Тест: безопасности кода
This commit is contained in:
36
.gitea/workflows/security.yml
Normal file
36
.gitea/workflows/security.yml
Normal file
@@ -0,0 +1,36 @@
|
|||||||
|
# ============================================================
|
||||||
|
# Security checks
|
||||||
|
# Проверка уязвимостей зависимостей
|
||||||
|
# ============================================================
|
||||||
|
|
||||||
|
name: Security
|
||||||
|
|
||||||
|
on:
|
||||||
|
schedule:
|
||||||
|
- cron: "0 3 * * 1"
|
||||||
|
|
||||||
|
workflow_dispatch:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
|
||||||
|
security-scan:
|
||||||
|
name: Dependency security scan
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
steps:
|
||||||
|
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
# Установка Python
|
||||||
|
- uses: actions/setup-python@v5
|
||||||
|
with:
|
||||||
|
python-version: "3.12"
|
||||||
|
|
||||||
|
# Установка инструмента проверки
|
||||||
|
- name: Install pip-audit
|
||||||
|
run: pip install pip-audit
|
||||||
|
|
||||||
|
# Проверка зависимостей
|
||||||
|
- name: Run security audit
|
||||||
|
run: pip-audit
|
||||||
Reference in New Issue
Block a user