search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
(parent: 8760e3d) | patch
Re #7777 #7778: check requirements.txt for security advisory
commita57cbc44a3e24bcde5b970f07c2112fc6df3d021
authorAndreas Abel <andreas.abel@ifi.lmu.de>
Thu, 28 Oct 2021 08:19:29 +0000 (28 10:19 +0200)
committermergify-bot <noreply@mergify.io>
Tue, 2 Nov 2021 09:01:23 +0000 (2 09:01 +0000)
treea94e79794d35f24e985d5e8d9bdc8e72618ea5fetree | snapshot (tar.gz zip)
parent8760e3d32939c0e7f813c56cdf56709d43e9cf22commit | diff
Re #7777 #7778: check requirements.txt for security advisory

There is a new make file,

    doc/Makefile

that defines these goals:

  - `check-requirements`:
    Check `requirements.txt` for security problems (CVEs) using `skjold`.
    This goal is intended for the "Users guide" CI.
    SKJOLD_GITHUB_API_TOKEN might have to be set if GITHUB_TOKEN is
    not in the environment, in order to access the GitHub GraphQL API.

  - `build-and-check-requirements`:
    Rebuild `requirements.txt` from `requirements.in` using `pip-compile`,
    and check with `check-requirements`.
    This goal is intended for manual invocation.

    It is invoked from the top Makefile via goal
    `users-guide-requirements`.

Alternatively, these goals could be coupled with the doc build
`make users-guide`.
However, since these goals require a couple of seconds to run, I think
it is annoying to call them on every build of the documentation.
.github/workflows/users-guide.yml diff | blob | blame | history
.gitignore diff | blob | blame | history
Makefile diff | blob | blame | history
doc/Makefile [new file with mode: 0644] blob
doc/pyproject.toml [new file with mode: 0644] blob
doc/requirements.in diff | blob | blame | history
doc/requirements.txt diff | blob | blame | history
Common Architecture for Building Applications and Libraries