Merge pull request #193 from arduino/dependabot/pip/black-23.10.0

build(deps-dev): bump black from 23.9.1 to 23.10.0
arduino · Oct 18, 2023 · f25d3c9 · f25d3c9
2 parents 2a2e767 + 02168a6
commit f25d3c9
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 25 deletions.
diff --git a/.github/workflows/test-python-poetry-task.yml b/.github/workflows/test-python-poetry-task.yml
@@ -104,8 +104,23 @@ jobs:
  coverage xml \
  -o "${{ github.workspace }}/${{ env.COVERAGE_DATA_FILENAME }}"
 
+ # A token is used to avoid intermittent spurious job failures caused by rate limiting.
+ - name: Set up Codecov upload token
+ run: |
+ if [[ "${{ github.repository }}" == "arduino/compile-sketches" ]]; then
+ # In order to avoid uploads of data from forks, only use the token for runs in the parent repo.
+ # Token is intentionally exposed.
+ # See: https://community.codecov.com/t/upload-issues-unable-to-locate-build-via-github-actions-api/3954
+ CODECOV_TOKEN="0c2a8127-e253-4812-8b83-6dcc586c2bf7"
+ else
+ # codecov/codecov-action does unauthenticated upload if empty string is passed via the `token` input.
+ CODECOV_TOKEN=""
+ fi
+ echo "CODECOV_TOKEN=$CODECOV_TOKEN" >> "$GITHUB_ENV"
+
  - name: Upload coverage report to Codecov
  uses: codecov/codecov-action@v3
  with:
  fail_ci_if_error: true
  file: ${{ env.COVERAGE_DATA_FILENAME }}
+ token: ${{ env.CODECOV_TOKEN }}
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -15,7 +15,7 @@ PyYAML = "6.0.1"
 semver = "3.0.2"
 
 [tool.poetry.group.dev.dependencies]
-black = "23.9.1"
+black = "23.10.0"
 codespell = "2.2.6"
 coverage = "7.3.2"
 pytest = "7.4.2"