diff --git a/.github/workflows/pypa-pip-audit.yml b/.github/workflows/pypa-pip-audit.yml new file mode 100644 index 0000000..f1f6357 --- /dev/null +++ b/.github/workflows/pypa-pip-audit.yml @@ -0,0 +1,25 @@ +# https://github.com/pypa/gh-action-pip-a +name: 'PyPA pip-audit' + +on: + pull_request: + branches: + - master + push: + branches: + - master + + +jobs: + selftest: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: install + run: | + python -m venv env/ + source env/bin/activate + python -m pip install . + - uses: pypa/gh-action-pip-audit@v1.1.0 + with: + virtual-environment: env/ diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..8bea68f --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,13 @@ +repos: + # https://github.com/pypa/pip-audit?tab=readme-ov-file#pre-commit-support + - repo: https://github.com/pypa/pip-audit + rev: v2.8.0 + hooks: + - id: pip-audit + args: ["-r", "requirements.txt"] + +ci: + # Leave pip-audit to only run locally and not in CI + # pre-commit.ci does not allow network calls + skip: [pip-audit] + \ No newline at end of file