From 0a075a2125d563a333cc047e159f5ccd29c364a3 Mon Sep 17 00:00:00 2001
From: Timothy Johnson <timothy.johnson@broadcom.com>
Date: Mon, 26 Aug 2024 17:55:29 -0400
Subject: [PATCH 1/2] Fix audit workflow and revert Secrets SDK version

Signed-off-by: Timothy Johnson <timothy.johnson@broadcom.com>
---
 .github/workflows/audit.yml        | 9 ++++++++-
 .github/workflows/sdk-release.yaml | 6 +++---
 src/secrets/Cargo.lock             | 2 +-
 src/secrets/Cargo.toml             | 2 +-
 4 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index 9bb178e4..db45876c 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -15,7 +15,14 @@ jobs:
     - name: Checkout
       uses: actions/checkout@v4
 
-    - name: Check Vulnerabilities
+    - name: Install Rust toolchain
+      uses: dtolnay/rust-toolchain@stable
+
+    - name: Check Python Vulnerabilities
       uses: pypa/gh-action-pip-audit@v1.1.0
       with:
         inputs: requirements.txt docs/requirements.txt
+
+    - name: Check Secrets SDK Vulnerabilities
+      working-directory: src/secrets
+      run: cargo audit --deny warnings
diff --git a/.github/workflows/sdk-release.yaml b/.github/workflows/sdk-release.yaml
index 6cc56262..32055718 100644
--- a/.github/workflows/sdk-release.yaml
+++ b/.github/workflows/sdk-release.yaml
@@ -50,9 +50,9 @@ jobs:
           with open(os.environ["GITHUB_OUTPUT"], 'a') as f:
             print("version=" + ("-".join(new_version.rsplit(".", 1)) if new_version.count(".") > 2 else new_version), file=f)
 
-      - name: Update version (cargo)
-        run: cargo install cargo-edit && cargo set-version ${{ steps.update-version.outputs.version }}
-        working-directory: src/secrets
+      # - name: Update version (cargo)
+      #   run: cargo install cargo-edit && cargo set-version ${{ steps.update-version.outputs.version }}
+      #   working-directory: src/secrets
 
       - name: Update version (git)
         run: git add src/_version.py src/secrets/Cargo.*
diff --git a/src/secrets/Cargo.lock b/src/secrets/Cargo.lock
index 6f1119f5..06a47635 100644
--- a/src/secrets/Cargo.lock
+++ b/src/secrets/Cargo.lock
@@ -241,7 +241,7 @@ checksum = "1e186cfbae8084e513daff4240b4797e342f988cecda4fb6c939150f96315fd8"
 
 [[package]]
 name = "keyring"
-version = "1.0.0-dev21"
+version = "1.0.0-dev12"
 dependencies = [
  "pyo3",
  "secrets_core",
diff --git a/src/secrets/Cargo.toml b/src/secrets/Cargo.toml
index b5e9fc2d..6262e3e0 100644
--- a/src/secrets/Cargo.toml
+++ b/src/secrets/Cargo.toml
@@ -2,7 +2,7 @@
 name = "keyring"
 readme = "README.md"
 repository = "https://github.com/zowe/zowe-client-python-sdk"
-version = "1.0.0-dev21"
+version = "1.0.0-dev12"
 edition = "2021"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

From 7d042496cae10afd03ddae5b3742e563753e842a Mon Sep 17 00:00:00 2001
From: Timothy Johnson <timothy.johnson@broadcom.com>
Date: Mon, 26 Aug 2024 18:01:31 -0400
Subject: [PATCH 2/2] Update pytest version

Signed-off-by: Timothy Johnson <timothy.johnson@broadcom.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 24de5c62..cd3bf105 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -19,7 +19,7 @@ pydoclint==0.5.3
 pyfakefs
 pylama==7.7.1
 pylint==3.2.5
-pytest==7.1.2
+pytest==7.4.4
 python-decouple==3.4
 PyYAML==6.0.1
 requests==2.32.0