OpenMDAO / build_pyoptsparse

python script to build/install pyoptsparse with IPOPT (and optionally SNOPT)
Apache License 2.0
9 stars 15 forks source link

Removed ensurepip from test workflow #67

Closed swryan closed 5 months ago

swryan commented 5 months ago

Summary

Using ensurepip in the test workflow is resulting in pip version 22.3.1 which has a security vulnerability:

Found 1 known vulnerability in 1 package
Name Version ID             Fix Versions
---- ------- -------------- ------------
pip  22.3.1  PYSEC-2023-228 23.3

Removing ensurepip results in using pip version 24.0, which does not have the vulnerability:

pip                       24.0               pyhd8ed1ab_0    conda-forge

Since the pip version is not really germane to the tests, the ensurepip call has been removed.

Related Issues

Backwards incompatibilities

None

New Dependencies

None