Skip to content

ci: Bump the actions group with 2 updates #2

ci: Bump the actions group with 2 updates

ci: Bump the actions group with 2 updates #2

Workflow file for this run

name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1
with:
enable-cache: true
- name: Install dependencies
run: uv sync --frozen
- name: Ruff check
run: uv run ruff check src/ tests/
- name: Ruff format
run: uv run ruff format --check src/ tests/
typecheck:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1
with:
enable-cache: true
- name: Install dependencies
run: uv sync --frozen
- name: Mypy
run: uv run mypy --strict src/navi_sanitize/
test:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
python-version: ["3.12", "3.13"]
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1
with:
enable-cache: true
- name: Install dependencies
env:
PYTHON_VERSION: ${{ matrix.python-version }}
run: uv sync --frozen --python "$PYTHON_VERSION"
- name: Run tests
run: uv run pytest tests/ -v --benchmark-disable
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1
with:
enable-cache: true
- name: Install dependencies
run: uv sync --frozen
- name: pip-audit
run: uvx pip-audit==2.9.0
build:
needs: [lint, typecheck, test, security]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1
with:
enable-cache: true
- name: Build wheel
run: uv build
- name: Smoke test
run: |
uv venv .smoke-venv
.smoke-venv/bin/pip install dist/*.whl
.smoke-venv/bin/python -c "
from navi_sanitize import clean, walk, jinja2_escaper, path_escaper
assert clean('hello') == 'hello'
assert walk({'k': 'v'}) == {'k': 'v'}
print('Smoke test passed')
"
- uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: wheel
path: dist/*.whl