Skip to content
Security Scan

chore(deps): bump the pip group across 1 directory with 11 updates #23

Sign in to view logs

chore(deps): bump the pip group across 1 directory with 11 updates

chore(deps): bump the pip group across 1 directory with 11 updates #23

Triggered via pull request March 17, 2026 19:47
@dependabotdependabot[bot]
opened #20
dependabot/pip/engine/pip-4cfecb1df4
Status Failure
Total duration 1m 5s
Artifacts

security.yml

on: pull_request
Bandit Security Scan
1m 1s
Bandit Security Scan
Safety Dependency Check
58s
Safety Dependency Check
Trivy Vulnerability Scan
27s
Trivy Vulnerability Scan
Fit to window
Zoom out
Zoom in

Annotations

2 errors and 5 warnings
Safety Dependency Check
Process completed with exit code 1.
Bandit Security Scan
Process completed with exit code 1.
Trivy Vulnerability Scan
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809, actions/checkout@v4, github/codeql-action/upload-sarif@v3. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Trivy Vulnerability Scan
CodeQL Action v3 will be deprecated in December 2026. Please update all occurrences of the CodeQL Action in your workflow files to v4. For more information, see https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/
Safety Dependency Check
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/checkout@v4, actions/setup-python@v5. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Bandit Security Scan
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/checkout@v4, actions/setup-python@v5, actions/upload-artifact@v4. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
Bandit Security Scan
No files were found with the provided path: engine/bandit-report.json. No artifacts will be uploaded.