added vulnerable package to text test the pipeline

XeroAPI · Oct 8, 2024 · 1cfdd02 · 1cfdd02
1 parent a2bdc74
commit 1cfdd02
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 16 deletions.
diff --git a/.github/workflows/build-test-lint.yml b/.github/workflows/build-test-lint.yml
@@ -34,28 +34,16 @@ jobs:
               run: |
                pip install pip-audit
                pip install -r requirements.txt
-               pip-audit -r requirements.txt -o json > audit-result.json
-               if [ -s audit-result.json ]; then
-                echo "Vulnerabilities found!"
-                cat audit-result.json
-                exit 1
-               else
-                echo "No vulnerabilities found"
-               fi
+               echo "running audit...."
+               pip-audit -r requirements.txt
               working-directory: xero-python
 
             - name: Run audit on dev.txt
               run: |
                pip install pip-audit
                pip install -r requirements/dev.txt
-               pip-audit -r requirements/dev.txt -o json > audit-result.json
-               if [ -s audit-result.json ]; then
-                echo "Vulnerabilities found!"
-                cat audit-result.json
-                exit 1
-               else
-                echo "No vulnerabilities found"
-               fi
+               echo "running audit...."
+               pip-audit -r requirements/dev.txt
               working-directory: xero-python
 
             - name: Run Flake8

diff --git a/requirements.txt b/requirements.txt
@@ -3,3 +3,4 @@ python-dateutil>=2.7
 urllib3>=2.2.3
 certifi
 setuptools>=75.1.0
+django==2.2.9