1+ name : Check Dependencies
2+
3+ on :
4+ push :
5+ branches : [ "main" ]
6+ pull_request :
7+ branches : [ "main" ]
8+
9+ jobs :
10+ dependency-check :
11+ name : Check for outdated dependencies
12+ runs-on : ubuntu-latest
13+
14+ steps :
15+ - name : Checkout code
16+ uses : actions/checkout@v4
17+
18+ - name : Set up Python
19+ uses : actions/setup-python@v3
20+ with :
21+ python-version : ' 3.12'
22+
23+ - name : Install pipx for dependency checking tools
24+ run : |
25+ python -m pip install --upgrade pip
26+ pip install pipx
27+ pipx ensurepath
28+
29+ name : Install pip-audit
30+ run : pipx install pip-audit
31+
32+ - name : Install pip-tools
33+ run : pipx install pip-tools
34+
35+ - name : Check for dependency security issues
36+ run : |
37+ if [ -f requirements.txt ]; then
38+ pip-audit --requirement requirements.txt
39+ elif [ -f pyproject.toml ]; then
40+ pip-audit --requirement <(python -m pip list --format=freeze)
41+ fi
42+ continue-on-error : true # Don't fail the workflow if there are security issues
43+
44+ - name : Check for outdated dependencies
45+ run : |
46+ if [ -f requirements.txt ]; then
47+ # Show outdated packages
48+ python -m pip list --outdated --format=freeze | grep -F -f <(python -m pip freeze) > /tmp/outdated.txt
49+ if [ -s /tmp/outdated.txt ]; then
50+ echo "Outdated packages found:"
51+ cat /tmp/outdated.txt
52+ echo
53+ echo "Consider updating the following packages:"
54+ python -m pip list --outdated
55+ else
56+ echo "All dependencies are up-to-date."
57+ fi
58+ else
59+ echo "No requirements.txt file found, checking pyproject.toml..."
60+ # For projects using pyproject.toml, we'll use the installed packages
61+ python -m pip list --outdated
62+ fi
63+
64+ name : Install dependencies to check for compatibility
65+ run : |
66+ python -m pip install --upgrade pip
67+ if [ -f requirements.txt ]; then
68+ python -m pip install -r requirements.txt
69+ elif [ -f pyproject.toml ]; then
70+ python -m pip install .
71+ fi
0 commit comments