ansys · SMoraisAnsys · Sep 6, 2025 · Sep 6, 2025 · Sep 7, 2025 · Sep 7, 2025
@@ -139,8 +139,10 @@ runs:
       shell: bash
       env:
         INSTALL_COMMAND: ${{ inputs.use-uv == 'true' && 'uv pip install --no-managed-python --system' || 'python -m pip install' }}
+        ACTION_PATH: ${{ github.action_path }}
       run: |
-        ${INSTALL_COMMAND} --upgrade pip 'twine<6.2.0'
+        ${INSTALL_COMMAND} --upgrade pip
+        ${INSTALL_COMMAND} -r ${ACTION_PATH}/requirements/requirements_release_pypi.txt
 
     - name: "Download the library artifacts from build-library step"
       uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0

@@ -164,8 +164,9 @@ runs:
       shell: bash
       env:
         INSTALL_COMMAND: ${{ inputs.use-uv == 'true' && 'uv pip install --no-managed-python --system' || 'python -m pip install' }}
+        ACTION_PATH: ${{ github.action_path }}
       run: |
-        ${INSTALL_COMMAND} build twine
+        ${INSTALL_COMMAND} -r ${ACTION_PATH}/requirements/requirements_build.txt
 
     - name: "Build distribution artifacts"
       shell: bash

@@ -363,11 +363,12 @@ runs:
       if: ${{ inputs.install-build-and-wheel == 'true' }}
       shell: bash
       env:
+        ACTION_PATH: ${{ github.action_path }}
         ACTIVATE_VENV: ${{ steps.virtual-environment-activation-command.outputs.ACTIVATE_VENV }}
         INSTALL_COMMAND: ${{ inputs.use-uv == 'true' && 'uv pip install --no-managed-python' || 'python -m pip install' }}
       run: |
         ${ACTIVATE_VENV}
-        $INSTALL_COMMAND build wheel
+        $INSTALL_COMMAND -r ${ACTION_PATH}/requirements/requirements_build.txt
 
     - name: "Generate the wheelhouse"
       shell: bash

@@ -167,20 +167,12 @@ runs:
       run: |
         $INSTALL_COMMAND -U pip
 
-    - name: Clone ansys/pip-licenses on main branch
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-      with:
-        repository: ansys/pip-licenses
-        path: "external/pip-licenses"
-        ref: "main"
-        persist-credentials: false
-
     - name: Install ansys/pip-licenses main branch
       shell: bash
       env:
         INSTALL_COMMAND: ${{ inputs.use-uv == 'true' && 'uv pip install --no-managed-python --system --no-cache' || 'python -m pip install --no-cache-dir' }}
       run: |
-        $INSTALL_COMMAND external/pip-licenses
+        $INSTALL_COMMAND -r external/pip-licenses/requirements.txt
 
     - name: "Check if specific target is requested"
       id: specific-target-requested

@@ -207,7 +207,7 @@ runs:
         fi
 
     - name: "Install Git and clone project"
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       if: ${{ inputs.checkout == 'true' }}
       with:
         repository: ${{ inputs.repo-full-name == '' && github.repository || inputs.repo-full-name }}
@@ -404,15 +404,15 @@ runs:
     - name: "Install action requirements"
       shell: bash
       env:
-        ACTIVATE_VENV_BANDIT_SAFETY: ${{ steps.virtual-environment-activation-command.outputs.ACTIVATE_VENV_BANDIT_SAFETY }}
         ACTION_PATH: ${{ github.action_path }}
+        ACTIVATE_VENV_BANDIT_SAFETY: ${{ steps.virtual-environment-activation-command.outputs.ACTIVATE_VENV_BANDIT_SAFETY }}
         BUILD_BACKEND: ${{ steps.github-environment-variables.outputs.BUILD_BACKEND }}
       run: |
         ${ACTIVATE_VENV_BANDIT_SAFETY}
         if [[ "${BUILD_BACKEND}" == 'uv' ]]; then
-          uv pip install -r "${ACTION_PATH}/requirements.txt"
+          uv pip install -r ${ACTION_PATH}/requirements/requirements_check_vulnerabilities.txt
         else
-          python -m pip install -r "${ACTION_PATH}/requirements.txt"
+          python -m pip install -r ${ACTION_PATH}/requirements/requirements_check_vulnerabilities.txt
         fi
 
     - name:  "Install wget on Windows"

@@ -258,14 +258,23 @@ runs:
     - name: "Install pre-commit v${{ inputs.pre-commit-version }}"
       shell: bash
       env:
-        PRE_COMMIT_VERSION: ${{ inputs.pre-commit-version }}
+        ACTION_PATH: ${{ github.action_path }}
         ACTIVATE_VENV: ${{ steps.virtual-environment-activation-command.outputs.ACTIVATE_VENV }}
+        PRE_COMMIT_VERSION: ${{ inputs.pre-commit-version }}
       run: |
         ${ACTIVATE_VENV}
-        if [[ "${BUILD_BACKEND}" == 'uv' ]]; then
-          uv pip install "pre-commit==${PRE_COMMIT_VERSION}"
+        if [[ "${PRE_COMMIT_VERSION}" == "3.8.0" ]]; then
+          if [[ "${BUILD_BACKEND}" == 'uv' ]]; then
+            uv pip install -r ${ACTION_PATH}/requirements/requirements_code_style.txt
+          else
+            pip install -r ${ACTION_PATH}/requirements/requirements_code_style.txt
+          fi
         else
-          python -m pip install "pre-commit==${PRE_COMMIT_VERSION}"
+          if [[ "${BUILD_BACKEND}" == 'uv' ]]; then
+            uv pip install "pre-commit==${PRE_COMMIT_VERSION}"
+          else
+            python -m pip install "pre-commit==${PRE_COMMIT_VERSION}"
+          fi
         fi
         pre-commit install
 

@@ -156,11 +156,18 @@ runs:
     - name: "Install towncrier and tomli"
       shell: bash
       env:
+        ACTION_PATH: ${{ github.action_path }}
+        INSTALL_COMMAND: ${{ inputs.use-uv == 'true' && 'uv pip install --no-managed-python --system' || 'python -m pip install' }}
         TOWNCRIER_VERSION: ${{ inputs.towncrier-version }}
         TOMLI_VERSION: ${{ inputs.tomli-version }}
-        INSTALL_COMMAND: ${{ inputs.use-uv == 'true' && 'uv pip install --no-managed-python --system' || 'python -m pip install' }}
       run: |
-        ${INSTALL_COMMAND} --upgrade pip towncrier==${TOWNCRIER_VERSION} tomli==${TOMLI_VERSION}
+        if [[ "${TOWNCRIER_VERSION}" == "24.8.0" && "${TOMLI_VERSION}" == "2.2.1"]]; then
+          ${INSTALL_COMMAND} --upgrade pip
+          ${INSTALL_COMMAND} -r ${ACTION_PATH}/requirements/requirements_changelog.txt
+        else
+          ${INSTALL_COMMAND} --upgrade pip
+          ${INSTALL_COMMAND} towncrier==${TOWNCRIER_VERSION} tomli==${TOMLI_VERSION}
+        fi
 
     - name: "Get first letter of conventional commit type"
       if: ${{ inputs.use-conventional-commits == 'true' }}

@@ -208,11 +208,17 @@ runs:
 
     - name: "Install towncrier, toml, and the project"
       env:
+        ACTION_PATH: ${{ github.action_path }}
         TOWNCRIER_VERSION: ${{ inputs.towncrier-version }}
         TOMLI_VERSION: ${{ inputs.tomli-version }}
       shell: bash
       run: |
-        python -m pip install --upgrade pip towncrier=="${TOWNCRIER_VERSION}" tomli=="${TOMLI_VERSION}"
+        python -m pip install --upgrade pip
+        if [[ "${TOWNCRIER_VERSION}" == "24.8.0" && "${TOMLI_VERSION}" == "2.2.1"]]; then
+          python -m pip install -r ${ACTION_PATH}/requirements/requirements_changelog.txt
+        else
+          python -m pip install towncrier==${TOWNCRIER_VERSION} tomli==${TOMLI_VERSION}
+        fi
 
     - name: "Get towncrier directory and project name"
       shell: python

@@ -203,9 +203,11 @@ runs:
     - name: "Install packaging"
       shell: bash
       env:
+        ACTION_PATH: ${{ github.action_path }}
         INSTALL_COMMAND: ${{ inputs.use-uv == 'true' && 'uv pip install --no-managed-python --system' || 'python -m pip install' }}
       run: |
         ${INSTALL_COMMAND} --upgrade pip packaging
+        ${INSTALL_COMMAND} -r ${ACTION_PATH}/requirements/requirements_deploy.txt
 
     # ------------------------------------------------------------------------
 

@@ -163,17 +163,18 @@ runs:
           fi
         fi
 
-    - name: "Install tomli"
+    - name: "Install tomli and docutils"
       shell: bash
       env:
-       TOMLI_VERSION: ${{ inputs.tomli-version }}
+        ACTION_PATH: ${{ github.action_path }}
+        TOMLI_VERSION: ${{ inputs.tomli-version }}
       run: |
-        python -m pip install --upgrade pip tomli==${TOMLI_VERSION}
-
-    - name: "Install docutils"
-      shell: bash
-      run: |
-        python -m pip install --upgrade docutils
+        python -m pip install --upgrade pip
+        if [[ "${TOMLI_VERSION}" == "2.2.1"]]; then
+          python -m pip install -r ${ACTION_PATH}/requirements/requirements_doc_style.txt
+        else
+          python -m pip install tomli==${TOMLI_VERSION} docutils==0.22
+        fi
 
     - name: "Get towncrier directory"
       shell: python

@@ -0,0 +1 @@
+Pin python package dependencies
@@ -73,11 +73,11 @@ runs:
     - name: "Install ghapi"
       shell: bash
       env:
+        ACTION_PATH: ${{ github.action_path }}
         INSTALL_COMMAND: ${{ inputs.use-uv == 'true' && 'uv pip install --no-managed-python --system' || 'python -m pip install' }}
       run: |
-
         ${INSTALL_COMMAND} --upgrade pip
-        ${INSTALL_COMMAND} ghapi
+        ${INSTALL_COMMAND} -r ${ACTION_PATH}/requirements/requirements_hk_package.txt
 
     - name: "Declare Python script"
       shell: bash

@@ -69,11 +69,11 @@ runs:
     - name: "Install ghapi"
       shell: bash
       env:
+        ACTION_PATH: ${{ github.action_path }}
         INSTALL_COMMAND: ${{ inputs.use-uv == 'true' && 'uv pip install --no-managed-python --system' || 'python -m pip install' }}
       run: |
-
         ${INSTALL_COMMAND} --upgrade pip
-        ${INSTALL_COMMAND} ghapi
+        ${INSTALL_COMMAND} -r ${ACTION_PATH}/requirements/requirements_hk_package.txt
 
     - name: "Clone script"
       shell: bash

@@ -347,12 +347,18 @@ runs:
     - name: "Install toml and pypandoc"
       shell: bash
       env:
+        ACTION_PATH: ${{ github.action_path }}
+        INSTALL_COMMAND: ${{ inputs.use-uv == 'true' && 'uv pip install --no-managed-python --system' || 'python -m pip install' }}
         TOMLI_VERSION: ${{ inputs.tomli-version }}
         PYPANDOC_BINARY_VERSION: ${{ inputs.pypandoc-binary-version }}
-        INSTALL_COMMAND: ${{ inputs.use-uv == 'true' && 'uv pip install --no-managed-python --system' || 'python -m pip install' }}
       run: |
-        ${INSTALL_COMMAND} --upgrade pip tomli=="$TOMLI_VERSION"
-        ${INSTALL_COMMAND} pypandoc-binary=="$PYPANDOC_BINARY_VERSION"
+        if [[ "${PYPANDOC_BINARY_VERSION}" == "1.15" && "${TOMLI_VERSION}" == "2.2.1"]]; then
+          ${INSTALL_COMMAND} --upgrade pip
+          ${INSTALL_COMMAND} -r ${ACTION_PATH}/requirements/requirements_release_github.txt
+        else
+          ${INSTALL_COMMAND} --upgrade pip tomli=="$TOMLI_VERSION"
+          ${INSTALL_COMMAND} pypandoc-binary=="$PYPANDOC_BINARY_VERSION"
+        fi
 
     - name: "Get the release notes body"
       if: inputs.changelog-release-notes == 'true'

diff --git a/requirements/requirements_build.txt b/requirements/requirements_build.txt
@@ -0,0 +1,30 @@
+backports.tarfile==1.2.0
+build==1.3.0
+certifi==2025.8.3
+charset-normalizer==3.4.3
+colorama==0.4.6
+docutils==0.22
+id==1.5.0
+idna==3.10
+importlib_metadata==8.7.0
+jaraco.classes==3.4.0
+jaraco.context==6.0.1
+jaraco.functools==4.3.0
+keyring==25.6.0
+markdown-it-py==4.0.0
+mdurl==0.1.2
+more-itertools==10.8.0
+nh3==0.3.0
+packaging==25.0
+Pygments==2.19.2
+pyproject_hooks==1.2.0
+pywin32-ctypes==0.2.3
+readme_renderer==44.0
+requests==2.32.5
+requests-toolbelt==1.0.0
+rfc3986==2.0.0
+rich==14.1.0
+tomli==2.2.1
+twine==6.1.0
+urllib3==2.5.0
+zipp==3.23.0
diff --git a/requirements/requirements_changelog.txt b/requirements/requirements_changelog.txt
@@ -0,0 +1,6 @@
+click==8.2.1
+colorama==0.4.6
+Jinja2==3.1.6
+MarkupSafe==3.0.2
+tomli==2.2.1
+towncrier==24.8.0
diff --git a/requirements/requirements_check_licenses.txt b/requirements/requirements_check_licenses.txt
@@ -0,0 +1,4 @@
+pip-licenses @ git+https://github.com/ansys/pip-licenses@main
+prettytable==3.16.0
+tomli==2.2.1
+wcwidth==0.2.13
diff --git a/requirements/requirements_check_vulnerabilities.txt b/requirements/requirements_check_vulnerabilities.txt
@@ -0,0 +1,52 @@
+annotated-types==0.7.0
+anyio==4.10.0
+Authlib==1.6.3
+backports-datetime-fromisoformat==2.0.3
+bandit==1.8.6
+certifi==2025.8.3
+cffi==1.17.1
+charset-normalizer==3.4.3
+click==8.2.1
+colorama==0.4.6
+cryptography==45.0.7
+dparse==0.6.4
+exceptiongroup==1.3.0
+filelock==3.19.1
+h11==0.16.0
+httpcore==1.0.9
+httpx==0.28.1
+idna==3.10
+Jinja2==3.1.6
+joblib==1.5.2
+markdown-it-py==4.0.0
+MarkupSafe==3.0.2
+marshmallow==4.0.1
+mdurl==0.1.2
+nltk==3.9.1
+packaging==25.0
+psutil==7.0.0
+pycparser==2.22
+pydantic==2.9.2
+pydantic_core==2.23.4
+PyGithub==2.8.1
+Pygments==2.19.2
+PyJWT==2.10.1
+PyNaCl==1.5.0
+PyYAML==6.0.2
+regex==2025.9.1
+requests==2.32.5
+rich==14.1.0
+ruamel.yaml==0.18.15
+ruamel.yaml.clib==0.2.12
+safety==3.6.1
+safety-schemas==0.0.14
+shellingham==1.5.4
+sniffio==1.3.1
+stevedore==5.5.0
+tenacity==9.1.2
+tomli==2.2.1
+tomlkit==0.13.3
+tqdm==4.67.1
+typer==0.17.4
+typing_extensions==4.15.0
+urllib3==2.5.0
diff --git a/requirements/requirements_code_style.txt b/requirements/requirements_code_style.txt
@@ -0,0 +1,10 @@
+cfgv==3.4.0
+distlib==0.4.0
+filelock==3.19.1
+identify==2.6.13
+nodeenv==1.9.1
+platformdirs==4.4.0
+pre-commit==3.8.0
+PyYAML==6.0.2
+typing_extensions==4.15.0
+virtualenv==20.34.0
diff --git a/requirements/requirements_deploy.txt b/requirements/requirements_deploy.txt
@@ -0,0 +1 @@
+packaging==25.0
diff --git a/requirements/requirements_doc_style.txt b/requirements/requirements_doc_style.txt
@@ -0,0 +1,2 @@
+docutils==0.22
+tomli==2.2.1
diff --git a/requirements/requirements_hk_package.txt b/requirements/requirements_hk_package.txt
@@ -0,0 +1,3 @@
+fastcore==1.8.8
+ghapi==1.0.6
+packaging==25.0
diff --git a/requirements/requirements_pytest.txt b/requirements/requirements_pytest.txt
@@ -0,0 +1,12 @@
+colorama==0.4.6
+exceptiongroup==1.3.0
+iniconfig==2.1.0
+packaging==25.0
+pip==23.0.1
+pluggy==1.6.0
+Pygments==2.19.2
+pytest # Not pinned to avoid conflicts with projects
+pytest-randomly==3.16.0
+setuptools==65.5.0
+tomli==2.2.1
+typing_extensions==4.15.0
diff --git a/requirements/requirements_release_github.txt b/requirements/requirements_release_github.txt
@@ -0,0 +1,2 @@
+pypandoc_binary==1.15
+tomli==2.2.1