Skip to content

feat: migrate to using .safety-ignore.yml file#1215

Open
RobPasMue wants to merge 12 commits intomainfrom
feat/improve-vuln-action
Open

feat: migrate to using .safety-ignore.yml file#1215
RobPasMue wants to merge 12 commits intomainfrom
feat/improve-vuln-action

Conversation

@RobPasMue
Copy link
Member

@RobPasMue RobPasMue commented Mar 18, 2026
edited
Loading

Follow up from #1204. Based on @vgelbgras's initial implementation

@RobPasMue RobPasMue requested a review from a team as a code owner March 18, 2026 08:47
@github-actions github-actions bot added the enhancement General improvements to existing features label Mar 18, 2026
@RobPasMue RobPasMue changed the title feat: migrate to using .safety-ignore,yml file feat: migrate to using .safety-ignore.yml file Mar 18, 2026
@RobPasMue RobPasMue requested a review from SMoraisAnsys March 18, 2026 09:03
SMoraisAnsys
SMoraisAnsys requested changes Mar 18, 2026
View reviewed changes
Copy link
Contributor

@SMoraisAnsys SMoraisAnsys left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From the last comment in #1204, there was also the idea of allowing users to specify their own safety config file. Could you follow the logic we have for bandit (input bandit-configfile) for safety ? Also, could you update the documentation to let users know that any use of those config files requires inputs.checkout to be true.

@RobPasMue RobPasMue requested a review from SMoraisAnsys March 18, 2026 09:25
SMoraisAnsys
SMoraisAnsys reviewed Mar 18, 2026
View reviewed changes
@moe-ad
Copy link
Contributor

moe-ad commented Mar 18, 2026

@RobPasMue FYI concerning allowing a custom safety policy file. Are we sure we want to allow that?
See #1203 where I rejected this idea.

@RobPasMue
Copy link
Member Author

RobPasMue commented Mar 18, 2026

@RobPasMue FYI concerning allowing a custom safety policy file. Are we sure we want to allow that? See #1203 where I rejected this idea.

Sorry - hadn't seen it. Developed the PR based on the feedback in this one - not #1203. Let's talk offline

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vgelbgras vgelbgras vgelbgras approved these changes

@dipinknair dipinknair Awaiting requested review from dipinknair dipinknair is a code owner automatically assigned from ansys/pyansys-core

@klmcadams klmcadams Awaiting requested review from klmcadams klmcadams is a code owner automatically assigned from ansys/pyansys-core

@moe-ad moe-ad Awaiting requested review from moe-ad moe-ad is a code owner automatically assigned from ansys/pyansys-core

@MaxJPRey MaxJPRey Awaiting requested review from MaxJPRey MaxJPRey is a code owner automatically assigned from ansys/pyansys-core

@SMoraisAnsys SMoraisAnsys Awaiting requested review from SMoraisAnsys

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

enhancement General improvements to existing features

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@RobPasMue @moe-ad @vgelbgras @SMoraisAnsys @pyansys-ci-bot