search

pypa / gh-action-pip-audit

A GitHub Action for pip-audit
https://github.com/marketplace/actions/gh-action-pip-audit
Apache License 2.0
68 stars 12 forks source link

Remove pin on requests (fixes #41) #42

Closed Alexerson closed 1 year ago

Alexerson commented 1 year ago

Pretty simple fix for #41 .

woodruffw commented 1 year ago

Thanks @Alexerson!

Note the comment next to that pin: we can't just remove this, because we have other subdependency constraints 🙂

If you'd like to fully address this, you can update the pip-audit constraint from:

pip-audit ~= 2.0, >= 2.4.13

to:

pip-audit ~= 2.0, >= 2.5.6

...while also removing the requests pin. That will resolve the subdependency conflict (due to a release we made yesterday).

Alexerson commented 1 year ago

Ah, sorry you’re right. Pushing this in a sec.

woodruffw commented 1 year ago

Thank you! LGTM.

woodruffw commented 1 year ago

Thanks again! I'll push out a new version of this action momentarily.