From e50ca3450533ce582a19b23ea0d8dd9ff071bcaf Mon Sep 17 00:00:00 2001
From: Lucas Cimon <925560+Lucas-C@users.noreply.github.com>
Date: Tue, 8 Oct 2024 19:11:19 +0200
Subject: [PATCH] Adopting grype security scan (#1277)

---
 .github/workflows/continuous-integration-workflow.yml | 6 ++++++
 README.md                                             | 3 ++-
 docs/Development.md                                   | 3 +--
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml
index 58b468bf0..cb5d47fd8 100644
--- a/.github/workflows/continuous-integration-workflow.yml
+++ b/.github/workflows/continuous-integration-workflow.yml
@@ -39,6 +39,12 @@ jobs:
           pylint fpdf test tutorial/tuto*.py
           bandit -c .banditrc.yml -r contributors/ fpdf/ tutorial/
           semgrep scan --config auto --error --strict --exclude-rule=python.lang.security.insecure-hash-function.insecure-hash-function fpdf
+      - name: Scan current project
+        if: matrix.python-version == '3.12' && matrix.platform == 'ubuntu-latest'
+        uses: anchore/scan-action@v3
+        with:
+          path: "."
+          fail-build: true
       - name: Ensure code has been autoformatted with black 🖌️
         if: matrix.python-version == '3.12' && matrix.platform == 'ubuntu-latest'
         run: black --check .
diff --git a/README.md b/README.md
index ea92011eb..481bf42d6 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,8 @@
 
 [![build status](https://github.com/py-pdf/fpdf2/workflows/build/badge.svg)](https://github.com/py-pdf/fpdf2/actions?query=branch%3Amaster)
 [![codecov](https://codecov.io/gh/py-pdf/fpdf2/branch/master/graph/badge.svg)](https://codecov.io/gh/py-pdf/fpdf2)
-![security: bandit, pylint, semgrep](https://img.shields.io/badge/linters-bandit,pylint,semgrep-yellow.svg)
+![Pypi Trusted Publisher: enabled](https://img.shields.io/badge/Pypi%20Trusted%20Publisher-enabled-green.svg)
+![checks: bandit, pylint, semgrep](https://img.shields.io/badge/checks-bandit,pylint,semgrep,grype-green.svg)
 
 [![Dependents](https://img.shields.io/librariesio/dependents/pypi/fpdf2)](https://libraries.io/pypi/fpdf2/dependents)
 [![Downloads per month](https://pepy.tech/badge/fpdf2/month)](https://pepy.tech/project/fpdf2)
diff --git a/docs/Development.md b/docs/Development.md
index ed3b1a5c0..be277b197 100644
--- a/docs/Development.md
+++ b/docs/Development.md
@@ -218,8 +218,7 @@ Also (optionnal, once every year), update `contributors/contributors-map-small.p
 5. check that [the GitHub Actions succeed](https://github.com/py-pdf/fpdf2/actions), and that [a new release appears on Pypi](https://pypi.org/project/fpdf2/#history)
 6. perform a [GitHub release](https://github.com/py-pdf/fpdf2/releases), taking the description from the `CHANGELOG.md`.
 It will create a new `git` tag.
-7. Announce the release on [r/pythonnews](https://www.reddit.com/r/pythonnews/),
-   and add an announcement to the documentation website: [docs/overrides/main.html](https://github.com/py-pdf/fpdf2/blob/master/docs/overrides/main.html)
+7. Announce the release on [r/pythonnews](https://www.reddit.com/r/pythonnews/)
 
 ## Documentation
 The standalone documentation is in the `docs` subfolder,