Merge branch 'fix/issue-132-n-plus-one-event-type-filter' #327
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| jobs: | |
| test: | |
| name: Test (Python ${{ matrix.python-version }}) | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| python-version: ["3.10", "3.11", "3.12"] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install SDK + server deps | |
| run: | | |
| pip install --upgrade pip | |
| pip install -e . | |
| pip install \ | |
| fastapi \ | |
| "uvicorn[standard]" \ | |
| "sqlalchemy[asyncio]" \ | |
| aiosqlite \ | |
| alembic \ | |
| aiofiles \ | |
| bcrypt \ | |
| httpx \ | |
| langchain-core \ | |
| pydantic-ai \ | |
| pytest \ | |
| pytest-asyncio \ | |
| pytest-xdist \ | |
| pytest-timeout \ | |
| ruff | |
| - name: Lint | |
| run: ruff check . | |
| - name: Test | |
| run: pytest -q -n auto --timeout=30 --maxfail=5 | |
| - name: Build frontend | |
| run: | | |
| cd frontend | |
| npm ci | |
| npm run build | |
| dep-check: | |
| name: Dependency security | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Review dependency changes (PRs only) | |
| if: github.event_name == 'pull_request' | |
| uses: actions/dependency-review-action@v4 | |
| with: | |
| fail-on-severity: high | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.12" | |
| - name: Install audit tools | |
| run: pip install pip-audit | |
| - name: Audit SDK dependencies | |
| run: pip-audit --desc --strict -r <(python3 -c "import tomllib; d=tomllib.load(open('pyproject.toml','rb')); print('\n'.join(d['project']['dependencies']))") | |
| - name: Audit server dependencies | |
| run: pip-audit --desc --strict -r <(python3 -c "import tomllib; d=tomllib.load(open('pyproject-server.toml','rb')); print('\n'.join(d['project']['dependencies']))") | |
| - uses: actions/setup-node@v6 | |
| with: | |
| node-version: "22" | |
| cache: npm | |
| cache-dependency-path: frontend/package-lock.json | |
| - name: Audit frontend dependencies | |
| working-directory: frontend | |
| run: npm ci && npm audit --audit-level=high |