build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 #3550
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| schedule: | |
| - cron: '0 12 * * *' | |
| permissions: {} | |
| jobs: | |
| test: | |
| strategy: | |
| matrix: | |
| python: | |
| - "3.9" | |
| - "3.10" | |
| - "3.11" | |
| - "3.12" | |
| - "3.13" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 | |
| with: | |
| python-version: ${{ matrix.python }} | |
| cache: "pip" | |
| cache-dependency-path: pyproject.toml | |
| - name: test | |
| run: make test PIP_AUDIT_EXTRA=test | |
| - name: Upload coverage data | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: coverage-data-${{ matrix.python }} | |
| path: .coverage.* | |
| include-hidden-files: true | |
| if-no-files-found: ignore | |
| test-windows: | |
| runs-on: windows-latest | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0 | |
| with: | |
| # Always test with latest Python on Windows. | |
| python-version: "3.x" | |
| cache: "pip" | |
| cache-dependency-path: pyproject.toml | |
| - name: test | |
| run: make test PIP_AUDIT_EXTRA=test | |
| - name: Upload coverage data | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: coverage-data-windows | |
| path: .coverage.* | |
| include-hidden-files: true | |
| if-no-files-found: ignore | |
| coverage: | |
| name: Combine & check coverage | |
| if: always() | |
| needs: [test, test-windows] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 | |
| with: | |
| python-version: "3.x" | |
| - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 | |
| with: | |
| pattern: coverage-data-* | |
| merge-multiple: true | |
| - name: Combine coverage & fail if it's <100% | |
| run: | | |
| make dev PIP_AUDIT_EXTRA=cov | |
| ./env/bin/python -Im coverage combine | |
| ./env/bin/python -Im coverage html --skip-covered --skip-empty | |
| # Report and write to summary. | |
| ./env/bin/python -Im coverage report --format=markdown >> "${GITHUB_STEP_SUMMARY}" | |
| # Report again and fail if under 100%. | |
| ./env/bin/python -Im coverage report --fail-under=100 | |
| - name: Upload HTML report if check failed | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: html-report | |
| path: htmlcov | |
| if: ${{ failure() }} | |
| all-tests-pass: | |
| if: always() | |
| needs: [coverage] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: check test jobs | |
| uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # v1.2.2 | |
| with: | |
| jobs: ${{ toJSON(needs) }} |