During our internal ISMS review we noticed that the vulnerability management isn't up to date. I'd like to make better use of dependabot, which would benefit from the development setup being switched to poetry instead of our home-grown solution.
This will likely need multiple things to be touched:
switch to pyproject.toml and initialize a poetry project
review the version.txt usage
document the new development workflow
adapt the github actions
validate that using released versions still works properly
During our internal ISMS review we noticed that the vulnerability management isn't up to date. I'd like to make better use of dependabot, which would benefit from the development setup being switched to poetry instead of our home-grown solution.
This will likely need multiple things to be touched: