Skip to content

Do not report ghost packages as fix for vulnerabilities in APIv2 #4027

Do not report ghost packages as fix for vulnerabilities in APIv2

Do not report ghost packages as fix for vulnerabilities in APIv2 #4027

Workflow file for this run

name: run tests
on: [push, pull_request]
env:
DB_NAME: vulnerablecode
DB_USER: vulnerablecode
DB_PASSWORD: vulnerablecode
jobs:
build:
runs-on: ubuntu-20.04
services:
postgres:
image: postgres:latest
env:
POSTGRES_DB: ${{ env.DB_NAME }}
POSTGRES_USER: ${{ env.DB_USER }}
POSTGRES_PASSWORD: ${{ env.DB_PASSWORD }}
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
ports:
- 5432:5432
strategy:
max-parallel: 4
matrix:
python-version: ["3.9", "3.10", "3.11"]
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: make dev envfile
# Disable codestyle checks until we have cleaned up the code
# - name: Validate code format
# run: make check
- name: Run tests
run: make test
env:
GH_TOKEN: 1
POSTGRES_HOST: localhost
POSTGRES_PORT: 5432
VULNERABLECODE_DB_NAME: ${{ env.DB_NAME }}
VULNERABLECODE_DB_USER: ${{ env.DB_USER }}
VULNERABLECODE_DB_PASSWORD: ${{ env.DB_PASSWORD }}