From 72620162ef4eb34195b66495fb66fe3f88cfabc7 Mon Sep 17 00:00:00 2001 From: Jan Wille Date: Fri, 14 Jun 2024 15:53:01 +0200 Subject: [PATCH 1/2] ignore jinja safty warning, as therer is nor fix --- noxfile.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/noxfile.py b/noxfile.py index 6b01b00b..38552896 100644 --- a/noxfile.py +++ b/noxfile.py @@ -129,9 +129,10 @@ def precommit(session: Session) -> None: @session(python=python_versions[2]) def safety(session: Session) -> None: """Scan dependencies for insecure packages.""" + ignore_CVEs = [70612] requirements = session.poetry.export_requirements() session.install("safety") - session.run("safety", "check", f"--file={requirements}") + session.run("safety", "check", f"--file={requirements}", *[f"-i{id}" for id in ignore_CVEs]) @session(python=python_versions) From b949a167f731775bc2e8414d0d8a81bff5142a76 Mon Sep 17 00:00:00 2001 From: Jan Wille Date: Fri, 14 Jun 2024 15:56:57 +0200 Subject: [PATCH 2/2] pis `pipx` for coverage as well --- .github/workflows/tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index fafe391f..6b626a5f 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -111,7 +111,7 @@ jobs: - name: Upgrade pip run: | - pip install --constraint=.github/workflows/constraints.txt pip + pip install --force-reinstall --constraint=.github/workflows/constraints.txt pip pipx pip --version - name: Install Poetry