ci: Add audit for python dependencies via pip-audit

3 年之前 · 593fd0a178
--- a/.github/workflows/deps-checker.yml
+++ b/.github/workflows/deps-checker.yml
@@ -0,0 +1,22 @@
 name: 'Python Dependency Check'
 on:
  pull_request:
  workflow_dispatch:
  push:
    branches: [ develop ]

 permissions:
  contents: read

 jobs:
  deps-vulnerable-check:
    name: 'Vulnerable Dependency'
    runs-on: ubuntu-latest

    steps:
      - uses: actions/setup-python@v4
        with:
          python-version: 3.8
      - uses: actions/checkout@v3
      - run: pip install pip-audit
      - run: pip-audit ${GITHUB_WORKSPACE}