Remove running pip-audit from CI.

Julian · Julian · commit 90892b367abb · 2025-10-12T10:05:49.000+02:00
pip has had a recent CVE, and as a library (and not
an app) it is difficult to run pip-audit in a way that
has value but is segregated from pip-audit's own deps
such that we don't encounter this kind of false positive.
diff --git a/noxfile.py b/noxfile.py
@@ -63,15 +63,6 @@ def tests(session):
         session.run("pytest", *session.posargs, PACKAGE)
 
 
-@session(python=SUPPORTED)
-def audit(session):
-    """
-    Audit Python dependencies for vulnerabilities.
-    """
-    session.install("pip-audit", ROOT)
-    session.run("python", "-m", "pip_audit")
-
-
 @session(tags=["build"])
 def build(session):
     """
