New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Split up pythonapp.yml
#1309
Comments
@terriko, any comments on this? If you don't object I'd like to take this. |
This sounds pretty good. One addition: I'd take the cve scan out of linting and make it a separate thing. Mostly because I don't think cve scan really counts as linting, but also because in general if you fail linting the problem is in your code and you're the sole owner of that fix before a PR can be merged, but if you fail a cve scan most of the time the problem is not in your code and it may make more sense to fix in a separate PR. |
This is longer than I usually flag as a good first issue, but it's well-described, so I'm going to go ahead and put the flag on this and see if anyone's interested. |
Note also: some of this has already been done (e.g. we support 3.9 now) so you can't follow the instructions blindly |
I've actually almost finished this in the last couple of days and simply couldn't test properly due to the NVD API key issue. I'll submit the PR shortly. |
From #1299 (review)
I suggest to split into at least
23 files:linting.yml
Current linting matrix.
testing.yml
Everything else (docs, tests, long tests, Windows tests).
cve_scan.yml
CVE scan
Events should stay the same for both, but
inputs
should be only intesting.yml
.General notes:
actions/setup-python@v2
and notv1
everywhereget cached python packages
->Get cached Python packages
, etcpip
is already being updated but maybe also updatesetuptools
, it's not the latest in GitHub runnerswheel
when you installcve-bin-tool
because of stuff like thisUsing legacy 'setup.py install' for idna-ssl, since package 'wheel' is not installed.
python-version
lineTests:
matrix.os
because it's justubuntu-latest
. Unless we want to test on more than that?cve-bin-tool
does not yet officially support 3.9 Test with Python 3.9 - look for deprecation #910 (comment) but this can be a step towards it?ACTIONS
environment variable can be pulled to the workflow level, no need to list it 3 timesPYTHONIOENCODING
env variable in Win tests 🤔 Not sure what it is and where it is used, safe to delete?.py
file changes/cli.py
specifically/etc. Originally suggested by @BreadGenie because we have missed it after switching from NVD JSON to NVD API retrieval.longTests
input variable when running manually.The text was updated successfully, but these errors were encountered: