Skip to content

fix: upgrade python-dotenv to 1.2.2 (CVE-2026-28684) #198

fix: upgrade python-dotenv to 1.2.2 (CVE-2026-28684)

fix: upgrade python-dotenv to 1.2.2 (CVE-2026-28684) #198

Workflow file for this run

name: Release
on:
push:
tags:
- "v*"
workflow_dispatch:
jobs:
quality-security:
name: Quality & Security
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install uv
uses: astral-sh/setup-uv@v2
with:
enable-cache: true
- name: Install just
uses: extractions/setup-just@v2
- name: Install dependencies
run: just install
- name: Run Gitleaks
uses: gitleaks/gitleaks-action@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Run Security Checks
run: just security
- name: Run Linters
run: just check
- name: Run Tests
run: just test
release:
name: Build & Release
needs: quality-security
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install uv
uses: astral-sh/setup-uv@v2
with:
enable-cache: true
- name: Install just
uses: extractions/setup-just@v2
- name: Set version from tag
run: |
VERSION=${GITHUB_REF_NAME#v}
sed -i "s/version = \".*\"/version = \"$VERSION\"/" pyproject.toml
- name: Build package
run: just build
- name: Publish to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
password: ${{ secrets.PYPI_TOKEN }}
- name: Create Release
uses: softprops/action-gh-release@v1
with:
files: dist/*
generate_release_notes: true
- name: Log in to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push Docker image
uses: docker/build-push-action@v4
with:
context: .
push: true
tags: |
dvilela/iwa:latest
dvilela/iwa:${{ github.ref_name }}