Skip to content

ci: pin python-audit.yml to @main#76

Merged
CybotTM merged 1 commit intomainfrom
ci/pin-python-audit-to-main
Apr 17, 2026
Merged

ci: pin python-audit.yml to @main#76
CybotTM merged 1 commit intomainfrom
ci/pin-python-audit-to-main

Conversation

@CybotTM
Copy link
Copy Markdown
Member

@CybotTM CybotTM commented Apr 17, 2026

Follow-up to #75. The reusable python-audit.yml workflow merged into netresearch/.github main, so drop the temporary @feat/python-audit-workflow pin.

Test plan

  • YAML valid (python3 -c "import yaml; yaml.safe_load(...)")
  • On-push CI: audit / pip-audit, audit / bandit, audit / CycloneDX SBOM all resolve python-audit.yml@main at the merge commit and pass.

@CybotTM
ci(security): pin python-audit.yml to @main
4c3fc4b 
Follow-up to #75 — the reusable
workflow [netresearch/.github#19][org-pr] has merged to main, so drop
the temporary @feat/python-audit-workflow pin.

[org-pr]: netresearch/.github#19

Signed-off-by: Sebastian Mendel <info@sebastianmendel.de>
Copilot AI review requested due to automatic review settings April 17, 2026 05:50
@gemini-code-assist
Copy link
Copy Markdown

gemini-code-assist bot commented Apr 17, 2026

Note

Gemini is unable to generate a review for this pull request due to the file types involved not being currently supported.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 17, 2026

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

License Issues

.github/workflows/security.yml

PackageVersionLicenseIssue Type
netresearch/.github/.github/workflows/python-audit.ymlmainNullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
actions/netresearch/.github/.github/workflows/python-audit.yml main UnknownUnknown

Scanned Files

  • .github/workflows/security.yml

@codecov
Copy link
Copy Markdown

codecov bot commented Apr 17, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 66.78%. Comparing base (782ba0c) to head (4c3fc4b).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main      #76      +/-   ##
==========================================
- Coverage   66.87%   66.78%   -0.10%     
==========================================
  Files          21       21              
  Lines        3230     3230              
==========================================
- Hits         2160     2157       -3     
- Misses       1070     1073       +3
Flag Coverage Δ
unittests 66.78% <ø> (-0.10%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@CybotTM CybotTM merged commit 407bb9b into main Apr 17, 2026
21 of 22 checks passed
@CybotTM CybotTM deleted the ci/pin-python-audit-to-main branch April 17, 2026 05:52
Copilot AI reviewed Apr 17, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the repository’s Security GitHub Actions workflow to consume the upstream reusable python-audit.yml workflow from netresearch/.github main branch now that the workflow has been merged upstream.

Changes:

  • Switch .github/workflows/security.yml from python-audit.yml@feat/python-audit-workflow to python-audit.yml@main.
  • Remove temporary inline comments related to the previous feature-branch pin.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/security.yml
# Pinned to feat/python-audit-workflow until netresearch/.github#19 merges.
# Switch to @main after merge.
uses: netresearch/.github/.github/workflows/python-audit.yml@feat/python-audit-workflow
uses: netresearch/.github/.github/workflows/python-audit.yml@main
Copy link

Copilot AI Apr 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

uses: ...@main references a mutable branch for a reusable workflow. For supply-chain safety and reproducibility, prefer pinning to an immutable ref (a release tag or a full commit SHA in netresearch/.github) and optionally keep it updated via Dependabot/renovate.

Suggested change
uses: netresearch/.github/.github/workflows/python-audit.yml@main
uses: netresearch/.github/.github/workflows/python-audit.yml@<FULL_40_CHAR_COMMIT_SHA>

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@CybotTM