Merge pull request #17245 from gavindsouza/deps-audit

ci: Add audit for python dependencies via pip-audit

.github/workflows/deps-checker.yml

@@ -0,0 +1,22 @@
+name: 'Python Dependency Check'
+on:
+  pull_request:
+  workflow_dispatch:
+  push:
+    branches: [ develop ]
+
+permissions:
+  contents: read
+
+jobs:
+  deps-vulnerable-check:
+    name: 'Vulnerable Dependency'
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/setup-python@v4
+        with:
+          python-version: 3.8
+      - uses: actions/checkout@v3
+      - run: pip install pip-audit
+      - run: pip-audit ${GITHUB_WORKSPACE}

pyproject.toml

@@ -14,7 +14,7 @@ dependencies = [
     "GitPython~=3.1.14",
     "Jinja2~=3.1.2",
     "Pillow~=9.1.1",
-    "PyJWT~=2.0.1",
+    "PyJWT~=2.4.0",
     "PyMySQL~=1.0.2",
     "PyPDF2~=2.1.0",
     "PyPika~=0.48.9",