fix(security): update the dependencies to fix CVE-2024-25128 (#3) #4

	name: Python Release

	on:
	push:
	tags:
	- '*'

	jobs:
	python-release-build:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Set up python 3.11
	id: setup-python
	uses: actions/setup-python@v5
	with:
	python-version: '3.11'

	- name: Install Poetry
	uses: snok/install-poetry@v1
	with:
	virtualenvs-create: true
	virtualenvs-in-project: true

	- name: Load cached venv
	id: cached-poetry-dependencies
	uses: actions/cache@v4
	with:
	path: .venv
	key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}

	- name: update the version
	run: \|
	poetry version ${{ github.ref_name }}

	- name: Install dependencies
	if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
	run: poetry install --no-interaction --no-root --all-extras

	- name: Install library
	run: poetry install --no-interaction --all-extras

	- name: Build release distributions
	run: \|
	poetry build

	- name: Upload dists
	uses: actions/upload-artifact@v4
	with:
	name: release-dists
	path: dist/

	pypi-publish:
	runs-on: ubuntu-latest
	needs:
	- python-release-build
	environment:
	name: pypi
	url: https://pypi.org/p/airflow-duckdb
	permissions:
	id-token: write
	steps:
	- name: Retrieve release distributions
	uses: actions/download-artifact@v4
	with:
	name: release-dists
	path: dist/

	- name: Publish release distributions to PyPI
	uses: pypa/gh-action-pypi-publish@release/v1

Provide feedback