Remove explicit call to osv-scanner.yaml

mhucka · mhucka · commit b51b343ea2ea · 2025-08-31T19:16:47.000-07:00
The scanner file invokes itself on PRs, so this is unnecessary.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -160,9 +160,8 @@ jobs:
           # The outputs will be variables named "foo_files" for a filter "foo".
           filters: |
             ci:
-              - './.github/workflows/ci.yml'
-              - './.github/workflows/codeql.yaml'
-              - './.github/workflows/osv-scanner.yaml'
+              - './.github/workflows/ci.yaml'
+              - './.github/workflows/nightly-pytest.yaml'
             cff:
               - added|modified:
                   - '**/CITATION.cff'
@@ -587,15 +586,6 @@ jobs:
       - name: Run shellcheck on shell scripts that have been changed
         run: shellcheck ${{env.changed_files}}
 
-  vulnerability-checks:
-    if: needs.changes.outputs.requirements == 'true'
-    name: Vulnerability checks
-    needs: changes
-    uses: ./.github/workflows/osv-scanner.yaml
-    permissions: write-all
-    with:
-      reason: CI
-
   print-debugging-info:
     if: failure()
     name: Print debugging info upon job failure
