competitive-message-router/.github/workflows/security.yml at 604eec09f7ca03578ff1e30c9e1a7611ca9c689d · turtle261/competitive-message-router · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
name: Security

on:
  push:
    branches: ["master"]
    paths-ignore:
      - "README.md"
  pull_request:
    branches: ["master"]
    paths-ignore:
      - "README.md"
  workflow_dispatch:
  schedule:
    - cron: "17 5 * * 1"

permissions:
  contents: read
  security-events: write

concurrency:
  group: security-${{ github.ref }}
  cancel-in-progress: true

jobs:
  cargo-audit-deny:
    name: Cargo audit + deny
    runs-on: ubuntu-latest
    env:
      CARGO_TERM_COLOR: always
      RUSTFLAGS: "-C target-cpu=generic"
    steps:
      - uses: actions/checkout@v4

      - name: Setup Rust toolchain
        uses: dtolnay/rust-toolchain@stable

      - name: Cache Rust artifacts
        uses: Swatinem/rust-cache@v2

      - name: Install cargo-audit and cargo-deny
        uses: taiki-e/install-action@v2
        with:
          tool: cargo-audit,cargo-deny

      - name: Cargo audit
        run: cargo audit

      - name: Cargo deny (advisories, bans, licenses, sources)
        run: cargo deny check advisories bans licenses sources --config deny.toml