Release v4.7.1 #794
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Audit bugsnag-python dependency licenses | |
on: [push, pull_request] | |
jobs: | |
license-audit: | |
runs-on: 'ubuntu-latest' | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set up Python | |
uses: actions/setup-python@v2 | |
with: | |
# License Finder's Docker image uses Python 3.10 | |
python-version: '3.10' | |
- name: Fetch decisions.yml | |
run: curl https://raw.githubusercontent.com/bugsnag/license-audit/master/config/decision_files/global.yml -o decisions.yml | |
# License Finder doesn't use "install_requires" from setup.py, so won't check | |
# our dependencies if we don't put them in a requirements.txt file | |
- name: Set up requirements.txt for License Finder | |
run: | | |
pip3 install '.[flask]' | |
pip3 freeze --local --exclude bugsnag | tee requirements.txt | |
- name: Run License Finder | |
# for some reason license finder doesn't run without a login shell (-l) | |
run: > | |
docker run -v $PWD:/scan licensefinder/license_finder /bin/bash -lc " | |
cd /scan && | |
apt-get update && | |
apt-get install -y python3-venv && | |
python3 -m venv .venv && | |
source .venv/bin/activate && | |
pip3 install -r requirements.txt && | |
license_finder --decisions-file decisions.yml --python-version 3 --enabled-package-managers=pip | |
" |