Merge pull request #208 from flavio/enable-cargo-audit-gh-action

Enable `cargo audit`
containers · Sep 6, 2024 · 0885c5f · 0885c5f
2 parents f628532 + 2d42f81
commit 0885c5f
Showing 1 changed file with 24 additions and 0 deletions.
diff --git a/.github/workflows/security-audit.yml b/.github/workflows/security-audit.yml
@@ -0,0 +1,24 @@
+name: Security audit
+on:
+ schedule:
+ - cron: "0 0 * * *"
+ push:
+ paths:
+ - "**/Cargo.toml"
+ - "**/Cargo.lock"
+
+# Declare default permissions as read only.
+permissions: read-all
+
+jobs:
+ audit:
+ permissions:
+ checks: write # for rustsec/audit-check to create check
+ contents: read # for actions/checkout to fetch code
+ issues: write # for rustsec/audit-check to create issues
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ - uses: rustsec/audit-check@dd51754d4e59da7395a4cd9b593f0ff2d61a9b95 # v1.4.1
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}