.github: split security_audit.yml; ignore spin advisory

Splits the security audit into a separate file which only runs on
Cargo.toml changes or on a regular schedule.

Ignores the RUSTSEC-2019-0031 warning advisory.
This commit is contained in:
Tony Arcieri
2019-12-17 07:26:44 -08:00
parent 4dd0f7b31e
commit e6d9003d09
2 changed files with 45 additions and 23 deletions
-23
View File
@@ -150,26 +150,3 @@ jobs:
with:
command: clippy
args: --all --all-features -- -D warnings
# TODO: use actions-rs/audit-check
security_audit:
name: Security Audit
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v1
- name: Install stable toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
- name: Install cargo audit
run: cargo install cargo-audit
- name: Run cargo audit
uses: actions-rs/cargo@v1
with:
command: audit
args: --deny-warnings