From 1b49b160e638bdc9ad2a289f1f5132aa46f908f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Saugat=20Pachhai=20=28=E0=A4=B8=E0=A5=8C=E0=A4=97=E0=A4=BE?= =?UTF-8?q?=E0=A4=A4=29?= Date: Sat, 15 Jun 2024 20:36:39 +0545 Subject: [PATCH] drop safety GitHub has dependency alerts and dependency security updates that can replace `safety`. For the past few months, safety has been raising vulnerability errors for `pip` and now `jinja2`. The latter is a dependency of `safety` itself, and both CVEs are disputed. Which is breaking CI for us. --- .github/workflows/tests.yaml | 7 +++---- noxfile.py | 8 -------- 2 files changed, 3 insertions(+), 12 deletions(-) diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index a3ab2d71..55001c7e 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -40,12 +40,11 @@ jobs: pip --version nox --version - - name: Lint code and check dependencies - continue-on-error: ${{ matrix.nox_pyv == '3.11' }} - run: nox -s lint safety --verbose + - name: Lint code + run: nox -s lint - name: Run tests - run: nox -s tests-${{ matrix.nox_pyv || matrix.pyv }} -- --slow --cov-report=xml + run: nox -s tests-${{ matrix.pyv }} -- --slow --cov-report=xml - name: Upload coverage report uses: codecov/codecov-action@v3.1.0 diff --git a/noxfile.py b/noxfile.py index d49a2e9f..bbba5853 100644 --- a/noxfile.py +++ b/noxfile.py @@ -32,14 +32,6 @@ def lint(session: nox.Session) -> None: session.run("python", "-m", "mypy") -@nox.session -def safety(session: nox.Session) -> None: - """Scan dependencies for insecure packages.""" - session.install(".[dev]") - session.install("safety") - session.run("safety", "check", "--full-report", "--ignore=67599") - - @nox.session def build(session: nox.Session) -> None: session.install("build", "setuptools", "twine")