22 lines
437 B
YAML
22 lines
437 B
YAML
name: 'Python Dependency Check'
|
|
on:
|
|
pull_request:
|
|
workflow_dispatch:
|
|
push:
|
|
branches: [ develop ]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
deps-vulnerable-check:
|
|
name: 'Vulnerable Dependency'
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/setup-python@v4
|
|
with:
|
|
python-version: 3.8
|
|
- uses: actions/checkout@v3
|
|
- run: pip install pip-audit
|
|
- run: pip-audit ${GITHUB_WORKSPACE}
|