[BUGFIX] sonarcloud: Omitting "--only-binary :all:" can lead to the execution of setup scripts. Make sure it is safe here.

Gonzalo Diaz · Gonzalo Diaz · commit b77982fc3e0b · 2026-05-29T22:23:15.000-04:00
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -13,7 +13,7 @@ updates:
       interval: "weekly"
 
   # Maintain dependencies for Python
-  - package-ecosystem: "pip"
+  - package-ecosystem: "pipenv"
     directory: "/"
     schedule:
       interval: "weekly"
diff --git a/.github/workflows/snyk-code.yml b/.github/workflows/snyk-code.yml
@@ -23,7 +23,7 @@ jobs:
         with:
           args: >
             --print-deps
-            --file=requirements.txt
+            --file=Pipfile.lock
             --command=python3
             --sarif-file-output=snyk-code.sarif
       - name: Upload result to GitHub Code Scanning
diff --git a/requirements.txt b/requirements.txt
