-
Notifications
You must be signed in to change notification settings - Fork 0
49 lines (41 loc) · 1.08 KB
/
security-python.yml
File metadata and controls
49 lines (41 loc) · 1.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# .github/workflows/security-python.yml
# See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions
name: Check Python Code Security
on:
pull_request:
paths:
- "src/**/*.py"
- "tests/**/*.py"
- "noxfile.py"
- "pyproject.toml"
- "bandit.yml"
- ".ruff.toml"
- ".github/workflows/security-python.yml"
push:
branches:
- main
- master
paths:
- "src/**/*.py"
- "tests/**/*.py"
- "noxfile.py"
- "pyproject.toml"
- "bandit.yml"
- ".ruff.toml"
- ".github/workflows/security-python.yml"
workflow_dispatch:
jobs:
security-python:
name: Run Python Code Security Checks
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install uv
uses: astral-sh/setup-uv@v6
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version-file: ".github/workflows/.python-version"
- name: Run Python code security analysis
run: uvx nox -s security-python