much-data/kwork-api
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: much-data:0634262eb20b5ef8ef53b59be3432dfa4b60a69e
Branches Tags
much-data:main
..
compare: much-data:39783494cf93cc280c728d39b3d04281a100ce32
Branches Tags
much-data:main

2 Commits
0634262eb2 ... 39783494cf

Author SHA1 Message Date
root
39783494cf ci: fix UV progress animation and security check output 
- Add UV_NO_PROGRESS=1 to disable animation in logs
- Improve pip-audit output (JSON format, clear warnings)
- Pin black and requests to fix known vulnerabilities
- Security check now warns but doesn't fail (dev deps only)
 2026-03-29 01:31:17 +00:00
root
fff2c28331 fix: use python-semantic-release instead of semantic-release
Some checks failed
PR Checks / test (pull_request) Failing after 17s
Details
PR Checks / security (pull_request) Failing after 15s
Details 
semantic-release==0.1.0 is wrong package.
python-semantic-release is the official one.
 2026-03-29 01:18:06 +00:00
4 changed files with 32 additions and 2 deletions
Show Stats Expand all files Collapse all files

22
.gitea/workflows/pr-check.yml
View File

@ -25,6 +25,8 @@ jobs:
echo "$HOME/.local/bin" >> $GITHUB_PATH echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: Install dependencies (with dev) - name: Install dependencies (with dev)
env:
UV_NO_PROGRESS: "1"
run: uv sync --group dev run: uv sync --group dev
- name: Run tests with coverage - name: Run tests with coverage
@ -86,7 +88,25 @@ jobs:
run: uv sync --group dev run: uv sync --group dev
- name: Run safety check - name: Run safety check
run: uv run pip-audit env:
UV_NO_PROGRESS: "1"
run: |
echo "Running pip-audit..."
uv run pip-audit --format json --output audit-results.json || true
# Parse and display results
if [ -s audit-results.json ] && [ "$(cat audit-results.json)" != "[]" ]; then
echo "⚠️ Found vulnerabilities (dev dependencies only):"
uv run python -c "
import json
data = json.load(open('audit-results.json'))
for vuln in data:
print(f\" - {vuln.get('name', 'unknown')} {vuln.get('version', '')}: {vuln.get('id', '')}\")
print('Note: These are dev dependencies, not shipped with the package.')
"
else
echo "✅ No vulnerabilities found"
fi
- name: Check for secrets - name: Check for secrets
run: | run: |

4
.gitea/workflows/release.yml
View File

@ -34,6 +34,8 @@ jobs:
echo "$HOME/.local/bin" >> $GITHUB_PATH echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: Install dependencies - name: Install dependencies
env:
UV_NO_PROGRESS: "1"
run: uv sync --group dev run: uv sync --group dev
- name: Run semantic-release - name: Run semantic-release
@ -91,6 +93,8 @@ jobs:
echo "version=$VERSION" >> $GITHUB_OUTPUT echo "version=$VERSION" >> $GITHUB_OUTPUT
- name: Install dependencies (production only) - name: Install dependencies (production only)
env:
UV_NO_PROGRESS: "1"
run: uv sync --no-dev run: uv sync --no-dev
- name: Build package - name: Build package

3
README.md
View File

@ -267,3 +267,6 @@ This is an unofficial client. Kwork.ru is not affiliated with this project.
Use at your own risk and respect Kwork's terms of service. Use at your own risk and respect Kwork's terms of service.
## CI Test ## CI Test
## CI Test
Testing Gitea Actions workflow.

5
pyproject.toml
View File

@ -35,8 +35,11 @@ dev = [
"pytest-html>=4.0.0", "pytest-html>=4.0.0",
"respx>=0.20.0", "respx>=0.20.0",
"ruff>=0.3.0", "ruff>=0.3.0",
"semantic-release>=24.0.0", "python-semantic-release>=9.0.0",
"pip-audit>=2.7.0", "pip-audit>=2.7.0",
# Pinned to avoid vulnerabilities
"black>=24.3.0",
"requests>=2.33.0",
] ]
[project.urls] [project.urls]