Skip to content

[StepSecurity] Apply security best practices #114

[StepSecurity] Apply security best practices

[StepSecurity] Apply security best practices #114

Workflow file for this run

# This workflow will install Python dependencies, run tests and lint with a variety of Python versions
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
name: py-build
on:
push:
paths:
- 'plugin/PySrc/**'
- 'test/PySrc/**'
- '**/*.py'
- '*.ini'
- '.github/**'
pull_request:
paths:
- 'plugin/PySrc/**'
- 'test/PySrc/**'
- '**/*.py'
- '*.ini'
- '.github/**'
permissions:
contents: read
jobs:
py-build:
if: >
github.event_name != 'pull_request' ||
github.event.pull_request.head.repo.full_name !=
github.event.pull_request.base.repo.full_name
strategy:
fail-fast: true
matrix:
platform: [ubuntu-20.04, macos-latest, windows-latest]
# List at https://github.com/actions/python-versions/blob/main/versions-manifest.json
# Keep synchronized with setup.py and tox.ini
python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12"]
runs-on: ${{ matrix.platform }}
env:
PYTHON: ${{ matrix.python-version }}
steps:
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1
with:
python-version: ${{ matrix.python-version }}
allow-prereleases: true
- name: Install Python dependencies
run: |
python -m pip install --upgrade pip
python -m pip install tox coverage
# - name: Set up Emacs
# uses: purcell/[email protected]
# with:
# version: 24.4
- name: Test with tox and pytest
run: python -m tox -e py
- name: Test with tox and pytest, plus Pillow
run: python -m tox -e py-pil -- --cov-append
- name: Test with tox and pytest, plus matplotlib
run: python -m tox -e py-mpl -- --cov-append
# - name: Test with Emacs
# id: emacs-tests
# continue-on-error: true
# run: |
# emacs -Q --batch -L emacs-live-py-mode --eval '(setq byte-compile-error-on-warn t)' -f batch-byte-compile emacs-live-py-mode/*.el
# # Fake a tty with the script command.
# script -e -temacs-timing -c "emacs -Q -nw -L emacs-live-py-mode -L plugin/PySrc -l live-py-mode.el -l live-py-test.el -f ert-run-tests-batch-and-exit"
# - name: Display Emacs Test Results
# if: ${{ steps.emacs-tests.outcome == 'failure' }}
# run: |
# scriptreplay emacs-timing
# exit 1
- name: Upload coverage to Codecov
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
with:
env_vars: OS,PYTHON