Skip to content

Dependency audit

Dependency audit #6

Workflow file for this run

name: Dependency audit
on:
schedule:
- cron: "0 13 * * 1" # Mondays 13:00 UTC
workflow_dispatch: # on-demand from the Actions tab
permissions:
contents: read
jobs:
audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: astral-sh/setup-uv@d31148d669074a8d0a63714ba94f3201e7020bc3 # v8.3.0
- name: Install dependencies
run: uv sync --dev
- name: pip-audit
run: uv run pip-audit --ignore-vuln CVE-2025-69872 --ignore-vuln CVE-2026-4539