-
-
Notifications
You must be signed in to change notification settings - Fork 0
87 lines (79 loc) · 2.24 KB
/
dependencies.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
# Lifted mostly verbatim from Bevy v0.6.0 under MIT OR Apache-2.0.
# See <https://github.com/bevyengine/bevy/blob/458cb7a9e93dab3127bb99ce7bf8cfc3af18851d/.github/workflows/dependencies.yml>.
name: Dependencies
permissions:
contents: read
on:
pull_request:
paths:
- '**/Cargo.toml'
- 'Cargo.lock'
- 'deny.toml'
push:
paths:
- '**/Cargo.toml'
- 'Cargo.lock'
- 'deny.toml'
- '.github/workflows/dependencies.yml'
branches-ignore:
- 'dependabot/**'
# This used to also be scheduled, but apparently GitHub also turns it off otherwise when deactivating that due to repository inactivity.
env:
CARGO_TERM_COLOR: always
jobs:
check-advisories:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
- uses: actions-rs/[email protected]
with:
crate: cargo-deny
use-tool-cache: true
- name: Check for security advisories and unmaintained crates
run: cargo deny check advisories
check-bans:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
- uses: actions-rs/[email protected]
with:
crate: cargo-deny
use-tool-cache: true
- name: Check for banned and duplicated dependencies
run: cargo deny check bans
check-licenses:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
- uses: actions-rs/[email protected]
with:
crate: cargo-deny
use-tool-cache: true
- name: Check for unauthorized licenses
run: cargo deny check licenses
check-sources:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
- uses: actions-rs/[email protected]
with:
crate: cargo-deny
use-tool-cache: true
- name: Checked for unauthorized crate sources
run: cargo deny check sources