fix: clean installation script fix & bump lower bound version for urllib3 to avoid CVE #47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CI Pipeline: Formatting, Linting, Typing, Security, and Tests (PyAgentSpec)" | |
| on: | |
| pull_request: | |
| workflow_dispatch: | |
| env: | |
| SKIP_LLM_TESTS: "1" | |
| jobs: | |
| checks-and-tests: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| python-version: ['3.10', '3.11', '3.12', '3.13', '3.14'] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v5 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Cache pip packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ matrix.python-version }}-${{ hashFiles('pyagentspec/setup.py', 'pyagentspec/requirements-dev.txt', 'pyagentspec/constraints/constraints.txt') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip-${{ matrix.python-version }}- | |
| ${{ runner.os }}-pip- | |
| - name: Install PyAgentSpec packages and development dependencies | |
| run: cd pyagentspec && bash install-dev.sh | |
| - name: Verify tools installation | |
| run: | | |
| python -m pip list | grep -E "black|isort|flake8|bandit|mypy" | |
| which black isort flake8 bandit mypy | |
| - name: "Black formatting check" | |
| run: black --config pyagentspec/pyproject.toml --check pyagentspec/ | |
| - name: "Isort import sorting check" | |
| run: isort --settings-path pyagentspec/pyproject.toml --check-only pyagentspec/ | |
| # Skipping flake8 for Python 3.14 due to old flake8 version incompatibility | |
| - name: "Flake8 linter checks" | |
| if: matrix.python-version != '3.14' | |
| run: flake8 --select C801 pyagentspec/ | |
| - name: "Flake8 copyright checks" | |
| if: matrix.python-version != '3.14' | |
| run: flake8 --select C801 --copyright-check --copyright-regexp="# Copyright © [0-9]{4}(, [0-9]{4})* Oracle and/or its affiliates.\n#\n# This software is under the Apache License 2.0\n# \(LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0\) or Universal Permissive License\n# \(UPL\) 1.0 \(LICENSE-UPL or https://oss.oracle.com/licenses/upl\), at your option." pyagentspec/ | |
| - name: "Bandit security checks" | |
| run: bandit -c bandit.yaml -r pyagentspec/ | |
| - name: "Mypy static type checking" | |
| if: ${{ matrix.python-version != '3.13' && matrix.python-version != '3.14' }} | |
| run: mypy pyagentspec/ --config-file pyagentspec/pyproject.toml --exclude pyagentspec/tests_fuzz | |
| - name: "Run tests" | |
| working-directory: pyagentspec | |
| run: bash tests/run_tests.sh |