mirror of
https://github.com/ClementTsang/bottom
synced 2024-11-23 04:33:10 +00:00
57e1a8285e
Manually install the audit crate as part of the audit CI since it seems to be using too old of a version of Rust.
30 lines
941 B
YAML
30 lines
941 B
YAML
# A routine check to see if there are any Rust-specific security vulnerabilities in the repo we should be aware of.
|
|
|
|
name: audit
|
|
on:
|
|
workflow_dispatch:
|
|
schedule:
|
|
- cron: "0 0 * * 1"
|
|
jobs:
|
|
audit:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
|
|
- uses: Swatinem/rust-cache@842ef286fff290e445b90b4002cc9807c3669641 # 1.3.0
|
|
|
|
- name: Install toolchain
|
|
uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746 # https://github.com/actions-rs/toolchain/commit/88dc2356392166efad76775c878094f4e83ff746
|
|
with:
|
|
profile: minimal
|
|
toolchain: stable
|
|
override: true
|
|
target: ${{ matrix.triple.target }}
|
|
|
|
- name: Install cargo-audit
|
|
run: |
|
|
cargo install cargo-audit --locked
|
|
|
|
- uses: actions-rs/audit-check@35b7b53b1e25b55642157ac01b4adceb5b9ebef3 # 1.2.0
|
|
with:
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|