Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update debian files with workflows #18

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Update debian files with workflows #18

wants to merge 2 commits into from

Conversation

sarnold
Copy link

@sarnold sarnold commented Apr 10, 2024
edited
Loading

It turns out hatch is not available prior to bookworm. I also added a bandit workflow that annotates PR checks to illustrate why the previous PR had the XML patch. The current report is here which you can see by clicking on Bandit comments

Note the insecure XML warning has an actual CVE associated with it.

@sarnold
chg: dev: update debian files from deb packaging maintainers
6e854ac 
* add Github CI workflow to build debs against multiple debian release
* add hatchling to build deps, seems to be only available starting with
  debian bookworm
* ubuntu PPA was happy with pyproject.toml and setuptools backend

Signed-off-by: Steve Arnold <[email protected]>
@sarnold
fix: dev: add tool configs to keep tools out of debian files
edd21a4 
* includes a bandit workflow to track security "issues"
* also deconflict and dedup ci workflow (github workaround)

Signed-off-by: Steve Arnold <[email protected]>
@sarnold
Copy link
Author

sarnold commented Apr 10, 2024

Unless I see a "Yes" comment on the bandit workflow I'll push another PR commit without it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@sarnold