Update Bandit GitHub Action configuration

kernelsam · web-flow · commit 040d24b2b483 · 2025-10-29T10:29:29.000-07:00
diff --git a/.github/workflows/bandit.yaml b/.github/workflows/bandit.yaml
@@ -11,8 +11,7 @@ permissions: {}
 jobs:
   bandit:
     permissions:
-      contents: read
-      pull-requests: write
+      security-events: write
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
@@ -31,9 +30,7 @@ jobs:
           python-version: ${{ matrix.python-version }}
 
       - name: Run Bandit Scan
-        uses: lukehinds/bandit-action@new-action
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        uses: PyCQA/bandit-action@v1
         with:
-          path: "sz_tools"
-          recursive: "true"
+          targets: "sz_tools"
+          python-version: ${{ matrix.python-version }}
