Skip to content

chore(deps): update mem0ai requirement from <2.0.0,>=1.0.0 to >=1.0.0,<3.0.0 #6

chore(deps): update mem0ai requirement from <2.0.0,>=1.0.0 to >=1.0.0,<3.0.0

chore(deps): update mem0ai requirement from <2.0.0,>=1.0.0 to >=1.0.0,<3.0.0 #6

Workflow file for this run

name: Security
on:
push:
branches: [main, dev]
pull_request:
branches: [main, dev]
schedule:
- cron: "0 9 * * 1"
permissions:
contents: read
jobs:
gitleaks:
name: Secret scan (gitleaks)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Run gitleaks
uses: gitleaks/gitleaks-action@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
pip-audit:
name: Dependency audit (pip-audit)
runs-on: ubuntu-latest
# Advisory: transitive vulns are handled by Dependabot; don't block PRs on them.
continue-on-error: true
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.13"
cache: pip
- name: Install
run: |
python -m pip install --upgrade pip pip-audit
pip install -e .
- name: Audit
run: pip-audit
bandit:
name: Static security analysis (bandit)
runs-on: ubuntu-latest
continue-on-error: true
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.13"
cache: pip
- name: Install
run: python -m pip install --upgrade pip bandit
- name: Scan
run: bandit -r src/orchestrator -ll