fix: upgrade the version of python from 3.9 to 3.12 as it is reaching EOL in Dec 2025, across all yml, tf templates, github workflows etc #597
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: safety - Python Dependency Check | |
| on: | |
| pull_request_target: | |
| branches: | |
| - main | |
| push: | |
| jobs: | |
| Linting: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| python-version: [3.12] | |
| steps: | |
| #---------------------------------------------- | |
| # check-out repo and set-up python | |
| #---------------------------------------------- | |
| - name: Check out repository | |
| uses: actions/checkout@v3 | |
| - name: Set up python | |
| id: setup-python | |
| uses: actions/setup-python@v3 | |
| with: | |
| python-version: 3.12 | |
| #---------------------------------------------- | |
| # ----- install & configure poetry ----- | |
| #---------------------------------------------- | |
| - name: Install Poetry | |
| uses: snok/install-poetry@v1 | |
| with: | |
| virtualenvs-create: true | |
| virtualenvs-in-project: true | |
| installer-parallel: true | |
| #---------------------------------------------- | |
| # install dependencies without cache | |
| #---------------------------------------------- | |
| - name: Install dependencies | |
| run: | | |
| rm -f poetry.lock | |
| poetry cache clear --all pypi | |
| poetry install --only main --no-root | |
| poetry run pip install --upgrade black==24.3.0 urllib3==2.5.0 | |
| #---------------------------------------------- | |
| # Run Safety scan | |
| #---------------------------------------------- | |
| - name: Verify installed packages | |
| run: | | |
| poetry run pip list | grep -E "black|urllib3" | |
| - name: Safety scan | |
| env: | |
| API_KEY: ${{secrets.SAFETY_API_KEY}} | |
| run: | | |
| poetry run pip install safety | |
| poetry run pip freeze > requirements-freeze.txt | |
| poetry run safety check --file requirements-freeze.txt --ignore=66742 --ignore=77744 |