add tox:audit step;

Author: chrisbc

setup.cfg

@@ -53,7 +53,7 @@ exclude_lines =
 
 [tox:tox]
 isolated_build = true
-envlist = py312, format, lint, build
+envlist = audit, py312, format, lint, build
 
 [gh-actions]
 python =
@@ -71,6 +71,14 @@ setenv =
 commands =
     pytest --cov=solvis_graphql_api --cov-branch --cov-report=xml --cov-report=term-missing
 
+[testenv:audit]
+allowlist_externals =
+	poetry
+commands =
+    poetry export --all-groups --output audit.txt
+    poetry run pip-audit -r audit.txt --require-hashes
+	poetry run safety scan
+
 [testenv:format]
 allowlist_externals =
     isort