chore: add pip audit

vil02 · vil02 · commit 6b47ac791cb7 · 2024-12-28T21:21:18.000+01:00
diff --git a/.github/workflows/pip_audit.yml b/.github/workflows/pip_audit.yml
@@ -0,0 +1,43 @@
+---
+name: pip_audit
+
+'on':
+  workflow_dispatch:
+  push:
+    branches:
+      - master
+  pull_request:
+  schedule:
+    - cron: '10 2 * * 1,3'
+
+jobs:
+  pip_audit:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: 3.11
+
+      - name: Set up Poetry
+        uses: snok/install-poetry@v1
+
+      - name: Install poetry-plugin-export
+        run: |
+          poetry self add poetry-plugin-export
+
+      - name: Generate requirements
+        run: |
+          poetry export -f requirements.txt -o requirements.txt
+          poetry export --with dev -f requirements.txt -o dev-requirements.txt
+
+      - name: Run pip-audit
+        uses: pypa/gh-action-pip-audit@v1.1.0
+        with:
+          inputs: requirements.txt dev-requirements.txt
+...
