Skip to content
Security Audit

Feature/tzp 260007:Move folders into sample folder #36

Sign in to view logs

Feature/tzp 260007:Move folders into sample folder

Feature/tzp 260007:Move folders into sample folder #36

Workflow file for this run

.github/workflows/security.yml at ddfcd1a
name: Security Audit
on:
push:
branches: [main]
pull_request:
permissions:
contents: write
jobs:
audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: true
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Cache Poetry dependencies
uses: actions/cache@v3
with:
path: |
~/.cache/pypoetry
~/.cache/pip
key: ${{ runner.os }}-poetry-${{ hashFiles('poetry.lock') }}
restore-keys: |
${{ runner.os }}-poetry-
- name: Install Poetry
run: pip install poetry
- name: Install poetry-plugin-export
run: poetry self add poetry-plugin-export
- name: Check if dependencies changed
id: deps
run: |
git fetch origin main
if git diff --quiet origin/main -- pyproject.toml poetry.lock; then
echo "changed=false" >> $GITHUB_OUTPUT
else
echo "changed=true" >> $GITHUB_OUTPUT
fi
- name: Install dependencies
if: steps.deps.outputs.changed == 'true'
run: poetry install
- name: Export requirements
if: steps.deps.outputs.changed == 'true'
run: |
poetry export -f requirements.txt --without-hashes -o requirements.txt
diff -q requirements.txt /tmp/requirements.txt || echo "Requirements updated"
- name: Commit updated requirements.txt
if: github.event_name == 'push' && steps.deps.outputs.changed == 'true'
run: |
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
git add requirements.txt
git commit -m "chore: update requirements.txt [skip ci]" || echo "No changes to commit"
git push origin HEAD:${GITHUB_REF#refs/heads/}
- name: Run pip-audit
if: steps.deps.outputs.changed == 'true'
run: poetry run pip-audit -r requirements.txt