diff --git a/.github/workflows/cd-docs.yml b/.github/workflows/cd-docs.yml index 6fb6beb97aa..3e7bf3a49b9 100644 --- a/.github/workflows/cd-docs.yml +++ b/.github/workflows/cd-docs.yml @@ -28,8 +28,9 @@ jobs: - name: Install pip dependencies run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Build the docs run: | diff --git a/.github/workflows/cd-feature-branch.yml b/.github/workflows/cd-feature-branch.yml index 2a16887b7ad..95b86899503 100644 --- a/.github/workflows/cd-feature-branch.yml +++ b/.github/workflows/cd-feature-branch.yml @@ -65,8 +65,9 @@ jobs: - name: Install dependencies run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 bump2version==1.0.1 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 bump2version==1.0.1 - name: Generate Release Metadata id: release_metadata @@ -290,8 +291,9 @@ jobs: - name: Install dependencies run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 setuptools wheel twine bump2version PyYAML + python -m pip install uv==0.3.5 uv --version + python -m uv pip instal tox==4.18.0 tox-uv==1.11.2 setuptools wheel twine bump2version PyYAML - name: Bump to Final Release version run: | diff --git a/.github/workflows/cd-post-release-tests.yml b/.github/workflows/cd-post-release-tests.yml index 99416321d28..c0450138321 100644 --- a/.github/workflows/cd-post-release-tests.yml +++ b/.github/workflows/cd-post-release-tests.yml @@ -54,6 +54,8 @@ jobs: - name: Upgrade pip run: | python -m pip install --upgrade pip + python -m pip install uv==0.3.5 + uv --version - name: Get pip cache dir id: pip-cache @@ -65,18 +67,18 @@ jobs: uses: actions/cache@v4 with: path: ${{ steps.pip-cache.outputs.dir }} - key: ${{ runner.os }}-pip-py${{ matrix.python-version }}-${{ hashFiles('setup.cfg') }} + key: ${{ runner.os }}-uv-py${{ matrix.python-version }}-${{ hashFiles('setup.cfg') }} restore-keys: | - ${{ runner.os }}-pip-py${{ matrix.python-version }}- + ${{ runner.os }}-uv-py${{ matrix.python-version }}- - name: Install Syft shell: bash run: | if [[ ${{inputs.release_platform}} == "REAL_PYPI" ]]; then - pip install syft==${{inputs.syft_version}} + python -m uv pip install syft==${{inputs.syft_version}} fi if [[ ${{ inputs.release_platform }} == "TEST_PYPI" ]]; then - pip install --extra-index-url https://test.pypi.org/simple/ syft==${{inputs.syft_version}} + python -m uv pip install --extra-index-url https://test.pypi.org/simple/ syft==${{inputs.syft_version}} fi - name: Check Syft version @@ -119,8 +121,9 @@ jobs: - name: Install pip dependencies run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Get uv cache dir id: pip-cache @@ -132,7 +135,7 @@ jobs: uses: actions/cache@v4 with: path: ${{ steps.pip-cache.outputs.dir }} - key: ${{ runner.os }}-pip-py${{ matrix.python-version }}-${{ hashFiles('setup.cfg') }} + key: ${{ runner.os }}-uv-py${{ matrix.python-version }}-${{ hashFiles('setup.cfg') }} restore-keys: | ${{ runner.os }}-uv-py${{ matrix.python-version }}- @@ -164,9 +167,12 @@ jobs: with: python-version: ${{ matrix.python-version }} - - name: Upgrade pip + - name: Upgrade pip and dependencies run: | python -m pip install --upgrade pip + python -m pip install uv==0.3.5 + uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 tox-current-env - name: Get pip cache dir id: pip-cache @@ -178,25 +184,21 @@ jobs: uses: actions/cache@v4 with: path: ${{ steps.pip-cache.outputs.dir }} - key: ${{ runner.os }}-pip-py${{ matrix.python-version }}-${{ hashFiles('setup.cfg') }} + key: ${{ runner.os }}-uv-py${{ matrix.python-version }}-${{ hashFiles('setup.cfg') }} restore-keys: | - ${{ runner.os }}-pip-py${{ matrix.python-version }}- + ${{ runner.os }}-uv-py${{ matrix.python-version }}- - name: Install Syft env: SYFT_VERSION: ${{ inputs.syft_version }} run: | if [[ ${{ inputs.release_platform }} == "TEST_PYPI" ]]; then - pip install --extra-index-url https://test.pypi.org/simple/ syft[data_science,dev]==${{ inputs.syft_version }} + python -m uv pip install --extra-index-url https://test.pypi.org/simple/ syft[data_science,dev]==${{ inputs.syft_version }} fi if [[ ${{ inputs.release_platform }} == "REAL_PYPI" ]]; then - pip install syft[data_science,dev]==${{ inputs.syft_version }} + python -m uv pip install syft[data_science,dev]==${{ inputs.syft_version }} fi - - name: Install tox and uv - run: | - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 tox-current-env - - name: Run unit tests run: | tox -e syft.test.unit --current-env diff --git a/.github/workflows/cd-syft-dev.yml b/.github/workflows/cd-syft-dev.yml index 04b03817b35..d0f67a855eb 100644 --- a/.github/workflows/cd-syft-dev.yml +++ b/.github/workflows/cd-syft-dev.yml @@ -165,7 +165,9 @@ jobs: # install tox python -m pip install --upgrade pip - pip install tox + python -m pip install uv==0.3.5 + uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 tox -e syft.build.helm diff --git a/.github/workflows/cd-syft.yml b/.github/workflows/cd-syft.yml index 8875b6e1560..3c92ae14e5f 100644 --- a/.github/workflows/cd-syft.yml +++ b/.github/workflows/cd-syft.yml @@ -114,8 +114,9 @@ jobs: - name: Install dependencies run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 bump2version==1.0.1 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 bump2version==1.0.1 - name: Get Release tag id: get_release_tag @@ -392,8 +393,9 @@ jobs: - name: Install dependencies run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 setuptools wheel twine bump2version PyYAML + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 setuptools wheel twine bump2version PyYAML - name: Bump the Version if: needs.merge-docker-images.outputs.release_tag == 'beta' diff --git a/.github/workflows/cd-syftcli.yml b/.github/workflows/cd-syftcli.yml index 72c6f84b7a1..aaf96e09073 100644 --- a/.github/workflows/cd-syftcli.yml +++ b/.github/workflows/cd-syftcli.yml @@ -42,7 +42,10 @@ jobs: - name: Install checksumdir run: | - pip install --upgrade checksumdir + python -m pip install --upgrade + python -m pip install uv==0.3.5 + uv --version + python -m uv install checksumdir - name: Get the hashes id: get-hashes @@ -66,17 +69,19 @@ jobs: if: ${{steps.get-hashes.outputs.current_hash != steps.get-hashes.outputs.previous_hash }} run: | python -m pip install --upgrade pip - pip install --upgrade tox setuptools wheel twine bump2version==1.0.1 PyYAML==6.0.1 + python -p pip install uv==0.3.5 + uv --version + python -m uv pip install --upgrade tox==4.18.0 tox-uv==1.11.2 setuptools wheel twine bump2version==1.0.1 PyYAML==6.0.1 - name: Bump the Version if: ${{steps.get-hashes.outputs.current_hash != steps.get-hashes.outputs.previous_hash }} id: bump-version run: | - python3 syftcli/version.py + python syftcli/version.py bump2version patch --allow-dirty --no-commit tox -e lint || true echo "deployed_version=$(python3 syftcli/version.py)" >> $GITHUB_OUTPUT - python3 syftcli/version.py + python syftcli/version.py working-directory: ./packages/syftcli - name: Write the new hash @@ -122,8 +127,9 @@ jobs: - name: Install pip dependencies run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Build syftcli env: diff --git a/.github/workflows/container-scan.yml b/.github/workflows/container-scan.yml index 303eb11bc40..24cf5d1e7c9 100644 --- a/.github/workflows/container-scan.yml +++ b/.github/workflows/container-scan.yml @@ -194,10 +194,11 @@ jobs: #Generate SBOM - name: Generate SBOM run: | - python3 --version - python3 -m pip install ./packages/syft - python3 -m pip install cyclonedx-bom - python3 -m pip freeze > requirements.txt + python --version + python -m pip install uv==0.3.5 + python -m uv pip install ./packages/syft + python -m uv pip install cyclonedx-bom + python -m pip freeze > requirements.txt cyclonedx-py requirements -o syft.sbom.json #Trivy scan SBOM @@ -238,7 +239,7 @@ jobs: continue-on-error: true uses: aquasecurity/trivy-action@master with: - image-ref: "mongo:7.0.0" + image-ref: "mongo:7.0.12" format: "cyclonedx" output: "mongo-trivy-results.sbom.json" timeout: "10m0s" @@ -255,7 +256,7 @@ jobs: continue-on-error: true uses: aquasecurity/trivy-action@master with: - image-ref: "mongo:7.0.0" + image-ref: "mongo:7.0.12" format: "sarif" output: "trivy-results.sarif" timeout: "10m0s" @@ -281,7 +282,7 @@ jobs: # This is where you will need to introduce the Snyk API token created with your Snyk account SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} with: - image: mongo:7.0.0 + image: mongo:7.0.12 args: --sarif-file-output=snyk-code.sarif # Replace any "undefined" security severity values with 0. The undefined value is used in the case diff --git a/.github/workflows/e2e-tests-notebook.yml b/.github/workflows/e2e-tests-notebook.yml index 061ef7addde..52fd17ad599 100644 --- a/.github/workflows/e2e-tests-notebook.yml +++ b/.github/workflows/e2e-tests-notebook.yml @@ -57,29 +57,26 @@ jobs: with: python-version: ${{ matrix.python-version }} - - name: Install pip dependencies + - name: Install pip and dependencies run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Get pip cache dir id: pip-cache shell: bash run: | - echo "dir=$(pip cache dir)" >> $GITHUB_OUTPUT + echo "dir=$(uv cache dir)" >> $GITHUB_OUTPUT - name: Load github cache uses: actions/cache@v4 with: path: ${{ steps.pip-cache.outputs.dir }} - key: ${{ runner.os }}-pip-py${{ matrix.python-version }}-${{ hashFiles('setup.cfg') }} + key: ${{ runner.os }}-uv-py${{ matrix.python-version }}-${{ hashFiles('setup.cfg') }} restore-keys: | - ${{ runner.os }}-pip-py${{ matrix.python-version }}- - - - name: Install tox - run: | - pip install tox + ${{ runner.os }}-uv-py${{ matrix.python-version }}- - name: Run Notebook tests env: diff --git a/.github/workflows/post-merge-tasks.yml b/.github/workflows/post-merge-tasks.yml index 5b8728b57c9..98d97079ae7 100644 --- a/.github/workflows/post-merge-tasks.yml +++ b/.github/workflows/post-merge-tasks.yml @@ -27,8 +27,9 @@ jobs: - name: Install pip packages run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Check and Bump Protocol Version run: | diff --git a/.github/workflows/pr-tests-frontend.yml b/.github/workflows/pr-tests-frontend.yml index d807d78bf49..f459628a23b 100644 --- a/.github/workflows/pr-tests-frontend.yml +++ b/.github/workflows/pr-tests-frontend.yml @@ -47,8 +47,9 @@ jobs: if: steps.changes.outputs.frontend == 'true' run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Get uv cache dir id: pip-cache diff --git a/.github/workflows/pr-tests-helm-lint.yml b/.github/workflows/pr-tests-helm-lint.yml index 7846a6e6ace..fd4e60590b2 100644 --- a/.github/workflows/pr-tests-helm-lint.yml +++ b/.github/workflows/pr-tests-helm-lint.yml @@ -34,7 +34,9 @@ jobs: # Install python deps python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 + uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 kube-linter version polaris version diff --git a/.github/workflows/pr-tests-helm-upgrade.yml b/.github/workflows/pr-tests-helm-upgrade.yml index 802bbae5232..0d13bc125bf 100644 --- a/.github/workflows/pr-tests-helm-upgrade.yml +++ b/.github/workflows/pr-tests-helm-upgrade.yml @@ -38,7 +38,9 @@ jobs: # Install python deps python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 + uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 # Install kubernetes brew install helm k3d devspace kubectl diff --git a/.github/workflows/pr-tests-linting.yml b/.github/workflows/pr-tests-linting.yml index 538dcf6eb94..c349cfb7848 100644 --- a/.github/workflows/pr-tests-linting.yml +++ b/.github/workflows/pr-tests-linting.yml @@ -30,8 +30,9 @@ jobs: - name: Install pip packages run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Get uv cache dir id: pip-cache diff --git a/.github/workflows/pr-tests-stack.yml b/.github/workflows/pr-tests-stack.yml index 175b0a258aa..f782cec03b9 100644 --- a/.github/workflows/pr-tests-stack.yml +++ b/.github/workflows/pr-tests-stack.yml @@ -53,8 +53,25 @@ jobs: if: steps.changes.outputs.stack == 'true' run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 + + - name: Get uv cache dir + if: steps.changes.outputs.stack == 'true' + id: pip-cache + shell: bash + run: | + echo "dir=$(uv cache dir)" >> $GITHUB_OUTPUT + + - name: Load github cache + uses: actions/cache@v4 + if: steps.changes.outputs.stack == 'true' + with: + path: ${{ steps.pip-cache.outputs.dir }} + key: ${{ runner.os }}-uv-py${{ matrix.python-version }} + restore-keys: | + ${{ runner.os }}-uv-py${{ matrix.python-version }} - name: Run syft backend base image building test if: steps.changes.outputs.stack == 'true' @@ -96,8 +113,9 @@ jobs: if: steps.changes.outputs.stack == 'true' run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Get uv cache dir if: steps.changes.outputs.stack == 'true' @@ -179,7 +197,7 @@ jobs: if: steps.changes.outputs.stack == 'true' run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + pip install uv==0.3.5 tox==4.18.0 tox-uv==1.11.2 uv --version - name: Get uv cache dir @@ -328,7 +346,7 @@ jobs: if: steps.changes.outputs.stack == 'true' run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + pip install uv==0.3.5 tox==4.18.0 tox-uv==1.11.2 uv --version - name: Get uv cache dir @@ -455,8 +473,9 @@ jobs: if: steps.changes.outputs.syft == 'true' run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Get uv cache dir id: pip-cache diff --git a/.github/workflows/pr-tests-syft.yml b/.github/workflows/pr-tests-syft.yml index 3c56d9acc43..b6a2825521e 100644 --- a/.github/workflows/pr-tests-syft.yml +++ b/.github/workflows/pr-tests-syft.yml @@ -66,8 +66,9 @@ jobs: if: steps.changes.outputs.syft == 'true' run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Get uv cache dir id: pip-cache @@ -157,8 +158,9 @@ jobs: if: steps.changes.outputs.syft == 'true' || steps.changes.outputs.notebooks == 'true' run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Get uv cache dir id: pip-cache @@ -321,8 +323,9 @@ jobs: if: steps.changes.outputs.stack == 'true' || steps.changes.outputs.notebooks == 'true' run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Get uv cache dir id: pip-cache @@ -418,8 +421,9 @@ jobs: if: steps.changes.outputs.syft == 'true' run: | python -m pip install --upgrade pip - pip install uv==0.2.17 tox==4.16.0 tox-uv==1.9.0 + python -m pip install uv==0.3.5 uv --version + python -m uv pip install tox==4.18.0 tox-uv==1.11.2 - name: Get uv cache dir if: steps.changes.outputs.syft == 'true'