.github/workflows/security-audit.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

name: Security audit
on:
  pull_request:
    paths:
      - "**/Cargo.toml"
      - "**/Cargo.lock"
  push:
    paths:
      - "**/Cargo.toml"
      - "**/Cargo.lock"
jobs:
  security_audit:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        checks:
          - advisories
          - bans licenses sources

    # Prevent sudden announcement of a new advisory from failing ci:
    continue-on-error: ${{ matrix.checks == 'advisories' }}

    steps:
      - name: Setup | Checkout
        uses: actions/checkout@v4
      - name: Test | Security Audit
        uses: EmbarkStudios/cargo-deny-action@v1.5.5
        with:
          command: check ${{ matrix.checks }}