diff --git a/.github/workflows/pip-audit.yml b/.github/workflows/pip-audit.yml index f18babf57..a754b0ac0 100644 --- a/.github/workflows/pip-audit.yml +++ b/.github/workflows/pip-audit.yml @@ -14,8 +14,8 @@ jobs: steps: - name: Check out repository code - uses: actions/checkout@v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: pypa/gh-action-pip-audit@v1.0.8 + - uses: pypa/gh-action-pip-audit@1220774d901786e6f652ae159f7b6bc8fea6d266 # v1.1.0 with: inputs: . diff --git a/CHANGELOG.md b/CHANGELOG.md index d4425ad29..c74525ebf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -52,6 +52,7 @@ - doc: fix typo in usage.md, add documentation links to README @devs6186 #2274 - binja: add mypy config for top-level binaryninja module to fix mypy issues @devs6186 #2399 - ci: deprecate macos-13 runner and use Python v3.13 for testing @mike-hunhoff #2777 +- ci: pin pip-audit action SHAs and update to v1.1.0 @kami922 #1131 ### Raw diffs - [capa v9.3.1...master](https://github.com/mandiant/capa/compare/v9.3.1...master) diff --git a/tests/conftest.py b/tests/conftest.py index 9637ed87f..2f21d4703 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -20,8 +20,8 @@ # see the following for a discussion: # https://www.revsys.com/tidbits/pytest-fixtures-are-magic/ # https://lobste.rs/s/j8xgym/pytest_fixtures_are_magic -from fixtures import * # noqa: F403 [unable to detect undefined names] -from fixtures import _692f_dotnetfile_extractor # noqa: F401 [imported but unused] -from fixtures import _1c444_dotnetfile_extractor # noqa: F401 [imported but unused] -from fixtures import _039a6_dotnetfile_extractor # noqa: F401 [imported but unused] -from fixtures import _0953c_dotnetfile_extractor # noqa: F401 [imported but unused] +from .fixtures import * # noqa: F403 [unable to detect undefined names] +from .fixtures import _692f_dotnetfile_extractor # noqa: F401 [imported but unused] +from .fixtures import _1c444_dotnetfile_extractor # noqa: F401 [imported but unused] +from .fixtures import _039a6_dotnetfile_extractor # noqa: F401 [imported but unused] +from .fixtures import _0953c_dotnetfile_extractor # noqa: F401 [imported but unused]