Skip to content

Commit

Permalink
ci: update audit.yml workflow to use actions-rust-lang/audit
Browse files Browse the repository at this point in the history
The old actions-rs/audit-check is no longer maintained.
  • Loading branch information
notmandatory committed Oct 17, 2024
1 parent 1f1361a commit 66cf476
Showing 1 changed file with 16 additions and 7 deletions.
23 changes: 16 additions & 7 deletions .github/workflows/audit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,26 @@ name: Audit
on:
push:
paths:
# Run if workflow changes
- '.github/workflows/audit.yml'
# Run on changed dependencies
- '**/Cargo.toml'
- '**/Cargo.lock'
# Run if the configuration file changes
- '**/audit.toml'
# Rerun periodically to pick up new advisories
schedule:
- cron: '0 0 * * 0' # Once per week
- cron: '0 0 * * *' # Nightly
# Run manually
workflow_dispatch:

jobs:

security_audit:
runs-on: ubuntu-20.04
audit:
runs-on: ubuntu-latest
permissions:
contents: read
issues: write
steps:
- uses: actions/checkout@v4
- uses: actions-rs/audit-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions-rust-lang/audit@v1
name: Audit Rust Dependencies

0 comments on commit 66cf476

Please sign in to comment.