From 96970b6963f293386efc35b1cc158bad72d515bc Mon Sep 17 00:00:00 2001
From: Marco D'Aleo <marco@marcodaleo.com>
Date: Sun, 21 Dec 2025 10:01:05 +0000
Subject: [PATCH] Rework lint-and-security workflow to add Poetry and the
 export plugin to work with pip-audit

---
 .gitea/workflows/lint-and-security.yml | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/.gitea/workflows/lint-and-security.yml b/.gitea/workflows/lint-and-security.yml
index 51377d9..fa95502 100644
--- a/.gitea/workflows/lint-and-security.yml
+++ b/.gitea/workflows/lint-and-security.yml
@@ -22,11 +22,15 @@ jobs:
       - name: Run pre-commit hooks
         run: pre-commit run --all-files --color always
 
-      - name: Audit dependencies
+      - name: Install Poetry
+        run: |
+          pip install poetry
+          poetry self add poetry-plugin-export
+
+      - name: Install pip-audit
+        run: pip install pip-audit
+
+      - name: Audit dependencies (Poetry lockfile)
         run: |
-          pip install poetry pip-audit
           poetry export -f requirements.txt --without-hashes \
             | pip-audit -r /dev/stdin
-
-      - name: Run pip-audit
-        run: pip-audit