Skip to content

feat: migrate to using .safety-ignore.yml file#1215

Merged
moe-ad merged 18 commits intomainfrom
feat/improve-vuln-action
Mar 27, 2026
Merged

feat: migrate to using .safety-ignore.yml file#1215
moe-ad merged 18 commits intomainfrom
feat/improve-vuln-action

Conversation

@RobPasMue
Copy link
Copy Markdown
Member

@RobPasMue RobPasMue commented Mar 18, 2026
edited
Loading

Follow up from #1204. Based on @vgelbgras's initial implementation

@RobPasMue RobPasMue requested a review from a team as a code owner March 18, 2026 08:47
@github-actions github-actions bot added the enhancement General improvements to existing features label Mar 18, 2026
@RobPasMue RobPasMue changed the title feat: migrate to using .safety-ignore,yml file feat: migrate to using .safety-ignore.yml file Mar 18, 2026
@RobPasMue RobPasMue requested a review from SMoraisAnsys March 18, 2026 09:03
SMoraisAnsys
SMoraisAnsys requested changes Mar 18, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@SMoraisAnsys SMoraisAnsys left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From the last comment in #1204, there was also the idea of allowing users to specify their own safety config file. Could you follow the logic we have for bandit (input bandit-configfile) for safety ? Also, could you update the documentation to let users know that any use of those config files requires inputs.checkout to be true.

@RobPasMue RobPasMue requested a review from SMoraisAnsys March 18, 2026 09:25
SMoraisAnsys
SMoraisAnsys reviewed Mar 18, 2026
View reviewed changes
@moe-ad
Copy link
Copy Markdown
Contributor

moe-ad commented Mar 18, 2026

@RobPasMue FYI concerning allowing a custom safety policy file. Are we sure we want to allow that?
See #1203 where I rejected this idea.

@RobPasMue
Copy link
Copy Markdown
Member Author

RobPasMue commented Mar 18, 2026

@RobPasMue FYI concerning allowing a custom safety policy file. Are we sure we want to allow that? See #1203 where I rejected this idea.

Sorry - hadn't seen it. Developed the PR based on the feedback in this one - not #1203. Let's talk offline

@SMoraisAnsys
Copy link
Copy Markdown
Contributor

SMoraisAnsys commented Mar 26, 2026

For visibility: following a team meeting discussion, this PR should not be closed. Thanks for raising concerns @moe-ad

@RobPasMue
Copy link
Copy Markdown
Member Author

RobPasMue commented Mar 26, 2026

I was thinking on #1228 - we should also clean up this file

@RobPasMue
Copy link
Copy Markdown
Member Author

RobPasMue commented Mar 26, 2026

But let's merge #1228 first

moe-ad
moe-ad reviewed Mar 26, 2026
View reviewed changes
@MaxJPRey
Copy link
Copy Markdown
Contributor

MaxJPRey commented Mar 26, 2026

Thanks @vgelbgras for the great idea!
Thanks @RobPasMue for finalizing the implementation.

@RobPasMue
Copy link
Copy Markdown
Member Author

RobPasMue commented Mar 27, 2026

Feel free to merge @moe-ad

@moe-ad moe-ad merged commit e76231d into main Mar 27, 2026
67 checks passed
@moe-ad moe-ad deleted the feat/improve-vuln-action branch March 27, 2026 11:06
@moe-ad moe-ad mentioned this pull request Mar 30, 2026
Merged
moe-ad added a commit that referenced this pull request Mar 30, 2026
@RobPasMue @pyansys-ci-bot
@SMoraisAnsys @moe-ad
feat: migrate to using .safety-ignore.yml file (#1215)
627e5fb 
Co-authored-by: pyansys-ci-bot <92810346+pyansys-ci-bot@users.noreply.github.com>
Co-authored-by: Sébastien Morais <146729917+SMoraisAnsys@users.noreply.github.com>
Co-authored-by: Muhammed Adedigba <68085496+moe-ad@users.noreply.github.com>
Co-authored-by: Muhammed Adedigba <muhammed.adedigba@synopsys.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@moe-ad moe-ad moe-ad approved these changes

@vgelbgras vgelbgras vgelbgras approved these changes

@MaxJPRey MaxJPRey MaxJPRey approved these changes

@SMoraisAnsys SMoraisAnsys SMoraisAnsys approved these changes

@dipinknair dipinknair Awaiting requested review from dipinknair dipinknair is a code owner automatically assigned from ansys/pyansys-core

@klmcadams klmcadams Awaiting requested review from klmcadams klmcadams is a code owner automatically assigned from ansys/pyansys-core

Assignees

No one assigned

Labels

enhancement General improvements to existing features

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@RobPasMue @moe-ad @SMoraisAnsys @MaxJPRey @vgelbgras @pyansys-ci-bot