ci: add advanced security tests job

.gitea/workflows/ci.yml

@@ -164,6 +164,33 @@ jobs:
       - name: Audit logging tests
         run: pytest tests/test_audit.py -v --tb=short
 
+  security-advanced:
+    name: Advanced Security Tests
+    runs-on: ubuntu-latest
+    needs: [lint, security]
+    container:
+      image: python:3.11-slim
+
+    steps:
+      - name: Setup and checkout
+        run: |
+          apt-get update -qq && apt-get install -yqq --no-install-recommends git >/dev/null
+          git clone --depth 1 --branch "${GITHUB_REF_NAME}" \
+            "https://oauth2:${{ github.token }}@${GITHUB_SERVER_URL#https://}/${GITHUB_REPOSITORY}.git" .
+
+      - name: Install dependencies
+        run: |
+          pip install -q -r requirements.txt
+
+      - name: CLI security audit
+        run: python tests/security/cli_security_audit.py
+
+      - name: DoS memory exhaustion tests
+        run: python tests/security/dos_memory_test.py
+
+      - name: Race condition tests
+        run: python tests/security/race_condition_test.py
+
   memory:
     name: Memory Leak Check
     runs-on: ubuntu-latest