Update generate CI workflow for pip-audit (#412)

CasperWA · web-flow · commit 8e2efe0901bc · 2025-10-01T11:23:22.000+02:00
diff --git a/{{ cookiecutter.project_slug }}/.github/dependabot.yml b/{{ cookiecutter.project_slug }}/.github/dependabot.yml
@@ -2,7 +2,9 @@ version: 2
 
 updates:
 - package-ecosystem: pip
-  directory: "/"
+  directories:
+    - "/"
+    - "/.github/utils"
   schedule:
     interval: weekly
     day: monday
diff --git a/{{ cookiecutter.project_slug }}/.github/utils/requirements_ci.txt b/{{ cookiecutter.project_slug }}/.github/utils/requirements_ci.txt
@@ -0,0 +1 @@
+pip-tools==7.5.0
diff --git a/{{ cookiecutter.project_slug }}/.github/workflows/ci_tests.yml b/{{ cookiecutter.project_slug }}/.github/workflows/ci_tests.yml
@@ -61,12 +61,17 @@ jobs:
       run: |
         python -m pip install --upgrade pip
         pip install -U setuptools wheel
-        pip install -e .[dev]
+        pip install -r .github/utils/requirements_ci.txt
+
+    - name: Prepare for pip-audit{% raw %}
+      run: pip-compile --output-file=${{ runner.temp }}/requirements.txt --all-extras --allow-unsafe ${{ github.workspace }}/pyproject.toml
 
     - name: Run pip-audit
       uses: pypa/gh-action-pip-audit@v1.1.0
+      with:
+        inputs: ${{ runner.temp }}/requirements.txt
 
-  pytest:{% raw %}
+  pytest:
     name: pytest (${{ matrix.os[1] }}-py${{ matrix.python-version }})
     runs-on: ${{ matrix.os[0] }}
 
