fix(api): increase HISTORY_LIMIT to 1440 for full 24h modal view #28
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Security | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| schedule: | |
| # Run weekly on Monday at 9:00 UTC | |
| - cron: "0 9 * * 1" | |
| jobs: | |
| dependency-audit: | |
| runs-on: ubuntu-latest | |
| name: Dependency Audit | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.11" | |
| - name: Install pip-audit | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install pip-audit | |
| - name: Run pip-audit | |
| # Audit only direct project dependencies (requirements files). | |
| # CVE-2026-4539 (pygments) is a transitive dep of coverage/rich with no fix | |
| # version available yet — ignored until a patched release is published. | |
| run: pip-audit --strict --progress-spinner off --no-deps -r requirements.txt -r requirements-dev.txt --ignore-vuln CVE-2026-4539 | |
| codeql: | |
| runs-on: ubuntu-latest | |
| name: CodeQL Analysis | |
| permissions: | |
| security-events: write | |
| actions: read | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: python | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| with: | |
| category: "/language:python" |