Skip to content

Security Audit

Security Audit #957

Workflow file for this run

name: Security Audit
# See <https://github.com/marketplace/actions/rust-audit-check>
on:
push:
branches: [main]
paths:
- "**/Cargo.toml"
- "**/Cargo.lock"
schedule:
- cron: "0 2 * * *" # run at 2 AM UTC
env:
RUST_VERSION: 1.74
jobs:
security-audit:
name: Dependency Security Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Rust
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: ${{ env.RUST_VERSION }}
default: true
- uses: rustsec/audit-check@v1.4.1
with:
token: ${{ secrets.GITHUB_TOKEN }}
# False positive from cargo audit.
# Stems from excluded optional dependency sqlx-mysql.
# https://github.com/rustsec/rustsec/issues/1119
ignore: "RUSTSEC-2023-0071"