Revert "chore: add dependency update workflow and fix urllib3 version"
This reverts commit 0d2d9b220e.
This commit is contained in:
ajaysi
88
.github/workflows/dependency-updates.yml
vendored
88
.github/workflows/dependency-updates.yml
vendored
@@ -1,88 +0,0 @@
|
|||||||
name: Dependency Updates
|
|
||||||
|
|
||||||
on:
|
|
||||||
schedule:
|
|
||||||
- cron: '0 0 * * 0' # Weekly on Sunday
|
|
||||||
workflow_dispatch: # Manual trigger
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
# Python dependency updates
|
|
||||||
update-python:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
if: github.event_name == 'workflow_dispatch'
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Set up Python
|
|
||||||
uses: actions/setup-python@v5
|
|
||||||
with:
|
|
||||||
python-version: "3.11"
|
|
||||||
|
|
||||||
- name: Install pip-tools
|
|
||||||
run: pip install pip-tools
|
|
||||||
|
|
||||||
- name: Check outdated packages
|
|
||||||
run: |
|
|
||||||
pip list --outdated --format=freeze | head -20
|
|
||||||
|
|
||||||
- name: Create pull request for updates
|
|
||||||
uses: python-semantic-release/pypi-publish@v1
|
|
||||||
with:
|
|
||||||
command: pip-compile
|
|
||||||
continue-on-error: true
|
|
||||||
|
|
||||||
- name: Create Dependabot PR
|
|
||||||
uses: dependabot/fetch-metadata@v2
|
|
||||||
with:
|
|
||||||
package-ecosystem: "pip"
|
|
||||||
directory: "/backend"
|
|
||||||
continue-on-error: true
|
|
||||||
|
|
||||||
# Node.js dependency updates
|
|
||||||
update-node:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
if: github.event_name == 'workflow_dispatch'
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Setup Node
|
|
||||||
uses: actions/setup-node@v4
|
|
||||||
with:
|
|
||||||
node-version: '20'
|
|
||||||
cache: 'npm'
|
|
||||||
cache-dependency-path: frontend/package-lock.json
|
|
||||||
|
|
||||||
- name: Install dependencies
|
|
||||||
run: cd frontend && npm ci
|
|
||||||
|
|
||||||
- name: Check outdated
|
|
||||||
run: cd frontend && npm outdated --depth=0
|
|
||||||
|
|
||||||
- name: Create PR for npm updates
|
|
||||||
uses: actions/github-script@v7
|
|
||||||
with:
|
|
||||||
script: |
|
|
||||||
// This would create a PR with npm updates
|
|
||||||
console.log("Run 'npm update' to update packages")
|
|
||||||
continue-on-error: true
|
|
||||||
|
|
||||||
# Security alerts summary
|
|
||||||
security-summary:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Run security audit on Python
|
|
||||||
uses: snyk/actions@master
|
|
||||||
env:
|
|
||||||
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
|
|
||||||
with:
|
|
||||||
args: --file=backend/requirements.txt --json | jq -r '.vulnerabilities[] | "- \(.title): \(..severity)"' || echo "No vulnerabilities found"
|
|
||||||
|
|
||||||
- name: Run security audit on Node
|
|
||||||
run: |
|
|
||||||
cd frontend && npm audit --json > audit.json 2>/dev/null || true
|
|
||||||
continue-on-error: true
|
|
||||||
@@ -39,10 +39,10 @@ google-auth-oauthlib>=1.0.0
|
|||||||
|
|
||||||
# Web scraping and content processing
|
# Web scraping and content processing
|
||||||
beautifulsoup4>=4.12.0
|
beautifulsoup4>=4.12.0
|
||||||
requests>=2.32.0
|
requests>=2.31.0
|
||||||
urllib3>=2.0.0
|
urllib3<2.0.0
|
||||||
chardet>=5.2.0
|
chardet>=5.0.0
|
||||||
charset-normalizer>=3.3.0
|
charset-normalizer<3.0.0
|
||||||
lxml>=4.9.0
|
lxml>=4.9.0
|
||||||
html5lib>=1.1
|
html5lib>=1.1
|
||||||
aiohttp>=3.9.0
|
aiohttp>=3.9.0
|
||||||
|
|||||||
Reference in New Issue
Block a user