Adding dependency vulnerability scanning to the CI process (#2332)

chayim · dvora-h · web-flow · commit 771109e74feb · 2022-08-14T13:43:50.000+03:00
* Adding dependency auditing to CI

* fixing pathing

Co-authored-by: dvora-h &lt;67596500+dvora-h@users.noreply.github.com&gt;
diff --git a/.github/workflows/integration.yaml b/.github/workflows/integration.yaml
@@ -18,6 +18,15 @@ on:
 
 jobs:
 
+   dependency-audit:
+     name: Dependency audit
+     runs-on: ubuntu-latest
+     steps:
+       - uses: actions/checkout@v3
+       - uses: trailofbits/gh-action-pip-audit@v1.0.0
+         with:
+           inputs: requirements.txt dev_requirements.txt
+
    lint:
      name: Code linters
      runs-on: ubuntu-latest
