.github/workflows/audit.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

# A routine check to see if there are any Rust-specific security vulnerabilities in the repo we should be aware of.

name: audit
on:
  workflow_dispatch:
  schedule:
    - cron: "0 0 * * 1"
jobs:
  audit:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3

      - name: Set up Rust toolchain
        uses: dtolnay/rust-toolchain@ba37adf8f94a7d9affce79bd3baff1b9e3189c33 # https://github.com/dtolnay/rust-toolchain/commit/ba37adf8f94a7d9affce79bd3baff1b9e3189c33
        with:
          toolchain: stable

      - name: Install cargo-audit
        run: |
          cargo install cargo-audit --locked

      - uses: rustsec/audit-check@bb800784d9c5b0afa352b75dae201bf2e438960a # https://github.com/rustsec/audit-check/commit/bb800784d9c5b0afa352b75dae201bf2e438960a
        with:
          token: ${{ secrets.GITHUB_TOKEN }}