generated from recmo/rust-service-template
-
Notifications
You must be signed in to change notification settings - Fork 37
34 lines (31 loc) · 872 Bytes
/
audit.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
name: Security Audit
# See <https://github.com/marketplace/actions/rust-audit-check>
on:
push:
branches: [main]
paths:
- "**/Cargo.toml"
- "**/Cargo.lock"
schedule:
- cron: "0 2 * * *" # run at 2 AM UTC
env:
RUST_VERSION: 1.74
jobs:
security-audit:
name: Dependency Security Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Rust
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: ${{ env.RUST_VERSION }}
default: true
- uses: rustsec/audit-check@v1.4.1
with:
token: ${{ secrets.GITHUB_TOKEN }}
# False positive from cargo audit.
# Stems from excluded optional dependency sqlx-mysql.
# https://github.com/rustsec/rustsec/issues/1119
ignore: "RUSTSEC-2023-0071"