{"id":20940407,"url":"https://github.com/fedora-python/tox-github-action","last_synced_at":"2025-10-09T06:08:11.457Z","repository":{"id":37859827,"uuid":"267846985","full_name":"fedora-python/tox-github-action","owner":"fedora-python","description":"Run Tox tests on Fedora for Github pushes \u0026 pull requests","archived":false,"fork":false,"pushed_at":"2025-05-13T13:12:53.000Z","size":19,"stargazers_count":16,"open_issues_count":4,"forks_count":3,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-09-23T17:03:36.370Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://github.com/marketplace/actions/python-tox-on-fedora","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fedora-python.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-05-29T12:00:04.000Z","updated_at":"2025-08-09T23:01:41.000Z","dependencies_parsed_at":"2025-05-13T13:40:30.533Z","dependency_job_id":"68f7a2b6-79dd-476a-9cfb-4430e19facc0","html_url":"https://github.com/fedora-python/tox-github-action","commit_stats":{"total_commits":20,"total_committers":5,"mean_commits":4.0,"dds":"0.44999999999999996","last_synced_commit":"01110970d6efe5bf3a5404fb4620ab6882988517"},"previous_names":[],"tags_count":12,"template":false,"template_full_name":null,"purl":"pkg:github/fedora-python/tox-github-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fedora-python%2Ftox-github-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fedora-python%2Ftox-github-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fedora-python%2Ftox-github-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fedora-python%2Ftox-github-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fedora-python","download_url":"https://codeload.github.com/fedora-python/tox-github-action/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fedora-python%2Ftox-github-action/sbom","scorecard":{"id":395465,"data":{"date":"2025-08-11","repo":{"name":"github.com/fedora-python/tox-github-action","commit":"95cdccc8f60656b81b23fb142342fda92e916a8f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.5,"checks":[{"name":"Code-Review","score":7,"reason":"Found 17/24 approved changesets -- score normalized to 7","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/main.yml:1","Warn: no topLevel permission defined: .github/workflows/this-repo.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/fedora-python/tox-github-action/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/fedora-python/tox-github-action/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/this-repo.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/fedora-python/tox-github-action/this-repo.yml/main?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":-1,"reason":"internal error: internal error: Client.Checks.ListCheckRunsForRef: error during graphqlHandler.setupCheckRuns: non-200 OK status code: 502 Bad Gateway body: \"\u003chtml\u003e\\r\\n\u003chead\u003e\u003ctitle\u003e502 Bad Gateway\u003c/title\u003e\u003c/head\u003e\\r\\n\u003cbody\u003e\\r\\n\u003ccenter\u003e\u003ch1\u003e502 Bad Gateway\u003c/h1\u003e\u003c/center\u003e\\r\\n\u003chr\u003e\u003ccenter\u003enginx\u003c/center\u003e\\r\\n\u003c/body\u003e\\r\\n\u003c/html\u003e\\r\\n\"","details":null,"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-18T18:53:16.372Z","repository_id":37859827,"created_at":"2025-08-18T18:53:16.372Z","updated_at":"2025-08-18T18:53:16.372Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279000658,"owners_count":26082805,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-08T02:00:06.501Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-18T23:10:15.559Z","updated_at":"2025-10-09T06:08:11.436Z","avatar_url":"https://github.com/fedora-python.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"![Run Tox tests](https://github.com/fedora-python/tox-github-action/workflows/Run%20Tox%20tests/badge.svg)\n![Run tests with code in this repository](https://github.com/fedora-python/tox-github-action/workflows/Run%20tests%20with%20code%20in%20this%20repository/badge.svg)\n\n# Tox Github Action\n\nThis GitHub action tests a checked-out Python project using\n[Tox](https://tox.readthedocs.io/en/latest/index.html).\n\n\n## Usage\n\n```yaml\n- uses: fedora-python/tox-github-action\n  with:\n    # The tox environment to run\n    # Default: py312 (subject to change as new Python releases come out)\n    tox_env: py312\n```\n\nAdd the action to your workflow file, e.g. `.github/workflows/main.yml`,\nafter checking out your code.\n\nYou can use the `matrix` strategy to run with multiple Tox environments.\nFor an example, see [this project's workflow](.github/workflows/main.yml).\nUnfortunately, you need to repeat all the environment names\nfrom your Tox configuration.\n(As far as we know, this is required in order to have individual environments\nshow up as separate runs on GitHub. Discuss this limitation in [issue 8].)\n\nYou can also install RPM packages from Fedora by setting `dnf_install` to\na space-separated list of *provides*, such as:\n\n* Fedora package names, e.g. `libgit2-devel`,\n* pkgconfig names, e.g. `pkgconfig(libffi)`,\n* commands, e.g. `/usr/bin/cowsay`, ...\n\n```yaml\n- uses: fedora-python/tox-github-action\n  with:\n    tox_env: py38\n    dnf_install: pkgconfig(libffi) libgit2-devel\n```\n\nThe string will be literally used in `dnf install ...`, so you can also use\ngroups or DNF options.\n\n[issue 8]: https://github.com/fedora-python/tox-github-action/issues/8\n\nIf your application isn't in the root of your project, set `workdir`. The action\nwill switch to the specified path before tox execution.\n\n```yaml\n- uses: fedora-python/tox-github-action\n  with:\n    tox_env: py38\n    workdir: \"python/\"\n```\n\n## Changelog\n\nUntil version 0.4, this action always used the latest [fedora-python-tox](https://hub.docker.com/repository/docker/fedorapython/fedora-python-tox)\nimage. Since version 34.0, the first number in the version (also sometimes\nreferred to as the \"major version\") represents the release of Fedora used in the image.\n\n### v41.0\n\n* Uses Fedora 41 as the base container image.\n* Python 2.7 is no longer available.\n* PyPy 3.11 is now available\n* Python 3.13 is now the default tox environment if none is configured.\n\n### v40.0\n\n* Uses Fedora 40 as the base container image.\n* Python 3.7 is no longer available.\n* Python 3.12 is now the default tox environment if none is configured.\n\n### v39.0\n\n* Uses Fedora 39 as the base container image.\n\n### v38.0\n\n* Uses Fedora 38 as the base container image.\n* PyPy 3.8 is no longer available.\n\n### v37.0\n\n* Uses Fedora 37 as the base container image.\n* PyPy 3.7 is no longer available.\n\n### v36.0\n\n* Uses Fedora 36 as the base container image.\n\n### v35.1\n\n* Allows to run tests from a subdirectory via `workdir`.\n\n### v35.0\n\n* Uses Fedora 35 as the base container image.\n* No longer supports Python 3.5 and PyPy 3.6.\n* Newly supports PyPy 3.7, 3.8 and 3.9.\n\n### v34.0\n\n* First version pinned explicitly to Fedora 34.\n\n## License\n\nThe code, content and configuration in this repository is given away unter the\nCC0 1.0 Universal Public Domain Dedication:\nhttps://creativecommons.org/publicdomain/zero/1.0/\n\nMay it serve you well!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffedora-python%2Ftox-github-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffedora-python%2Ftox-github-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffedora-python%2Ftox-github-action/lists"}