Fix cuda_pathfinder/docs/source/release/1.2.3-notes.rst (#1002) #7
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-FileCopyrightText: Copyright (c) 2024-2025 NVIDIA CORPORATION & AFFILIATES. All rights reserved. | |
| # | |
| # SPDX-License-Identifier: Apache-2.0 | |
| name: "Static Analysis: Bandit Scan" | |
| on: | |
| push: | |
| branches: | |
| - "pull-request/[0-9]+" | |
| - "main" | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }} | |
| cancel-in-progress: true | |
| jobs: | |
| analyze: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| security-events: write | |
| steps: | |
| - name: Perform Bandit Analysis | |
| # KEEP IN SYNC WITH bandit rev in .pre-commit-config.yaml | |
| # Current runner uses Python 3.8, so the action installs bandit==1.7.10 | |
| # via `pip install bandit[sarif]`. If runner Python moves to >=3.9, | |
| # the action will resolve to 1.8.x and you'll need to bump pre-commit. | |
| # (Bandit >=1.8.0 dropped Python 3.8 via Requires-Python metadata.) | |
| uses: PyCQA/bandit-action@8a1b30610f61f3f792fe7556e888c9d7dffa52de # v1.0.0 |