Skip to content

Bump bandit from 1.1.3 to 1.5.2 #6

Bump bandit from 1.1.3 to 1.5.2

Bump bandit from 1.1.3 to 1.5.2 #6

Workflow file for this run

name: Elixir CI
on: [pull_request]
concurrency:
group: ci-${{ github.ref }}
cancel-in-progress: true
jobs:
asdf:
name: ASDF
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# cache the ASDF directory, using the values from .tool-versions
- name: ASDF cache
uses: actions/cache@v3
with:
path: ~/.asdf
key: ${{ runner.os }}-asdf-v2-${{ hashFiles('.tool-versions') }}
id: asdf-cache
# only run `asdf install` if we didn't hit the cache
- uses: asdf-vm/actions/install@v2
if: steps.asdf-cache.outputs.cache-hit != 'true'
# only install Hex/Rebar if we didn't hit the cache
- if: steps.asdf-cache.outputs.cache-hit != 'true'
run: |
mix local.rebar --force
mix local.hex --force
build:
name: Build and test
runs-on: ubuntu-latest
needs: asdf
steps:
- uses: actions/checkout@v4
- name: ASDF cache
uses: actions/cache@v3
with:
path: ~/.asdf
key: ${{ runner.os }}-asdf-v2-${{ hashFiles('.tool-versions') }}
id: asdf-cache
- uses: mbta/actions/reshim-asdf@v1
# The asdf job should have prepared the cache. exit if it didn't for some reason
- run: exit 1
if: steps.asdf-cache.outputs.cache-hit != 'true'
- name: Restore dependencies cache
id: deps-cache
uses: actions/cache@v3
with:
path: deps
key: ${{ runner.os }}-mix-${{ hashFiles('**/mix.lock') }}
restore-keys: ${{ runner.os }}-mix-
- name: Install dependencies (if needed)
if: steps.deps-cache.outputs.cache-hit != 'true'
run: mix deps.get
- name: Compile (warnings as errors)
run: mix compile --force --warnings-as-errors
- name: Check formatting
run: mix format --check-formatted
- name: Run tests
run: mix test --cover
- name: Save PR information
run: |
echo "${{ github.event.pull_request.number }}" > cover/PR_NUMBER
echo "${{ github.event.pull_request.head.sha }}" > cover/PR_SHA
if: github.event.pull_request
- name: Upload coverage artifact
uses: actions/upload-artifact@v2
with:
name: elixir-lcov
path: cover/
- uses: mbta/actions/dialyzer@v1