Skip to content
Security Checks

fix: adapt image generation/editing to new Grok cardAttachment API #83

Sign in to view logs

fix: adapt image generation/editing to new Grok cardAttachment API

fix: adapt image generation/editing to new Grok cardAttachment API #83

Workflow file for this run

.github/workflows/security.yml at 6e843a8
name: Security Checks
on:
pull_request:
branches: [main]
push:
branches: [main]
schedule:
- cron: "0 3 * * 1"
permissions:
contents: read
jobs:
gitleaks:
name: Secret Scan (gitleaks)
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Run gitleaks
uses: gitleaks/gitleaks-action@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
dependency-audit:
name: Dependency Audit (pip-audit)
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Set up uv
uses: astral-sh/setup-uv@v3
- name: Install pip-audit
run: python -m pip install --upgrade pip pip-audit
- name: Export requirements from lockfile
run: uv export --frozen --no-dev --format requirements-txt -o requirements.audit.txt
- name: Run pip-audit
run: pip-audit -r requirements.audit.txt --progress-spinner off
codeql:
name: CodeQL
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [python]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
- name: Autobuild
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3