feat(ci): use a Github Repository Variable PIP_AUDIT_PACKAGES to co…

…ntrol running `pip-audit` in CI
jenstroeger · May 23, 2023 · 3801c01 · 3801c01
1 parent faadc55
commit 3801c01
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/.github/workflows/_build.yaml b/.github/workflows/_build.yaml
@@ -73,8 +73,11 @@ jobs:
     - name: Install dependencies
       run: make setup
 
-    # Audit all currently installed packages for security vulnerabilities.
+    # Audit all currently installed packages for security vulnerabilities. This step can
+    # be disabled by removing the repository variable, or by setting it to any other value
+    # than 'true'.
     - name: Audit installed packages
+      if: ${{ vars.PIP_AUDIT_PACKAGES == 'true' }}
       run: make audit
 
     # Build the sdist and wheel distribution of the package and docs as a zip file.