Re #7777 #7778: check requirements.txt for security advisory
There is a new make file,
doc/Makefile
that defines these goals:
- `check-requirements`:
Check `requirements.txt` for security problems (CVEs) using `skjold`.
This goal is intended for the "Users guide" CI.
SKJOLD_GITHUB_API_TOKEN might have to be set if GITHUB_TOKEN is
not in the environment, in order to access the GitHub GraphQL API.
- `build-and-check-requirements`:
Rebuild `requirements.txt` from `requirements.in` using `pip-compile`,
and check with `check-requirements`.
This goal is intended for manual invocation.
It is invoked from the top Makefile via goal
`users-guide-requirements`.
Alternatively, these goals could be coupled with the doc build
`make users-guide`.
However, since these goals require a couple of seconds to run, I think
it is annoying to call them on every build of the documentation.
Showing
- .github/workflows/users-guide.yml 14 additions, 0 deletions.github/workflows/users-guide.yml
- .gitignore 3 additions, 3 deletions.gitignore
- Makefile 9 additions, 0 deletionsMakefile
- doc/Makefile 43 additions, 0 deletionsdoc/Makefile
- doc/pyproject.toml 11 additions, 0 deletionsdoc/pyproject.toml
- doc/requirements.in 2 additions, 0 deletionsdoc/requirements.in
- doc/requirements.txt 4 additions, 2 deletionsdoc/requirements.txt
Loading
Please register or sign in to comment