-
Notifications
You must be signed in to change notification settings - Fork 158
36 lines (33 loc) · 930 Bytes
/
security-audit.yml
File metadata and controls
36 lines (33 loc) · 930 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
name: Security Audit
on:
pull_request:
paths:
- .github/workflows/security-audit.yml
- Cargo.lock
push:
branches: master
paths:
- .github/workflows/security-audit.yml
- Cargo.lock
schedule:
- cron: "0 0 * * *"
permissions: # added using https://github.com/step-security/secure-repo
contents: read
jobs:
security_audit:
permissions:
checks: write # for actions-rs/audit-check to create check
contents: read # for actions/checkout to fetch code
issues: write # for actions-rs/audit-check to create issues
name: Security Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- name: Cache cargo bin
uses: actions/cache@v4
with:
path: ~/.cargo/bin
key: ${{ runner.os }}-cargo-audit-v0.21.1
- uses: rustsec/audit-check@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}