fix: requirements.txt to reduce vulnerabilities #192
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and upload to PyPI | |
| # Build on every branch push, tag push, and pull request change: | |
| # on: [push, pull_request] | |
| on: [push] | |
| # Alternatively, to publish when a (published) GitHub Release is created, use the following: | |
| # on: | |
| # push: | |
| # pull_request: | |
| # release: | |
| # types: | |
| # - published | |
| jobs: | |
| build_wheels: | |
| name: Build wheels on ${{ matrix.os }} and ${{ matrix.python }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest, windows-latest, macos-latest] | |
| python: ["3.8", "3.9", "3.10", "3.11", "3.12", "pypy3.9", "pypy3.10"] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| name: Install Python | |
| with: | |
| python-version: ${{ matrix.python }} | |
| cache: "pip" | |
| - name: Install Python 3 | |
| if: runner.os == 'Windows' | |
| run: | | |
| choco install python3 -f -y | |
| - name: Install Visual Studio 2019 | |
| if: runner.os == 'Windows' | |
| run: | | |
| choco install visualstudio2019buildtools | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| make requirements | |
| make requirements-build | |
| pip install --upgrade setuptools | |
| - name: Build wheels | |
| run: | | |
| pip wheel -w wheelhouse . | |
| env: | |
| CIBW_SKIP: cp27-win* | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| path: wheelhouse/Wikipedia*.whl | |
| name: Wikipedia-api-${{ matrix.os }}-${{ matrix.python }}.whl | |
| build_sdist: | |
| name: Build source dist on ${{ matrix.os }} and ${{ matrix.python }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest, windows-latest, macos-latest] | |
| python: ["3.8", "3.9", "3.10", "3.11", "3.12", "pypy3.9", "pypy3.10"] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| name: Install Python | |
| with: | |
| python-version: ${{ matrix.python }} | |
| cache: "pip" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| make requirements | |
| make requirements-build | |
| pip install --upgrade setuptools | |
| - name: Build sdist | |
| run: python setup.py sdist | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| path: dist/Wikipedia*.tar.gz | |
| name: Wikipedia-api-${{ matrix.os }}-${{ matrix.python }}.tar.gz | |
| upload_pypi: | |
| needs: [build_wheels, build_sdist] | |
| runs-on: ubuntu-latest | |
| # upload to PyPI on every tag starting with 'v' | |
| if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/v') | |
| # alternatively, to publish when a GitHub Release is created, use the following rule: | |
| # if: github.event_name == 'release' && github.event.action == 'published' | |
| environment: | |
| name: pypi | |
| url: https://pypi.org/p/Wikipedia-API | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Download Artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: Wikipedia-api-* | |
| path: downloaded | |
| - name: Display structure of downloaded files | |
| run: ls -lR downloaded | |
| - name: Prepare distribution structure | |
| run: | | |
| mkdir -p dist | |
| for f in $( find downloaded -type f ); do \ | |
| echo ${f}; \ | |
| d=$( dirname ${f} | rev | cut -d'/' -f 1 | rev ); \ | |
| echo ${d}; \ | |
| cp -v ${f} dist/${d}; \ | |
| done | |
| - name: Display structure of dist files | |
| run: ls -lR dist | |
| - uses: pypa/gh-action-pypi-publish@v1.8.14 | |
| with: | |
| verbose: true | |
| print-hash: true |