# GitHub Actions Workflow: Scan installed packages for known vulnerabilities with safety.
name: Safety Security Scan
on:
push:
paths:
- '**.py' # Trigger on Python file changes
- '.github/workflows/safety.yml' # Trigger on workflow file changes
pull_request:
paths:
- '**.py'
- '.github/workflows/safety.yml'
jobs:
safety-scan:
runs-on: ubuntu-latest
steps:
# Checkout repository code
- name: Checkout code
uses: actions/checkout@v4
# Set up Python environment
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.x'
# Install Safety
- name: Install Safety
run: pip install safety
# Run Safety security scan
- name: Run Safety (Security Scan)
run: safety check