Skip to content

Security Audit

Security Audit #1172

name: Security Audit
on:
pull_request:
branches:
- main
paths:
- "**/Cargo.toml"
- "**/Cargo.lock"
- ".github/workflows/security-audit.yaml"
schedule:
- cron: "0 0 * * *" # once a day at midnight UTC
# NB: that cron trigger on GH actions runs only on the default branch
jobs:
# Ignored advisories:
# - https://rustsec.org/advisories/RUSTSEC-2024-0320 : yaml-rust is unmaintained
# - This is a dependency of the config crate, which does not have a version without yaml-rust.
security_audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
# Ignored advisories:
# - https://rustsec.org/advisories/RUSTSEC-2024-0320 : yaml-rust is unmaintained
# - This is a dependency of the config crate, which does not have a version without yaml-rust.
# See https://github.com/mehcode/config-rs/issues/473
- run: |
cargo audit --deny warnings --ignore RUSTSEC-2024-0320