on: [ push, pull_request ] name: Bandit security checkup jobs: bandit: runs-on: ubuntu-latest container: image: archlinux/archlinux:latest steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 - run: pacman --noconfirm -Syu bandit - name: Security checkup with Bandit run: bandit -r archinstall || exit 0