From 508b022721a2b8691802224f092def0d3f202535 Mon Sep 17 00:00:00 2001
From: Kovid Goyal <kovid@kovidgoyal.net>
Date: Tue, 23 Sep 2025 08:46:03 +0530
Subject: [PATCH] Run dependency scanner CI job on schedule as well

---
 .github/workflows/ci.yml      | 23 ---------------------
 .github/workflows/depscan.yml | 39 +++++++++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+), 23 deletions(-)
 create mode 100644 .github/workflows/depscan.yml

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 692be2369..134210369 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -199,29 +199,6 @@ jobs:
           - name: Run benchmarks
             run: ./benchmark.py
 
-    dependecy-scanner:
-        name: Scan dependencies for vulnerabilities
-        runs-on: ubuntu-latest
-        env:
-            KITTY_BUNDLE: 1
-        steps:
-          - name: Checkout source code
-            uses: actions/checkout@v5
-            with:
-              fetch-depth: 10
-              persist-credentials: false
-
-          - name: Checkout bypy
-            uses: actions/checkout@v5
-            with:
-              fetch-depth: 1
-              persist-credentials: false
-              repository: kovidgoyal/bypy
-              path: bypy-src
-
-          - name: Check dependencies
-            run: python3 .github/workflows/ci.py check-dependencies
-
     linux-dev:
         name: Test ./dev.sh and benchmark
         runs-on: ubuntu-latest
diff --git a/.github/workflows/depscan.yml b/.github/workflows/depscan.yml
new file mode 100644
index 000000000..f514e1813
--- /dev/null
+++ b/.github/workflows/depscan.yml
@@ -0,0 +1,39 @@
+name: Depscan
+on:
+    push:
+        branches: [master]
+    schedule:
+        - cron: '0 12 * * 5'
+
+env:
+    CI: 'true'
+    ASAN_OPTIONS: detect_leaks=0
+    LC_ALL: en_US.UTF-8
+    LANG: en_US.UTF-8
+
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
+jobs:
+    dependecy-scanner:
+        name: Scan dependencies for vulnerabilities
+        runs-on: ubuntu-latest
+        env:
+            KITTY_BUNDLE: 1
+        steps:
+          - name: Checkout source code
+            uses: actions/checkout@v5
+            with:
+              fetch-depth: 10
+              persist-credentials: false
+
+          - name: Checkout bypy
+            uses: actions/checkout@v5
+            with:
+              fetch-depth: 1
+              persist-credentials: false
+              repository: kovidgoyal/bypy
+              path: bypy-src
+
+          - name: Check dependencies
+            run: python3 .github/workflows/ci.py check-dependencies