wlinator/tux
1
Fork 0
mirror of https://github.com/allthingslinux/tux.git synced 2024-10-02 16:43:12 +00:00
Code Issues Releases Wiki Activity
tux/.archive/dependency-review.yml

58 lines
1.6 KiB
YAML
Raw Blame History

name: 'Dependency Review'
# Trigger on pull requests and a scheduled weekly run
on:
schedule:
- cron: '0 0 * * 0' # Runs every week at midnight on Sunday
permissions:
contents: write
issues: write
pull-requests: write
jobs:
# Job for pull request event
dependency-review-pr:
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v3
# Install Python
- name: Setup Python
uses: actions/setup-python@v5.0.0
with:
python-version: 3.11
# Install Poetry
- name: Poetry Install
uses: knowsuchagency/poetry-install@v2
# Run Poetry commands
- name: Update Python Poetry package
uses: dishapatel010/action-poetry-package-update@V2.0.1
# Export requirements.txt from pyproject.toml
- name: Export requirements.txt
uses: Divkix/poetry-export-requirements-action@v1.4.0
- name: Dependency Review
uses: actions/dependency-review-action@v3
with:
base-ref: ${{ github.event.pull_request.base.sha || 'main' }}
head-ref: ${{ github.event.pull_request.head.sha || github.ref }}
# Job for scheduled event
dependency-review-scheduled:
if: github.event_name == 'schedule'
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v4
- name: Dependency Review
uses: actions/dependency-review-action@v3
with:
base-ref: 'main'
head-ref: ${{ github.ref }}
Reference in a new issue View git blame Copy permalink