Skip to content

ci(audit): audit faster#130

Merged
benner merged 3 commits into
mainfrom
ci/improve-security-audit
Jul 10, 2026
Merged

ci(audit): audit faster#130
benner merged 3 commits into
mainfrom
ci/improve-security-audit

Conversation

@benner

@benner benner commented Jul 10, 2026

Copy link
Copy Markdown
Owner
  • ci(audit): drop stale nltk advisory ignore
  • ci(audit): open an issue when the scheduled audit fails
  • ci(audit): run the scheduled audit daily

benner added 3 commits July 10, 2026 05:20
GHSA-p4gq-832x-fm9v matches nothing since the nltk 3.10.0 bump in PR #129;
uv audit warns about the dangling ignore on every run.

Signed-off-by: Nerijus Bendžiūnas <nerijus.bendziunas@gmail.com>
The 2026-07-07 scheduled failure sat unseen in the Actions tab until
PR #128 tripped over the same advisories.

Signed-off-by: Nerijus Bendžiūnas <nerijus.bendziunas@gmail.com>
Weekly left up to a six-day window between a published advisory and its
detection; issue-based notification makes the extra runs free to act on.

Signed-off-by: Nerijus Bendžiūnas <nerijus.bendziunas@gmail.com>
@benner benner marked this pull request as ready for review July 10, 2026 12:26
@github-actions

Copy link
Copy Markdown

Coverage

Coverage Report (Δ +0.0%)
FileStmtsMissCoverMissing
src/git_commit_guard
   __init__.py5160100% 
TOTAL5160100% 

@benner benner merged commit b3156db into main Jul 10, 2026
9 checks passed
@benner benner deleted the ci/improve-security-audit branch July 10, 2026 12:26
@benner benner changed the title ci(audit): drop stale nltk advisory ignore ci(audit): audit faster Jul 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant