mirror of
https://github.com/ClementTsang/bottom
synced 2024-11-26 14:10:19 +00:00
26 lines
879 B
YAML
26 lines
879 B
YAML
# A routine check to see if there are any Rust-specific security vulnerabilities in the repo we should be aware of.
|
|
|
|
name: audit
|
|
on:
|
|
workflow_dispatch:
|
|
schedule:
|
|
- cron: "0 0 * * 1"
|
|
jobs:
|
|
audit:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Set up Rust toolchain
|
|
uses: dtolnay/rust-toolchain@ba37adf8f94a7d9affce79bd3baff1b9e3189c33 # https://github.com/dtolnay/rust-toolchain/commit/ba37adf8f94a7d9affce79bd3baff1b9e3189c33
|
|
with:
|
|
toolchain: stable
|
|
|
|
- name: Install cargo-audit
|
|
run: |
|
|
cargo install cargo-audit --locked
|
|
|
|
- uses: rustsec/audit-check@bb800784d9c5b0afa352b75dae201bf2e438960a # https://github.com/rustsec/audit-check/commit/bb800784d9c5b0afa352b75dae201bf2e438960a
|
|
with:
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|