diff --git a/.github/workflows/ci-test.yml b/.github/workflows/ci-test.yml index 8bdd38b46..13b6def9d 100644 --- a/.github/workflows/ci-test.yml +++ b/.github/workflows/ci-test.yml @@ -68,7 +68,7 @@ jobs: cd lib/poseidon_core && poetry run pip install 'setuptools==64.0.3' && poetry run pytest --cov-report term-missing --cov=. --cov-report=xml && cd ../../ - name: Upload coverage uses: codecov/codecov-action@v4 - if: github.repository == 'faucetsdn/poseidon' && github.event_name == 'push' + if: github.repository == 'faucetsdn/poseidon' && github.ref_name == 'main' with: token: ${{ secrets.CODECOV_TOKEN }} files: /home/runner/work/poseidon/poseidon/lib/poseidon_api/coverage.xml,/home/runner/work/poseidon/poseidon/lib/poseidon_cli/coverage.xml,/home/runner/work/poseidon/poseidon/lib/poseidon_core/coverage.xml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a9a7c7ceb..85b178bb8 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -22,6 +22,10 @@ on: jobs: analyze: + permissions: + actions: read + contents: write + security-events: write name: Analyze runs-on: ubuntu-latest @@ -35,11 +39,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -50,7 +54,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -64,4 +68,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/lib/poseidon_core/poetry.lock b/lib/poseidon_core/poetry.lock index e636fece6..a51ecd47b 100644 --- a/lib/poseidon_core/poetry.lock +++ b/lib/poseidon_core/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 1.7.1 and should not be changed by hand. +# This file is automatically @generated by Poetry 1.8.2 and should not be changed by hand. [[package]] name = "anyio" @@ -947,13 +947,13 @@ requirements-deprecated-finder = ["pip-api", "pipreqs"] [[package]] name = "jinja2" -version = "3.1.3" +version = "3.1.4" description = "A very fast and expressive template engine." optional = false python-versions = ">=3.7" files = [ - {file = "Jinja2-3.1.3-py3-none-any.whl", hash = "sha256:7d6d50dd97d52cbc355597bd845fabfbac3f551e1f99619e39a35ce8c370b5fa"}, - {file = "Jinja2-3.1.3.tar.gz", hash = "sha256:ac8bd6544d4bb2c9792bf3a159e80bba8fda7f07e81bc3aed565432d5925ba90"}, + {file = "jinja2-3.1.4-py3-none-any.whl", hash = "sha256:bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d"}, + {file = "jinja2-3.1.4.tar.gz", hash = "sha256:4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369"}, ] [package.dependencies] @@ -1963,13 +1963,13 @@ testing = ["coverage", "nose"] [[package]] name = "requests" -version = "2.31.0" +version = "2.32.2" description = "Python HTTP for Humans." optional = false -python-versions = ">=3.7" +python-versions = ">=3.8" files = [ - {file = "requests-2.31.0-py3-none-any.whl", hash = "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f"}, - {file = "requests-2.31.0.tar.gz", hash = "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1"}, + {file = "requests-2.32.2-py3-none-any.whl", hash = "sha256:fc06670dd0ed212426dfeb94fc1b983d917c4f9847c863f313c9dfaaffb7c23c"}, + {file = "requests-2.32.2.tar.gz", hash = "sha256:dd951ff5ecf3e3b3aa26b40703ba77495dab41da839ae72ef3c8e5d8e2433289"}, ] [package.dependencies] @@ -2379,4 +2379,4 @@ files = [ [metadata] lock-version = "2.0" python-versions = ">=3.8 <3.11" -content-hash = "b3b3fd9273691436f26dc361b13e1d8bce3de3b5b1693b24e8ba8675ceccb8e2" +content-hash = "2d0c0ecdbd7980ffa828dfea584e260fd5df90c3fe37e93da4bf8d1a260c22ed" diff --git a/lib/poseidon_core/pyproject.toml b/lib/poseidon_core/pyproject.toml index c351e74a5..151bc302f 100644 --- a/lib/poseidon_core/pyproject.toml +++ b/lib/poseidon_core/pyproject.toml @@ -18,7 +18,7 @@ prometheus_client = "^0.17.0" pyyaml = "6.0" schedule = "1.2.0" transitions = "0.9.0" -requests = "<2.31.1" +requests = "<2.32.3" urllib3 = "<2.0.8" [tool.poetry.dev-dependencies]