chore: 🤖 add safety check (vulnerabilities in dependencies)

huggingface · Aug 30, 2021 · 5795ec5 · 5795ec5
1 parent 7147215
commit 5795ec5
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 4 deletions.
diff --git a/.github/workflows/quality.yml b/.github/workflows/quality.yml
@@ -28,3 +28,5 @@ jobs:
         run: poetry run black --check tests src benchmark
       - name: Run isort
         run: poetry run isort --check-only tests src benchmark
+      - name: Run safety
+        run: poetry run safety check
diff --git a/Makefile b/Makefile
@@ -16,10 +16,11 @@ run:
 test:
 	poetry run python -m pytest -x tests
 
-# Check that source code meets quality standards
+# Check that source code meets quality standards + security
 quality:
 	poetry run black --check tests src benchmark
 	poetry run isort --check-only tests src benchmark
+	poetry run safety check
 
 # Format source code automatically
 style:

diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -26,6 +26,7 @@ nltk = "^3.6.2"
 aiohttp = "^3.7.4"
 datasets = {extras = ["streaming"], git = "https://github.com/huggingface/datasets.git", rev = "b9fb8b2567aecfb14ad0bc31b59329f573eb35df"}
 typer = "^0.3.2"
+safety = "^1.10.3"
 
 [tool.poetry.dev-dependencies]
 pytest = "^6.2.4"