---
name: Security (pysentry)

on:
  push:
    branches:
      - main
  pull_request:
  schedule:
    - cron: "0 8 */3 * *"

jobs:
  vulnerability-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
      - name: "Set up Python"
        uses: actions/setup-python@v6
        with:
          python-version-file: ".python-version"
      - name: Install the latest version of uv
        uses: astral-sh/setup-uv@v8.1.0
        with:
          enable-cache: true
      - name: Scan dependencies for vulnerabilities
        run: uvx pysentry-rs .