46 lines
1.0 KiB
YAML
46 lines
1.0 KiB
YAML
name: Security Audit
|
|
on:
|
|
pull_request:
|
|
paths: Cargo.lock
|
|
push:
|
|
branches: main
|
|
paths: Cargo.lock
|
|
schedule:
|
|
- cron: '0 0 * * *'
|
|
|
|
jobs:
|
|
# TODO: use actions-rs/audit-check
|
|
security_audit:
|
|
name: Security Audit
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout sources
|
|
uses: actions/checkout@v5
|
|
|
|
- name: Cache cargo registry
|
|
uses: actions/cache@v5
|
|
with:
|
|
path: ~/.cargo/registry
|
|
key: ${{ runner.os }}-cargo-registry-${{ hashFiles('Cargo.lock') }}
|
|
|
|
- name: Cache cargo index
|
|
uses: actions/cache@v5
|
|
with:
|
|
path: ~/.cargo/git
|
|
key: ${{ runner.os }}-cargo-index-${{ hashFiles('Cargo.lock') }}
|
|
|
|
- name: Install stable toolchain
|
|
uses: actions-rs/toolchain@v1
|
|
with:
|
|
toolchain: stable
|
|
override: true
|
|
|
|
- name: Install cargo audit
|
|
run: cargo install cargo-audit
|
|
|
|
- name: Run cargo audit
|
|
uses: actions-rs/cargo@v1
|
|
with:
|
|
command: audit
|
|
args: --deny warnings
|