Skip to content

Port picklescan PR #29 #588

Port picklescan PR #29

Port picklescan PR #29 #588

Workflow file for this run

name: Bandit
on:
push:
branches: main
pull_request:
branches: "*"
jobs:
bandit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.9"
- uses: snok/install-poetry@v1
with:
virtualenvs-create: true
virtualenvs-in-project: true
installer-parallel: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v4
with:
path: .venv
key: venv-test-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
- name: Install Dependencies
if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
run: |
make install-test
- name: Run Bandit
run: poetry run bandit -c pyproject.toml -r $(git ls-files '*.py')