actions/gh-action-pip-audit
2
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity
121 Commits 2 Branches 16 Tags
main
Commit Graph

121 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
66a6ee35b1 build(deps): bump github/codeql-action in the actions group (#85) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-22 13:02:26 -05:00
dependabot[bot]
7fa452fb4b build(deps): bump the actions group with 2 updates (#84) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-15 14:10:55 -08:00
dependabot[bot]
9970334372 build(deps): bump the actions group with 3 updates (#83) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-09 08:40:22 -08:00
dependabot[bot]
98cf6988a1 build(deps): bump the actions group with 2 updates (#82) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-01 17:21:24 -05:00
dependabot[bot]
8e7c7748a9 build(deps): bump the actions group with 3 updates (#81) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-24 16:12:11 -05:00
sabonerune
2ffb2343b3 feat: support --locked flag (#79) 
Co-authored-by: William Woodruff <william@yossarian.net>
 2025-11-18 03:58:11 +00:00
dependabot[bot]
f0318e8b9e build(deps): bump the actions group with 3 updates (#80) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-17 13:14:56 -05:00
dependabot[bot]
d10ebbb9e0 build(deps): bump github/codeql-action in the actions group (#77) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-03 14:13:44 -05:00
dependabot[bot]
34ad292862 build(deps): bump the actions group with 2 updates (#76) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-27 14:20:31 -04:00
dependabot[bot]
e93921ea5a build(deps): bump the actions group with 2 updates (#75) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-20 14:14:33 -04:00
dependabot[bot]
f1c3022531 build(deps): bump the actions group with 2 updates (#74) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-06 13:40:39 -04:00
dependabot[bot]
de8855bb5b build(deps): bump github/codeql-action from 3.30.3 to 3.30.5 in the actions group (#73) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: William Woodruff <william@trailofbits.com>
 2025-09-29 23:21:18 +00:00
dependabot[bot]
bfbcd5f00a build(deps): bump the actions group with 2 updates (#72) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-15 13:56:27 -04:00
dependabot[bot]
41edf6f055 build(deps): bump the actions group with 2 updates (#71) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-09 17:18:02 -04:00
dependabot[bot]
b3978f6f12 build(deps): bump the actions group with 2 updates (#70) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-02 09:27:59 -04:00
dependabot[bot]
da98638f18 build(deps): bump the actions group with 2 updates (#69) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-26 15:11:00 -04:00
dependabot[bot]
e2eb0a2b6b build(deps): bump the actions group with 3 updates (#68) 2025-08-19 08:12:42 -04:00
dependabot[bot]
02a0ac8d1d build(deps): bump github/codeql-action in the actions group (#67) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 22:00:58 -04:00
dependabot[bot]
648d9a1458 build(deps): bump the actions group with 2 updates (#66) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-28 16:20:37 -04:00
dependabot[bot]
cbfb60b762 build(deps): bump the actions group with 2 updates (#65) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-21 18:42:11 -04:00
dependabot[bot]
834dac3117 build(deps): bump the actions group with 2 updates (#64) 2025-06-30 19:49:18 -06:00
dependabot[bot]
b0e7c507ca build(deps): bump astral-sh/setup-uv in the actions group (#63) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-23 15:34:33 -06:00
dependabot[bot]
31eb18f0de build(deps): bump github/codeql-action in the actions group (#62) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-16 15:25:49 -04:00
dependabot[bot]
7714fcb0ce build(deps): bump github/codeql-action in the actions group (#61) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-09 14:35:39 -04:00
dependabot[bot]
52b2e35e0c build(deps): bump astral-sh/setup-uv in the actions group (#60) 2025-05-26 17:21:20 -04:00
dependabot[bot]
6833440696 build(deps): bump github/codeql-action in the actions group (#59) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-19 14:10:25 -04:00
dependabot[bot]
96dc0a401e build(deps): bump the actions group with 2 updates (#58) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-05 14:28:39 -04:00
William Woodruff
68a61d77e9 chore(ci): fix minor zizmor permissions findings (#57) 2025-04-28 20:13:38 +00:00
dependabot[bot]
0b37897812 build(deps): bump astral-sh/setup-uv from 5 to 6 in the actions group (#56) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: William Woodruff <william@trailofbits.com>
 2025-04-28 16:05:31 -04:00
Dustin Ingram
82ecb5449d Merge pull request #54 from pypa/ww/zizmor 
ci: zizmor fixes, add zizmor workflow
 2025-01-06 17:18:23 -05:00
William Woodruff
ca6166b637 ci: zizmor fixes, add zizmor workflow 
Signed-off-by: William Woodruff <william@trailofbits.com>
 2025-01-06 15:43:51 -05:00
davidemonkeys
fee84f2320 Add support for --disable-pip (#53) 2024-12-12 09:41:14 -05:00
dependabot[bot]
49949764d3 build(deps): bump actions/setup-python from 4 to 5 in the actions group (#52) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-12 12:27:51 -07:00
Piotr Idzik
63a52c0a3a chore: configure dependabot (#50) 2024-11-12 12:23:10 -07:00
Piotr Idzik
218578ea1c docs: encourage users to use setup-python@v5 (#51) 2024-11-12 07:43:10 -07:00
Piotr Idzik
db23b68152 chore: update actions/checkout to v4 (#49) 2024-11-11 15:55:49 -07:00
William Woodruff
1220774d90 README: prep 1.1.0 (#48) v1.1.0 2024-08-08 14:55:13 -04:00
William Woodruff
8c34e8a682 selftest: run some selftests on Windows (#44) 2024-08-08 14:51:38 -04:00
AngelMF
530374b67a Support running inside windows self-hosted runner (#43) 
* Add couple lines in action.py, action.yml and venv.bash to support running inside windows self-hosted runner

* Fixed new lines based on William Woodruff feedback
 2023-10-30 18:04:30 -04:00
William Woodruff
d499194be7 README: prep 1.0.8 
Signed-off-by: William Woodruff <william@trailofbits.com>
v1.0.8 		2023-05-23 15:17:01 -04:00
Alexerson
cf52d21d83 Remove pin on requests (fixes #41) (#42) 
* Remove pin on requests

* Update pip-audit pin
 2023-05-23 15:15:36 -04:00
William Woodruff
3ac8fed01c README: prep 1.0.7 (#40) 
Signed-off-by: William Woodruff <william@trailofbits.com>
v1.0.7 		2023-05-03 15:51:58 -04:00
William Woodruff
f7e969538f requirements: constrain requests below 2.30 (#39) 
* requirements: constrain requests below 2.30

See psf/requests#6437.

Signed-off-by: William Woodruff <william@trailofbits.com>

* requirements: relax

Signed-off-by: William Woodruff <william@trailofbits.com>

---------

Signed-off-by: William Woodruff <william@trailofbits.com>
 2023-05-03 15:45:49 -04:00
Andrew Pan
28aa5e1be6 New issue templates (#37) 2023-03-29 08:44:20 +09:00
Andrew Pan
1abec09c8d action: replace internal-be-careful-debug (#36) 
* action: replace `internal-be-careful-debug`

Signed-off-by: Andrew Pan <a@tny.town>

* action: use `RUNNER_DEBUG` env var

Signed-off-by: Andrew Pan <a@tny.town>

* action: yakshave

Signed-off-by: Andrew Pan <a@tny.town>

---------

Signed-off-by: Andrew Pan <a@tny.town>
 2023-03-23 18:52:22 -04:00
William Woodruff
75edeacda5 README: prep 1.0.6 (#34) 
Signed-off-by: William Woodruff <william@trailofbits.com>
v1.0.6 		2023-02-16 15:04:51 -05:00
Andrew Pan
666b1b8831 Check that output file exists before opening (#33) 
* action.py: check that output exists before opening

* action: log exception, extra flags setting

Signed-off-by: Andrew Pan <a@tny.town>

* workflows/selftest: regression test for no output

Signed-off-by: Andrew Pan <a@tny.town>

* issue/32: doc `internal-be-careful-extra-flags`

---------

Signed-off-by: Andrew Pan <a@tny.town>
 2023-02-16 14:59:38 -05:00
William Woodruff
9075e938de README: prep 1.0.5 
Signed-off-by: William Woodruff <william@trailofbits.com>
v1.0.5 		2023-01-10 13:42:15 -05:00
William Woodruff
0007f08635 requirements: pip-audit >= 2.4.13 
Might as well, since this hasn't appeared in an action
release yet.

Signed-off-by: William Woodruff <william@trailofbits.com>
 2023-01-10 13:37:38 -05:00
William Woodruff
c5b051c6b3 requirements: relax pip-audit version constraint 
This takes better advantage of our semantic versioning,
allowing us to perform fewer releases.

Signed-off-by: William Woodruff <william@trailofbits.com>
 2023-01-10 13:27:54 -05:00