Implement MCP Server API for web service capability #12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Security Audit | |
| on: | |
| push: | |
| paths: | |
| - '**/Cargo.toml' | |
| - '**/Cargo.lock' | |
| schedule: | |
| - cron: '0 0 * * 0' # Run weekly on Sunday at midnight | |
| workflow_dispatch: # Allow manual triggering | |
| jobs: | |
| audit: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Install Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Cache Rust dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.cargo/registry | |
| ~/.cargo/git | |
| key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }} | |
| - name: Install cargo-audit | |
| run: cargo install cargo-audit | |
| - name: Check for major dependency updates | |
| run: | | |
| echo "Checking for major version updates in dependencies..." | |
| cargo update --dry-run | grep -E "(solana|spl)" | grep -E "(\+[2-9]\.[0-9]|\+[0-9]{2,}\.)" || echo "No major dependency updates found" | |
| - name: Run cargo-audit | |
| run: cargo audit | |