Skip to content

security

security #293

Workflow file for this run

name: security
on:
workflow_dispatch:
schedule:
- cron: '0 8 * * *' # At 8:00 AM UTC, which is 9:00 AM CET
jobs:
audit:
name: Run cargo audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: rustsec/audit-check@v1.4.1
with:
token: ${{ secrets.GITHUB_TOKEN }}
clippy:
name: Run cargo clippy
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Rust toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
components: clippy
override: true
- name: Install clippy-sarif sarif-fmt
run: cargo install clippy-sarif sarif-fmt
- name: Run cargo clippy and convert to SARIF
run:
cargo clippy
--all-features --all-targets
--message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt
continue-on-error: true
- name: Upload analysis results to GitHub
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: rust-clippy-results.sarif
wait-for-processing: true