Skip to content

Potential fix for code scanning alert no. 31: Clear-text logging of sensitive information #444

Potential fix for code scanning alert no. 31: Clear-text logging of sensitive information

Potential fix for code scanning alert no. 31: Clear-text logging of sensitive information #444

Workflow file for this run

name: Security
on:
push:
branches: [main]
pull_request:
branches: [main]
schedule:
- cron: "0 6 * * 1"
permissions:
contents: read
jobs:
pip-audit:
name: pip-audit
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v6
- uses: actions/setup-python@v6
with:
python-version: "3.12"
- name: Install project + audit
run: |
python -m pip install --upgrade pip
pip install -e ".[dev,oauth,telemetry]"
pip install pip-audit
- name: Run pip-audit (editable install)
run: pip-audit --skip-editable
- name: Set up uv
uses: astral-sh/setup-uv@v7
- name: Run pip-audit (uv.lock)
run: |
uv export --format requirements-txt -o /tmp/teaagent-uv-requirements.txt
pip-audit -r /tmp/teaagent-uv-requirements.txt
codeql:
name: CodeQL (${{ matrix.language }})
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
packages: read
security-events: write
strategy:
fail-fast: false
matrix:
include:
- language: actions
build-mode: none
- language: python
build-mode: none
steps:
- uses: actions/checkout@v6
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
with:
languages: ${{ matrix.language }}
build-mode: ${{ matrix.build-mode }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
with:
category: "/language:${{ matrix.language }}"