Installation of gettext from conda-forge is still causing pip to be downgraded from 24.0 to 22.3, which has a security vulnerability:
Found 1 known vulnerability in 1 package
Name Version ID Fix Versions
---- ------- -------------- ------------
pip 22.3.1 PYSEC-2023-228 23.3
gettext is a pyoptsparse dependency that is only needed when building the documentation. Since that is out of scope for this package, and we are able to run the test suite without this dependency, it's installation has been removed.
Also:
Enabled the MacOS ARM build in the test workflow, using brew to install compilers
Added MacOS specific directories to find meson build logs
Summary
A follow up to PR #67
Installation of
gettext
fromconda-forge
is still causingpip
to be downgraded from 24.0 to 22.3, which has a security vulnerability:gettext
is apyoptsparse
dependency that is only needed when building the documentation. Since that is out of scope for this package, and we are able to run the test suite without this dependency, it's installation has been removed.Also:
brew
to install compilersRelated Issues
Backwards incompatibilities
None
New Dependencies
None