From cd693114fb6dcca29f39de3e8e89c3397a8129fd Mon Sep 17 00:00:00 2001 From: Steve Myers Date: Mon, 14 Oct 2024 15:51:52 -0500 Subject: [PATCH] ci: update audit.yml workflow to use actions-rust-lang/audit The old actions-rs/audit-check is no longer maintained. --- .github/workflows/audit.yml | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 6143cca82..e0da8e855 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -3,17 +3,26 @@ name: Audit on: push: paths: + # Run if workflow changes + - '.github/workflows/audit.yml' + # Run on changed dependencies - '**/Cargo.toml' - '**/Cargo.lock' + # Run if the configuration file changes + - '**/audit.toml' + # Rerun periodically to pick up new advisories schedule: - - cron: '0 0 * * 0' # Once per week + - cron: '0 0 * * *' # Nightly + # Run manually + workflow_dispatch: jobs: - - security_audit: - runs-on: ubuntu-20.04 + audit: + runs-on: ubuntu-latest + permissions: + contents: read + issues: write steps: - - uses: actions/checkout@v2 - - uses: actions-rs/audit-check@v1 - with: - token: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file + - uses: actions/checkout@v4 + - uses: actions-rust-lang/audit@v1 + name: Audit Rust Dependencies