From 364171ebcaa4714d5a23ca6b0c6aad72a16af677 Mon Sep 17 00:00:00 2001
From: dresber <dresber@users.noreply.github.com>
Date: Sat, 30 May 2026 14:43:38 +0200
Subject: [PATCH] fix(python-security-checks): use custom runner image instead
 of python slim

python:3.14-slim has no Node.js so actions/checkout@v4 fails with
'node: executable file not found in PATH'. Switch to the same
gitea_runner_python314 custom image used by python-checks.yml which
has both Python 3.14 and Node.js. Drop the python_version input as it
no longer drives the container selection.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .gitea/workflows/python-security-checks.yml | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/.gitea/workflows/python-security-checks.yml b/.gitea/workflows/python-security-checks.yml
index de5243a..1203e71 100644
--- a/.gitea/workflows/python-security-checks.yml
+++ b/.gitea/workflows/python-security-checks.yml
@@ -3,9 +3,6 @@ name: Reusable Python Security Checks
 on:
   workflow_call:
     inputs:
-      python_version:
-        type: string
-        default: "3.14"
       install_command:
         type: string
         default: 'python -m pip install "bandit[toml]"'
@@ -15,12 +12,18 @@ on:
       working_directory:
         type: string
         default: "."
+    secrets:
+      REGISTRY_USERNAME: { required: true }
+      REGISTRY_PASSWORD: { required: true }
 
 jobs:
   security:
     runs-on: docker
     container:
-      image: python:${{ inputs.python_version }}-slim
+      image: gitea.tech-buddy.at/bitbuddydev/gitea_runner_python314:dev-bda315b82bb23d83065b77d91fedf0e20d9accf1
+      credentials:
+        username: ${{ secrets.REGISTRY_USERNAME }}
+        password: ${{ secrets.REGISTRY_PASSWORD }}
 
     steps:
       - name: Checkout