-
Notifications
You must be signed in to change notification settings - Fork 0
35 lines (31 loc) · 1.02 KB
/
audit.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
---
name: Security audit - monthly
'on':
push:
paths:
# Run if workflow changes
- '.github/workflows/audit.yml'
# Run on changed dependencies
- '**/Cargo.toml'
- '**/Cargo.lock'
# Run if the configuration file changes
- '**/audit.toml'
# Rerun periodicly to pick up new advisories
schedule:
- cron: '43 05 01 * *'
# Run manually
workflow_dispatch:
concurrency:
# https://docs.github.com/en/actions/examples/using-concurrency-expressions-and-a-test-matrix
group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
cancel-in-progress: ${{ !startsWith(github.ref, 'refs/tags/v') || github.ref != 'refs/heads/main' || github.ref != 'refs/heads/nextnet' || github.ref != 'refs/heads/stagenet' }}
permissions:
contents: read
jobs:
security_audit:
runs-on: [ubuntu-20.04]
steps:
- uses: actions/checkout@v4
- uses: rustsec/audit-check@v1.4.1
with:
token: ${{ secrets.GITHUB_TOKEN }}