bottom/.github/workflows/audit.yml

# A routine check to see if there are any Rust-specific security vulnerabilities in the repo we should be aware of.

name: audit
on:
  workflow_dispatch:
  schedule:
    - cron: "0 0 * * 1"
jobs:
  audit:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - uses: Swatinem/rust-cache@cb2cf0cc7c5198d3364b9630e2c3d457f160790c # 1.4.0

      - name: Install toolchain
        uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746 # https://github.com/actions-rs/toolchain/commit/88dc2356392166efad76775c878094f4e83ff746
        with:
          profile: minimal
          toolchain: stable
          override: true
          target: ${{ matrix.triple.target }}

      - name: Install cargo-audit
        run: |
          cargo install cargo-audit --locked

      - uses: actions-rs/audit-check@35b7b53b1e25b55642157ac01b4adceb5b9ebef3 # 1.2.0
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
ci: add some documentation in the workflow files 2021-10-18 01:54:06 +00:00			`# A routine check to see if there are any Rust-specific security vulnerabilities in the repo we should be aware of.`

ci: Fix some bugs/typos with the deploy script and components (#329) - Fix bug with choco and homebrew using incorrect bash syntax causing broken downloads. Why this didn't fail, idk. - Add tag entry for manual runs to make it easier to deploy/re-run - Fixed some typos - Fixed incorrect string in choco python script 2020-11-26 08:28:56 +00:00			`name: audit`
github: Add cargo-audit cron job 2020-11-01 00:40:50 +00:00			`on:`
ci: allow manual triggering of audit action 2021-10-18 01:32:08 +00:00			`workflow_dispatch:`
github: Add cargo-audit cron job 2020-11-01 00:40:50 +00:00			`schedule:`
ci: make audit action weekly It really doesn't need to run daily. It now runs every Monday. 2021-08-30 21:07:48 +00:00			`- cron: "0 0 * * 1"`
github: Add cargo-audit cron job 2020-11-01 00:40:50 +00:00			`jobs:`
			`audit:`
			`runs-on: ubuntu-latest`
			`steps:`
ci: bump checkout to v3 (#744) Bumps `checkout` calls to v3. 2022-06-02 19:05:43 +00:00			`- uses: actions/checkout@v3`
ci: update audit workflow (#685) Manually install the audit crate as part of the audit CI since it seems to be using too old of a version of Rust. 2022-02-28 00:52:09 +00:00
ci: update rust-cache to 1.4.0 2022-05-01 19:47:30 +00:00			`- uses: Swatinem/rust-cache@cb2cf0cc7c5198d3364b9630e2c3d457f160790c # 1.4.0`
ci: update audit workflow (#685) Manually install the audit crate as part of the audit CI since it seems to be using too old of a version of Rust. 2022-02-28 00:52:09 +00:00
			`- name: Install toolchain`
			`uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746 # https://github.com/actions-rs/toolchain/commit/88dc2356392166efad76775c878094f4e83ff746`
github: Add cargo-audit cron job 2020-11-01 00:40:50 +00:00			`with:`
ci: update audit workflow (#685) Manually install the audit crate as part of the audit CI since it seems to be using too old of a version of Rust. 2022-02-28 00:52:09 +00:00			`profile: minimal`
			`toolchain: stable`
			`override: true`
			`target: ${{ matrix.triple.target }}`

			`- name: Install cargo-audit`
			`run: \|`
			`cargo install cargo-audit --locked`

ci: Use commit hash for some actions to pin them (#641) Pins some actions using a specific commit hash. 2021-12-22 22:29:50 +00:00			`- uses: actions-rs/audit-check@35b7b53b1e25b55642157ac01b4adceb5b9ebef3 # 1.2.0`
github: Add cargo-audit cron job 2020-11-01 00:40:50 +00:00			`with:`
			`token: ${{ secrets.GITHUB_TOKEN }}`