From 92e04bcbac5515654ee68470a816029215114c7a Mon Sep 17 00:00:00 2001 From: alpha-nerd Date: Wed, 13 May 2026 10:13:51 +0200 Subject: [PATCH 1/4] =?UTF-8?q?.forgejo/workflows/nyx-scan.yml=20hinzugef?= =?UTF-8?q?=C3=BCgt?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .forgejo/workflows/nyx-scan.yml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 .forgejo/workflows/nyx-scan.yml diff --git a/.forgejo/workflows/nyx-scan.yml b/.forgejo/workflows/nyx-scan.yml new file mode 100644 index 0000000..2ee672c --- /dev/null +++ b/.forgejo/workflows/nyx-scan.yml @@ -0,0 +1,32 @@ +name: NYX Security Scan + +on: + pull_request: + branches: [main, master] + +jobs: + nyx-scan: + runs-on: docker-amd64 + + steps: + - name: Checkout PR + run: | + git clone --depth=1 \ + "https://oauth2:${{ github.token }}@bitfreedom.net/code/${{ github.repository }}.git" \ + . + git fetch --depth=1 origin ${{ github.sha }} + git checkout ${{ github.sha }} + + - name: Fetch action source + run: | + git clone --depth=1 --branch master \ + "https://oauth2:${{ github.token }}@bitfreedom.net/code/nomyo-ai/actions.git" \ + ./.nyx-action + + - uses: ./.nyx-action/nyx-scan + with: + forgejo_push_token: ${{ secrets.FORGEJO_PUSH_TOKEN }} + repository: ${{ github.repository }} + pr_number: ${{ github.event.pull_request.number }} + sha: ${{ github.sha }} + fail_on: HIGH \ No newline at end of file From daa277243902717af1d2e04cf9f1fbf094693651 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 13 May 2026 08:29:06 +0000 Subject: [PATCH 2/4] fix(deps): update dependency idna to v3.15 --- pyproject.toml | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index f5820c2..a5f2124 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -35,7 +35,7 @@ dependencies = [ "h11==0.16.0", "httpcore==1.0.9", "httpx==0.28.1", - "idna==3.14", + "idna==3.15", "pycparser==3.0", "typing_extensions==4.15.0", ] diff --git a/requirements.txt b/requirements.txt index 5ac5bfb..c53cfd7 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,6 +6,6 @@ exceptiongroup==1.3.1 h11==0.16.0 httpcore==1.0.9 httpx==0.28.1 -idna==3.14 +idna==3.15 pycparser==3.0 typing_extensions==4.15.0 From b9fbf4ef729ccef6b0d65a07b32d3b7dc64dd38d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 20 May 2026 11:53:55 +0000 Subject: [PATCH 3/4] fix(deps): update dependency certifi to v2026.5.20 --- pyproject.toml | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index a5f2124..c3b83bb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -28,7 +28,7 @@ classifiers = [ requires-python = ">=3.10" dependencies = [ "anyio==4.13.0", - "certifi==2026.4.22", + "certifi==2026.5.20", "cffi==2.0.0", "cryptography==48.0.0", "exceptiongroup==1.3.1", diff --git a/requirements.txt b/requirements.txt index c53cfd7..d5cbcea 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,5 @@ anyio==4.13.0 -certifi==2026.4.22 +certifi==2026.5.20 cffi==2.0.0 cryptography==48.0.0 exceptiongroup==1.3.1 From ed25554b45706973fde6a3ebd18c4a928a308536 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 22 May 2026 00:24:17 +0000 Subject: [PATCH 4/4] fix(deps): update dependency idna to v3.16 --- pyproject.toml | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index c3b83bb..c42fef8 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -35,7 +35,7 @@ dependencies = [ "h11==0.16.0", "httpcore==1.0.9", "httpx==0.28.1", - "idna==3.15", + "idna==3.16", "pycparser==3.0", "typing_extensions==4.15.0", ] diff --git a/requirements.txt b/requirements.txt index d5cbcea..2e17834 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,6 +6,6 @@ exceptiongroup==1.3.1 h11==0.16.0 httpcore==1.0.9 httpx==0.28.1 -idna==3.15 +idna==3.16 pycparser==3.0 typing_extensions==4.15.0