Skip to content

Bump nono-py from 0.10.1 to 0.11.0 #1065

Bump nono-py from 0.10.1 to 0.11.0

Bump nono-py from 0.10.1 to 0.11.0 #1065

Workflow file for this run

name: GuardDog
on:
pull_request:
branches:
- v2
- v*
paths:
- 'requirements.txt'
- 'requirements-*.txt'
- 'pyproject.toml'
- 'poetry.lock'
permissions:
contents: read
jobs:
guarddog:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
name: Scan dependencies
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
with:
fetch-depth: 0
- name: Set up Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
with:
python-version: "3.10"
cache: 'pip'
- name: Prepare requirements file
run: |
if [ -f "requirements.txt" ]; then
echo "requirements.txt found, using existing file"
elif [ -f "pyproject.toml" ]; then
echo "pyproject.toml found, installing poetry and exporting requirements"
pip install -r .github/workflows/requirements.txt
poetry self add poetry-plugin-export
poetry export -f requirements.txt --output requirements.txt --with dev
else
echo "Error: Neither requirements.txt nor pyproject.toml found"
exit 1
fi
- name: Install GuardDog
run: pip install guarddog
- run: guarddog pypi verify requirements.txt --output-format sarif --exclude-rules repository_integrity_mismatch > guarddog.sarif
- name: Upload SARIF file for GitHub code scanning
uses: github/codeql-action/upload-sarif@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9
with:
category: guarddog-builtin
sarif_file: guarddog.sarif