
Security News
OpenGrep Restores Fingerprinting in JSON and SARIF Outputs
OpenGrep has restored fingerprint and metavariable support in JSON and SARIF outputs, making static analysis more effective for CI/CD security automation.
Example python 3.9+ project where we can develop best practices and provide teams with a useful template with the following features:
This project uses poetry is a tool for dependency management and packaging in Python. It allows you to declare the libraries your project depends on, it will manage (install/update) them for you.
Use the installer rather than pip installing-with-the-official-installer.
poetry self add poetry-bumpversion
poetry -V
Poetry (version 1.2.0)
poetry update
poetry install
poetry run agileetc
poetry run flake8
poetry run pytest
export PYPI_USERNAME=__token__
export PYPI_PASSWORD=<Your API Token>
poetry publish --build --username $PYPI_USERNAME --password $PYPI_PASSWORD
We use SemVer for versioning. For the versions available, see the tags on this repository.
We are using poetry-bumpversion to manage release versions.
poetry version patch
Once the release has been created it is now available for you to use in other python projects via:
pip install agileetc
And also for poetry projects via:
poetry add aigleetc
The objects of each of the example CI pipelines here are to:
The example GitHub actions CI for this project is located in file .github/workflows/python-ci.yml and is available from the GitHub dashboard. This CI is setup to run via a local runner which should be configured.
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
This project is licensed under the Apache License, Version 2.0 - see the LICENSE file for details
FAQs
Future Agile CICD tooling template
We found that agileetc demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenGrep has restored fingerprint and metavariable support in JSON and SARIF outputs, making static analysis more effective for CI/CD security automation.
Security News
Security experts warn that recent classification changes obscure the true scope of the NVD backlog as CVE volume hits all-time highs.
Security Fundamentals
Attackers use obfuscation to hide malware in open source packages. Learn how to spot these techniques across npm, PyPI, Maven, and more.