Skip to content

Commit

Permalink
pin uv versions by hash
Browse files Browse the repository at this point in the history
  • Loading branch information
@bmos
bmos committed Sep 7, 2024
1 parent d2f016f commit 59acbcf
Showing 1 changed file with 16 additions and 8 deletions.
24 changes: 16 additions & 8 deletions .github/workflows/python-checks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"]
os: ["ubuntu-latest", "windows-latest", "macos-latest"]
limited-dependencies: ["", "TRUE"]

runs-on: ${{ matrix.os }}

steps:
Expand All @@ -29,8 +29,11 @@ jobs:
python-version: ${{ matrix.python-version }}

- name: Install uv
run: |
pip install uv
- run: |
pip install uv == 0.4.7 \

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: pipCommand not pinned by hash
Click Remediation section below to solve this issue
--hash=sha256:ec49a00317799226d33135bf40e8da44262f44e3980a5bb9e6dae7250523c963 \ # manylinux: glibc 2.17+ x86-64
--hash=sha256:319a585f53c0b63b989526206383716e1d7c0f3483425058b94bf47402a81841 \ # Windows x86-64
--hash=sha256:bfbd6e28b0543b774db7d97d61963c384c70284e95056004c8f74252e69616c7 # macOS 11.0+ ARM64
- name: Install dependencies
env:
Expand All @@ -56,7 +59,8 @@ jobs:

- name: Install uv
run: |
pip install uv
pip install uv == 0.4.7 \

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: pipCommand not pinned by hash
Click Remediation section below to solve this issue
--hash=sha256:ec49a00317799226d33135bf40e8da44262f44e3980a5bb9e6dae7250523c963 \ # manylinux: glibc 2.17+ x86-64
- name: Install ruff
run: |
Expand All @@ -79,7 +83,8 @@ jobs:

- name: Install uv
run: |
pip install uv
pip install uv == 0.4.7 \

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: pipCommand not pinned by hash
Click Remediation section below to solve this issue
--hash=sha256:ec49a00317799226d33135bf40e8da44262f44e3980a5bb9e6dae7250523c963 \ # manylinux: glibc 2.17+ x86-64
- name: Install isort
run: |
Expand All @@ -102,7 +107,8 @@ jobs:

- name: Install uv
run: |
pip install uv
pip install uv == 0.4.7 \

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: pipCommand not pinned by hash
Click Remediation section below to solve this issue
--hash=sha256:ec49a00317799226d33135bf40e8da44262f44e3980a5bb9e6dae7250523c963 \ # manylinux: glibc 2.17+ x86-64
- name: Install ruff
run: |
Expand All @@ -125,7 +131,8 @@ jobs:

- name: Install uv
run: |
pip install uv
pip install uv == 0.4.7 \

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: pipCommand not pinned by hash
Click Remediation section below to solve this issue
--hash=sha256:ec49a00317799226d33135bf40e8da44262f44e3980a5bb9e6dae7250523c963 \ # manylinux: glibc 2.17+ x86-64
- name: Install bandit
run: |
Expand All @@ -148,7 +155,8 @@ jobs:

- name: Install uv
run: |
pip install uv
pip install uv == 0.4.7 \

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: pipCommand not pinned by hash
Click Remediation section below to solve this issue
--hash=sha256:ec49a00317799226d33135bf40e8da44262f44e3980a5bb9e6dae7250523c963 \ # manylinux: glibc 2.17+ x86-64
- name: Install dependencies
run: |
Expand Down

0 comments on commit 59acbcf

Please sign in to comment.