From 08942d659e85979c8aff0f02e1ebb5e414818123 Mon Sep 17 00:00:00 2001
From: Paul Profizi <100710998+PProfizi@users.noreply.github.com>
Date: Mon, 18 Aug 2025 12:13:21 +0200
Subject: [PATCH] ci: add vulnerabilities check

---
 .github/workflows/ci.yml | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 50fe891d2b..bab74e6edb 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -37,6 +37,27 @@ jobs:
       env:
         GITHUB_CONTEXT: ${{ toJson(github) }}
 
+  vulnerabilities:
+    name: Vulnerabilities
+    runs-on: ubuntu-latest
+    steps:
+      - name: PyAnsys Vulnerability check (on main)
+        if: github.ref == 'refs/heads/main'
+        uses: ansys/actions/check-vulnerabilities@v10
+        with:
+          python-version: ${{ env.MAIN_PYTHON_VERSION }}
+          python-package-name: "ansys-dpf-core"
+          token: ${{ secrets.PYANSYS_CI_BOT_TOKEN }}
+
+      - name: PyAnsys Vulnerability check (on dev mode)
+        if: github.ref != 'refs/heads/main'
+        uses: ansys/actions/check-vulnerabilities@v10
+        with:
+          python-version: ${{ env.MAIN_PYTHON_VERSION }}
+          python-package-name: "ansys-dpf-core"
+          token: ${{ secrets.PYANSYS_CI_BOT_TOKEN }}
+          dev-mode: true
+
   pick_server_suffix:
     runs-on: ubuntu-latest
     outputs:
@@ -241,4 +262,4 @@ jobs:
         run: |
           git checkout master
           git reset --hard main
-          git push
\ No newline at end of file
+          git push