Skip to content

Commit 13a5d73

Browse files
committed
Introduce CI workflow running cargo audit
In order to continuously monitor our dependencies for security vulnerabilities, we introduce a new CI job that will use `cargo audit` to check for any known vulnerabilities. This job is run on a daily schedule. For each new advisory, a new issue will be created.
1 parent 5153c6c commit 13a5d73

File tree

1 file changed

+24
-0
lines changed

1 file changed

+24
-0
lines changed

.github/workflows/audit.yml

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
name: Security audit
2+
on:
3+
schedule:
4+
- cron: '0 0 * * *'
5+
6+
jobs:
7+
audit:
8+
strategy:
9+
matrix:
10+
platform: [
11+
ubuntu-latest,
12+
macos-latest,
13+
]
14+
runs-on: ${{ matrix.platform }}
15+
permissions:
16+
issues: write
17+
issues-reason: to create issues
18+
checks: write
19+
checks-reason: to create checks
20+
steps:
21+
- uses: actions/checkout@v3
22+
- uses: rustsec/audit-check@v1.4.1
23+
with:
24+
token: ${{ secrets.GITHUB_TOKEN }}

0 commit comments

Comments
 (0)