Skip to content

Implementing FedRep #1062

Implementing FedRep

Implementing FedRep #1062

# only has to pass for python 3.9
name: Static code checks
on:
push:
branches:
main
pull_request:
branches:
main
jobs:
run-code-check:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Python 3.9
uses: actions/setup-python@v3
with:
python-version: 3.9
- name: Install and configure Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
- name: Set up cache
uses: actions/cache@v2
id: cached-poetry-dependencies
with:
path: .venv
key: venv-${{ runner.os }}-${{ steps.full-python-version.outputs.version }}-${{ hashFiles('**/poetry.lock') }}
- name: Install dependencies
run: poetry install --with "dev, test, codestyle"
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
- name: Pre-commit Checks
run: |
source .venv/bin/activate
pre-commit run --all-files
- name: pip-audit (gh-action-pip-audit)
uses: pypa/[email protected]
with:
virtual-environment: .venv/
# ignoring security vulnerabilities in cryptography
# because flwr 1.7 depends on them. Opening an issue
# with flwr. Likely can remove this in flwr 1.8.
ignore-vulns: |
GHSA-3ww4-gg4f-jr7f
GHSA-9v9h-cgj8-h64p
GHSA-6vqw-3v5j-54x4