Skip to content

[pre-commit.ci] pre-commit autoupdate #249

[pre-commit.ci] pre-commit autoupdate

[pre-commit.ci] pre-commit autoupdate #249

name: code checks
on:
push:
branches:
- main
paths:
- .pre-commit-config.yaml
- .github/workflows/code_checks.yml
- '**.py'
- poetry.lock
- pyproject.toml
- '**.ipynb'
pull_request:
branches:
- main
paths:
- .pre-commit-config.yaml
- .github/workflows/code_checks.yml
- '**.py'
- poetry.lock
- pyproject.toml
- '**.ipynb'
jobs:
run-code-check:
runs-on: ubuntu-latest
steps:
- uses: actions/[email protected]
- name: Install and configure Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
- uses: actions/[email protected]
with:
python-version: '3.9'
cache: 'poetry'
- name: Setup yarn
uses: mskelton/setup-yarn@v2
- name: Install dependencies and check code
run: |
yarn
poetry env use '3.9'
source .venv/bin/activate
poetry install --with test --all-extras
pre-commit run --all-files
- name: pip-audit (gh-action-pip-audit)
uses: pypa/[email protected]
with:
virtual-environment: .venv/
# Skipping 3 cryptography issues that can't be patched because of Flower
# Skipping 1 torch issue that can't be ugraded because of torchvision
ignore-vulns: |
GHSA-3ww4-gg4f-jr7f
GHSA-9v9h-cgj8-h64p
GHSA-6vqw-3v5j-54x4
GHSA-pg7h-5qx3-wjr3