Skip to content

audit

audit #457

Workflow file for this run

name: audit
# This is a separate file so it can have a separate badge in readme
# and therefore spread awareness of cargo audit a tiny bit.
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
schedule:
# Runs at 15:00 UTC on Fri
- cron: "0 15 * * 5"
workflow_dispatch:
# This allows running it on any branch manually:
# https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow
env:
CARGO_TERM_COLOR: always
jobs:
audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# Actions-rs/install is unmaintained but works for now.
# Alternatives for when it breaks:
# - dtolnay/install - not a full replacement - only supports crates he uses (not audit currently)
# - baptiste0928/cargo-install - looks like it just compiles the crate and then caches it for subsequent runs
# - just `cargo install` and caching it
- uses: actions-rs/[email protected]
with:
crate: cargo-audit
version: latest
- run: cargo audit --version
# RUSTSEC-2021-0139 - ansi_term is Unmaintained - https://github.com/ogham/rust-ansi-term/issues/72
- run: cargo audit --deny warnings --ignore RUSTSEC-2021-0139