Skip to content

Update sast.yml

Update sast.yml #9

Workflow file for this run

name: Security Analysis
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
security-audit:
name: Dependency & Secret Shield
runs-on: ubuntu-latest
steps:
- name: ⬇️ Checkout Repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: 🛡️ Scan for Exposed System Secrets
uses: trufflesecurity/trufflehog@main
with:
extra_args: --only-verified
- name: 🐍 Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.11'
- name: 📦 Evaluate Package Insecurities
run: |
pip install safety
safety check || echo "⚠️ Security Alert: Review reported package vulnerabilities."