Add dependency scanning and optional dependency checks

2025-09-08 07:18:47 +00:00 · 2025-08-05 21:04:50 -04:00
parent c2d80aa438
commit 68eaa34d76
5 changed files with 90 additions and 56 deletions
--- a/.github/workflows/python-ci.yml
+++ b/.github/workflows/python-ci.yml
@@ -83,10 +83,8 @@ jobs:
          pip-compile --generate-hashes --output-file=requirements.lock src/requirements.txt
          git diff --exit-code requirements.lock
          pip install --require-hashes -r requirements.lock
-      - name: Run pip-audit
-        run: |
-          pip install pip-audit
-          pip-audit -r requirements.lock --ignore-vuln GHSA-wj6h-64fc-37mp
+      - name: Run dependency scan
+        run: scripts/dependency_scan.sh --ignore-vuln GHSA-wj6h-64fc-37mp
      - name: Determine stress args
        shell: bash
        run: |