catlog22/Claude-Code-Workflow
1
0
Fork 0
mirror of https://github.com/catlog22/Claude-Code-Workflow.git synced 2026-02-28 09:23:08 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
33e12a31ac7432653078249bdd18b7df4e10d357
Claude-Code-Workflow/codex-lens/DEPENDENCIES.md
catlog22 61e313a0c1 chore: move ccw-skill-hub to standalone repository 
Migrated ccw-skill-hub to D:/ccw-skill-hub as independent git project.
Removed nested git repos (ccw/frontend/ccw-skill-hub, skill-hub-repo, skill-hub-temp).
2026-02-24 11:57:26 +08:00

1.0 KiB
Raw Blame History

Dependency Management

This project uses setuptools with pyproject.toml for dependency management.

Locking Dependencies

To generate a fully pinned requirements.txt from requirements.in:

# Install pip-tools
pip install pip-tools

# Compile requirements
pip-compile requirements.in --output-file=requirements.txt

# To upgrade dependencies
pip-compile --upgrade requirements.in --output-file=requirements.txt

Version Constraints

This project uses pessimistic versioning (~=) for dependency specifications per PEP 440:

  • typer~=0.9.0 means: >=0.9.0, ==0.9.*
  • Allows bugfix updates (0.9.0, 0.9.1, 0.9.2) but not feature/minor updates (0.10.0)

This provides stability while allowing automatic patch updates.

Security Scanning

The project includes automated security scanning via GitHub Actions:

  • Runs on every push to main branch
  • Runs weekly (Sundays at 00:00 UTC)
  • Can be triggered manually

The scan uses:

  • pip-audit: Checks for known vulnerabilities in dependencies
  • bandit: Security linter for Python code
Reference in New Issue View Git Blame Copy Permalink