Packaging for Fedora #274

	name: Find dependencies vulnerabilities

	on:
	workflow_dispatch:
	pull_request:
	push:
	branches:
	- main

	jobs:
	scan-codebase:
	runs-on: ubuntu-24.04
	name: Inspect packages with ScanCode.io
	steps:
	- uses: actions/checkout@v4
	with:
	path: scancode-inputs
	sparse-checkout: pyproject.toml
	sparse-checkout-cone-mode: false

	- name: Fail on known vulnerabilities
	uses: aboutcode-org/scancode-action@main
	with:
	pipelines: "inspect_packages:StaticResolver,find_vulnerabilities"
	check-compliance: true
	compliance-fail-on-vulnerabilities: true
	scancodeio-repo-branch: "main"
	env:
	VULNERABLECODE_URL: https://public.vulnerablecode.io/

Provide feedback