Audit cargo dependencies for security vulnerabilities #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Audit cargo dependencies for security vulnerabilities | |
| on: | |
| schedule: | |
| - cron: "0 9 * * 1" # run at 9am every Monday | |
| workflow_dispatch: # allow manual triggering | |
| permissions: | |
| issues: write # Creates issues for any vulnerabilities found | |
| contents: read | |
| checks: write # Needs to create check | |
| jobs: | |
| audit: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # We are not using the common workflow here because it installs a bunch of tools we don't need. | |
| # TODO: Once the runner image is updated to include the necessary tools (without downloading), we can switch to the common workflow. | |
| - uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: "1.81.0" | |
| - uses: rustsec/[email protected] | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} |