Skip to content

Commit

Permalink
chore: prevent dev-lowest-lockfile from dependency bumps (#359)
Browse files Browse the repository at this point in the history
Signed-off-by: Jan Kowalleck <[email protected]>
  • Loading branch information
jkowalleck authored Mar 20, 2023
1 parent 32ce3a2 commit 16870f4
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 2 deletions.
2 changes: 2 additions & 0 deletions requirements.lowest.txt → deps.lowest.r
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,5 @@ py-serializable == 0.11.1
importlib-metadata == 3.4.0 # ; python_version < '3.8'
setuptools == 47.0.0
types-setuptools == 57.0.0

# file name is a untypical one, so dependabot does not bump this file
2 changes: 1 addition & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ keywords = [
"Bug Tracker" = "https://github.com/CycloneDX/cyclonedx-python-lib/issues"

[tool.poetry.dependencies]
# ATTENTION: keep `requirements.lowest.txt` file in sync
# ATTENTION: keep `deps.lowest.r` file in sync
python = "^3.7"
importlib-metadata = { version = "^3.4.0", python = "<3.8" }
packageurl-python = ">= 0.9"
Expand Down
2 changes: 1 addition & 1 deletion tox.ini
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ whitelist_externals = poetry
commands_pre =
{envpython} --version
poetry install -v
lowest: poetry run pip install -U -r requirements.lowest.txt
lowest: poetry run pip install -U -r deps.lowest.r
poetry run pip freeze
commands =
poetry run coverage run --source=cyclonedx -m unittest discover -t . -s tests -v
Expand Down

0 comments on commit 16870f4

Please sign in to comment.