
| - "**.lock" | |
| - ".pre-commit-config.yaml" | |
| jobs: | |
| Tests: | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| include: | |
| - os: ubuntu-latest | |
| python-version: "3.9" | |
| - os: ubuntu-latest | |
| python-version: "3.10" | |
| - os: ubuntu-latest | |
| python-version: "3.11" | |
| - os: ubuntu-latest | |
| python-version: "3.12" | |
| - os: ubuntu-latest | |
| python-version: "3.13" | |
| - os: windows-latest | |
| python-version: "3.10" | |
| - os: macos-latest | |
| python-version: "3.10" | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/setup-python-uv | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - run: tox run -e py | |
| - name: Upload coverage results | |
| uses: actions/upload-artifact@v4 | |
| if: matrix.os == 'ubuntu-latest' # Cross-platform coverage combination doesn't work | |
| with: | |
| name: coverage-results-${{ matrix.python-version }} | |
| path: .coverage* | |
| include-hidden-files: true | |
| Tutorial-tests: | |
| runs-on: ubuntu-latest | |
| name: Tutorial tests | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.10" | |
| - name: Install cadwyn with instructions from docs | |
| run: sh docs_src/quickstart/setup/block001.sh | |
| - run: | | |
| pip install uv | |
| uv pip install --system pytest coverage dirty-equals | |
| coverage run -m pytest docs_src | |
| - name: Upload coverage results | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage-results-docs | |
| path: .coverage* | |
| include-hidden-files: true | |
| Coverage: | |
| needs: [Tests, Tutorial-tests] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download coverage info | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: coverage-results-* | |
| merge-multiple: true | |
| path: . | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - run: | | |
| pip install uv | |
| uv pip install --system tox tox-uv | |
| tox run -e coverage_report | |
| - name: Upload to Codecov | |
| uses: codecov/codecov-action@v5 | |
| env: | |
| fail_ci_if_error: true | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| Lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - run: | | |
| python -m pip install uv | |
| uv pip install --system pre-commit pre-commit-uv | |
| pre-commit run --all-files | |
| Validate-links: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/setup-python-uv | |
| with: | |
| # When this version is updated, | |
| # update the pyright `base_python` version in `tox.ini`, too. | |
| python-version: "3.12" | |
| - run: tox run -e docs | |
| - name: Validate links | |
| uses: umbrelladocs/action-linkspector@v1 | |
| with: | |
| reporter: github-pr-review | |
| filter_mode: diff_context | |
| fail_level: any | |
| Typecheck: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/setup-python-uv | |
| with: | |
| # When this version is updated, | |
| # update the pyright `base_python` version in `tox.ini`, too. | |
| python-version: "3.12" | |
| - run: tox run -e pyright |