.github/workflows/security.yml - caldera - Git at Google

 name: Security Checks

 on:
   push:
   pull_request:
     types: [opened, synchronize, reopened, ready_for_review]

 permissions:
   contents: read

 jobs:
   build:
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
         include:
           - python-version: 3.13
             toxenv: safety
           - python-version: 3.13
             toxenv: bandit

     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
         with:
           submodules: recursive
       - name: Setup python
         uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c
         with:
           python-version: ${{ matrix.python-version }}
       - name: Install dependencies
         run: |
           pip install --upgrade virtualenv
           pip install tox
       - name: Run security checks
         env:
           TOXENV: ${{ matrix.toxenv }}
         run: tox
	name: Security Checks

	on:
	push:
	pull_request:
	types: [opened, synchronize, reopened, ready_for_review]

	permissions:
	contents: read

	jobs:
	build:
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	include:
	- python-version: 3.13
	toxenv: safety
	- python-version: 3.13
	toxenv: bandit

	steps:
	- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
	with:
	submodules: recursive
	- name: Setup python
	uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c
	with:
	python-version: ${{ matrix.python-version }}
	- name: Install dependencies
	run: \|
	pip install --upgrade virtualenv
	pip install tox
	- name: Run security checks
	env:
	TOXENV: ${{ matrix.toxenv }}
	run: tox