InvenTree

Mirrored_Repos/InvenTree

Fork 0

mirror of https://github.com/inventree/InvenTree synced 2024-08-30 18:33:04 +00:00

Commit Graph

Author	SHA1	Message	Date
Matthias Mair	83191d3fbf	Improve reproduciblity of image (#7120 ) * hard-pin doc requirements * update docs and commands * hard pin container requirements * check hashes in image build * remove seperate uv install (is in base_requirements) * containers already ships 3.11 - adjust packaging * move build deps to general ci requirements * install yarn using native tools Closes https://github.com/inventree/InvenTree/security/code-scanning/95 Closes https://github.com/inventree/InvenTree/security/code-scanning/96 * merge install steps * adapt install command args to be similar * adapt docs to suggest safer install arg * fix install path * update dependabot settings	2024-04-29 11:04:45 +10:00
Matthias Mair	938c724395	Pin hashes in requirements (#7081 ) * use global pin for requests * unify on yaml for workflo files * format workflow files * pin action versions * fix pinned version * use system venv * switch args * remove uv for now and add setting for pyyaml * use requirements file * also switch on docker flow * generate hashes * added hashes to reqs * add hashes for CI too * add hash checking * require hashes everywhere possible * require hashes where possible in docker	2024-04-23 17:15:52 +10:00

Author

SHA1

Message

Date

Matthias Mair

83191d3fbf

Improve reproduciblity of image (#7120 )

* hard-pin doc requirements

* update docs and commands

* hard pin container requirements

* check hashes in image build

* remove seperate uv install (is in base_requirements)

* containers already ships 3.11 - adjust packaging

* move build deps to general ci requirements

* install yarn using native tools

Closes https://github.com/inventree/InvenTree/security/code-scanning/95
Closes https://github.com/inventree/InvenTree/security/code-scanning/96

* merge install steps

* adapt install command args to be similar

* adapt docs to suggest safer install arg

* fix install path

* update dependabot settings

2024-04-29 11:04:45 +10:00

Matthias Mair

938c724395

Pin hashes in requirements (#7081 )

* use global pin for requests

* unify on yaml for workflo files

* format workflow files

* pin action versions

* fix pinned version

* use system venv

* switch args

* remove uv for now and add setting for pyyaml

* use requirements file

* also switch on docker flow

* generate hashes

* added hashes to reqs

* add hashes for CI too

* add hash checking

* require hashes everywhere possible

* require hashes where possible in docker

2024-04-23 17:15:52 +10:00

2 Commits