name: Code Security Audit on: [push, pull_request] jobs: build: runs-on: ubuntu-20.04 steps: - uses: actions/checkout@v3 - name: Set up Python 3.9 uses: actions/setup-python@v4 with: python-version: 3.9 - name: Install poetry uses: abatilo/actions-poetry@v2 with: poetry-version: 1.4.2 - name: Install dependencies run: | poetry install --with dev - name: Run bandit against code base run: | poetry run bandit -r hm_pyhelper -c pyproject.toml