Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2.3.5 Patch #444

Merged
merged 7 commits into from Dec 8, 2022
Merged

2.3.5 Patch #444

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
9164106
Merge pull request #442 from pyupio/main
yeisonvargasf Dec 8, 2022
f78823c
Starting version 2.3.5.dev
yeisonvargasf Dec 8, 2022
aa1b153
Use packaging versions < 22.0 to prevent issues.
yeisonvargasf Dec 8, 2022
93598ae
Pin the ubuntu version to be used for the CI.
yeisonvargasf Dec 8, 2022
b62b75c
Merge pull request #443 from pyupio/fix/pin-compatible-packaging-vers…
yeisonvargasf Dec 8, 2022
7d6dd5e
Update the OS mapping in the binaries file.
yeisonvargasf Dec 8, 2022
7b24998
Test integration for 2.3.4
yeisonvargasf Dec 8, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/build.yml
View file
Open in desktop
Expand Up @@ -9,7 +9,7 @@ env:

jobs:
build:
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
environment: main

steps:
Expand Down
5 changes: 1 addition & 4 deletions .github/workflows/gh-action-integration-matrix.json
View file
Open in desktop
@@ -1,6 +1,3 @@
[
{"version": "2.0.0"},
{"version": "2.2.0"},
{"version": "2.2.1"},
{"version": "2.3.1"}
{"version": "2.3.4"}
]
12 changes: 6 additions & 6 deletions .github/workflows/main.yml
View file
Open in desktop
Expand Up @@ -4,7 +4,7 @@ on: [ push ]

jobs:
test:
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
strategy:
matrix:
python-version: [ "3.6", "3.7", "3.8", "3.9", "3.10", "3.11" ]
Expand Down Expand Up @@ -32,7 +32,7 @@ jobs:

strategy:
matrix:
os: ['windows-latest', 'ubuntu-latest', 'macos-latest']
os: ['windows-latest', 'ubuntu-20.04', 'macos-latest']
env:
BINARY_OS: '${{ matrix.os }}'
steps:
Expand Down Expand Up @@ -60,13 +60,13 @@ jobs:
path: dist/safety-win-x86_64.exe
if-no-files-found: error
- uses: actions/upload-artifact@v3
if: ${{ matrix.os == 'ubuntu-latest' }}
if: ${{ matrix.os == 'ubuntu-20.04' }}
with:
name: safety-linux-i686
path: dist/safety-linux-i686
if-no-files-found: error
- uses: actions/upload-artifact@v3
if: ${{ matrix.os == 'ubuntu-latest' }}
if: ${{ matrix.os == 'ubuntu-20.04' }}
with:
name: safety-linux-x86_64
path: dist/safety-linux-x86_64
Expand All @@ -81,7 +81,7 @@ jobs:

deploy-pypi:
needs: build-binaries
runs-on: ubuntu-latest
runs-on: ubuntu-20.04

if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')

Expand All @@ -105,7 +105,7 @@ jobs:

create-gh-release:
needs: deploy-pypi
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
permissions:
contents: write
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/test-insecure.yml
View file
Open in desktop
Expand Up @@ -8,7 +8,7 @@ on:

jobs:
matrix:
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
Expand All @@ -24,7 +24,7 @@ jobs:
# case, to avoid confusion
test-auto-requirements-txt-insecure:
needs: [ matrix ]
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
environment: main
strategy:
matrix:
Expand All @@ -49,7 +49,7 @@ jobs:
# Same as above, but for a poetry lock file
test-auto-poetry-insecure:
needs: [ matrix ]
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
environment: main
strategy:
matrix:
Expand All @@ -74,7 +74,7 @@ jobs:
# Same as above, but for a Pipfile.lock
test-auto-pipfile-insecure:
needs: [ matrix ]
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
environment: main
strategy:
matrix:
Expand All @@ -101,7 +101,7 @@ jobs:
### installs things in the root VM that the action runs on; this is what gets scanned.
test-auto-environment-insecure:
needs: [ matrix ]
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
environment: main
strategy:
matrix:
Expand Down Expand Up @@ -132,7 +132,7 @@ jobs:
### Scans a recently built Docker container. This uses a few heuristics, defined in entrypoint.sh
test-auto-docker-insecure:
needs: [ matrix ]
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
environment: main
strategy:
matrix:
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/test-secure.yml
View file
Open in desktop
Expand Up @@ -9,7 +9,7 @@ on:

jobs:
matrix:
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
Expand All @@ -25,7 +25,7 @@ jobs:
# case, to avoid confusion
test-auto-requirements-txt-secure:
needs: [ matrix ]
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
environment: main
strategy:
matrix:
Expand All @@ -47,7 +47,7 @@ jobs:
# Same as above, but for a poetry lock file
test-auto-poetry-secure:
needs: [ matrix ]
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
environment: main
strategy:
matrix:
Expand All @@ -69,7 +69,7 @@ jobs:
# Same as above, but for a Pipfile.lock
test-auto-pipfile-secure:
needs: [ matrix ]
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
environment: main
strategy:
matrix:
Expand All @@ -93,7 +93,7 @@ jobs:
### installs things in the root VM that the action runs on; this is what gets scanned.
test-auto-environment-secure:
needs: [ matrix ]
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
environment: main
strategy:
matrix:
Expand Down Expand Up @@ -121,7 +121,7 @@ jobs:
### Scans a recently built Docker container. This uses a few heuristics, defined in entrypoint.sh
test-auto-docker-secure:
needs: [ matrix ]
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
environment: main
strategy:
matrix:
Expand Down
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Expand Up @@ -5,6 +5,8 @@ All notable changes to this project will be documented in this file.
The format is partly based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html) and [PEP 440](https://peps.python.org/pep-0440/)

## [Unreleased] 2.3.5.dev

## [2.3.4] - 2022-12-07
- Removed LegacyVersion use; this fixes the issue with packaging 22.0.
- Fixed typos in the README.
Expand Down
2 changes: 1 addition & 1 deletion binaries.py
View file
Open in desktop
Expand Up @@ -19,7 +19,7 @@ class environment:
def __init__(self):
os_mapping = {
"windows-latest": self.WIN,
"ubuntu-latest": self.LINUX,
"ubuntu-20.04": self.LINUX,
"macos-latest": self.MACOS
}
self.os = os_mapping[os.getenv("BINARY_OS")]
Expand Down
2 changes: 1 addition & 1 deletion safety/VERSION
View file
Open in desktop
@@ -1 +1 @@
2.3.4
2.3.5.dev
2 changes: 1 addition & 1 deletion setup.cfg
View file
Open in desktop
Expand Up @@ -39,7 +39,7 @@ install_requires =
setuptools>=19.3
Click>=8.0.2
requests
packaging>=21.0
packaging>=21.0,<22.0
dparse>=0.6.2
ruamel.yaml>=0.17.21
dataclasses==0.8; python_version=="3.6"
Expand Down