name: Dependencies

on:
  pull_request:
    paths:
      - '**/Cargo.toml'
      - 'deny.toml'
  push:
    paths:
      - '**/Cargo.toml'
      - 'deny.toml'
    branches-ignore:
      - 'dependabot/**'
      - staging-squash-merge.tmp
  schedule:
    - cron: "0 0 * * 0"

env:
  CARGO_TERM_COLOR: always

jobs:
  check-advisories:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
          override: true
      - name: Install cargo-deny
        run: cargo install cargo-deny
      - name: Check for security advisories and unmaintained crates
        run: cargo deny check advisories

  check-bans:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
          override: true
      - name: Install cargo-deny
        run: cargo install cargo-deny
      - name: Check for banned and duplicated dependencies
        run: cargo deny check bans

  check-licenses:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
          override: true
      - name: Install cargo-deny
        run: cargo install cargo-deny
      - name: Check for unauthorized licenses
        run: cargo deny check licenses

  check-sources:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
          override: true
      - name: Install cargo-deny
        run: cargo install cargo-deny
      - name: Checked for unauthorized crate sources
        run: cargo deny check sources