39 lines
910 B
YAML
39 lines
910 B
YAML
---
|
|
name: pip-audit
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
pull_request:
|
|
branches: [main]
|
|
schedule:
|
|
- cron: '0 0 * * 0' # Weekly on Sunday
|
|
|
|
# XXX need to do stuff with uv
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
matrix:
|
|
python-version:
|
|
- "3.11"
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Python ${{ matrix.python-version }}
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: '${{ matrix.python-version }}'
|
|
cache: 'pip'
|
|
cache-dependency-path: 'requirements.txt'
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
python -m pip install --upgrade pip-audit
|
|
pip install -r requirements.txt
|
|
|
|
- name: Check vulnerable components with pip-audit
|
|
run: |
|
|
pip-audit -r requirements.txt
|