This is an automated email from the ASF dual-hosted git repository.
jiayu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sedona.git
The following commit(s) were added to refs/heads/master by this push:
new 1eab4de0a2 [CI] Add pre-commit hook `pip-audit` (#2573)
1eab4de0a2 is described below
commit 1eab4de0a27f10e8d5bf4e1b55d31463d1db45b4
Author: John Bampton <[email protected]>
AuthorDate: Sun Feb 8 16:00:50 2026 +1000
[CI] Add pre-commit hook `pip-audit` (#2573)
---
.github/workflows/codeql.yml | 4 +---
.pre-commit-config.yaml | 7 +++++++
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index b7bc53d7de..64f89f3900 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -48,9 +48,7 @@ jobs:
uses: github/codeql-action/init@v4
with:
languages: ${{ matrix.language }}
-
- - name: Autobuild
- uses: github/codeql-action/autobuild@v4
+ build-mode: none
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index aa2d66af96..f55c6faca2 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -274,6 +274,13 @@ repos:
- id: black-jupyter
name: run black-jupyter
description: format Python files and Jupyter Notebooks with black
+ - repo: https://github.com/pypa/pip-audit
+ rev: v2.10.0
+ hooks:
+ - id: pip-audit
+ name: run pip-audit
+ description: audits Python environments, requirements files and
dependency trees for known security vulnerabilities, and can automatically fix
them
+ args: ['.']
- repo: https://github.com/pre-commit/mirrors-clang-format
rev: v21.1.8
hooks:
