Tox Security Fix (#1242)

* checkpoint * safety ignore * update python matrix for data checks * downloading census once
2025-07-30 01:01:16 -07:00 · 2022-02-03 17:05:51 -05:00 · 2022-02-03 17:05:51 -05:00 · 1d399d3ca9
commit 1d399d3ca9
parent fb69a09485
5 changed files with 641 additions and 657 deletions
--- a/data/data-pipeline/poetry.lock
+++ b/data/data-pipeline/poetry.lock
--- a/data/data-pipeline/pyproject.toml
+++ b/data/data-pipeline/pyproject.toml
@ -13,10 +13,10 @@ ipython = "^7.31.1"
 jupyter = "^1.0.0"
 jupyter-contrib-nbextensions = "^0.5.1"
 matplotlib = "^3.4.2"
-numpy = "^1.21.0"
+numpy = "^1.22.1"
 pandas = "^1.2.5"
 pillow = "9.0.0"
-python = "^3.7.1"
+python = "^3.8"
 pypandoc = "^1.6.3"
 requests = "^2.25.1"
 tqdm = "4.62.0"
--- a/data/data-pipeline/tox.ini
+++ b/data/data-pipeline/tox.ini
@ -1,7 +1,7 @@
 [tox]
 # required because we use pyproject.toml
 isolated_build = true
-envlist = py37, py38, py39, lint, checkdeps, pytest
+envlist = py38, py39, lint, checkdeps, pytest
 # only checks python versions installed locally
 skip_missing_interpreters = true

@ -14,7 +14,7 @@ commands = black data_pipeline
 [testenv:checkdeps]
 # checks the dependencies for security vulnerabilities and open source licenses
 allowlist_externals = bash
-commands = safety check
+commands = safety check --ignore 44715  # known issue: https://github.com/pyupio/safety/issues/364
           bash scripts/run-liccheck.sh

 [testenv:pytest]