Managing Dependencies and VulnerabilitiesΒΆ Configuring Zizmor Nox session CI Usage Action dependency:licenses report.yml Uses pip-licenses to return packages with their licenses. dependency:audit dependency-update.yml Uses pip-audit to report active vulnerabilities in our dependencies. vulnerabilities:resolved No Uses pip-audit to report known vulnerabilities in dependencies that have been resolved in comparison to the last release. workflow:audit checks.yml Uses zizmor to audit GitHub actions and workflows for security issues and accepts extra zizmor arguments. See Configuring Zizmor.
Exasol Toolbox