diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml new file mode 100644 index 0000000..ee08c8f --- /dev/null +++ b/.github/workflows/audit.yml @@ -0,0 +1,12 @@ +name: Security audit +on: + schedule: + - cron: '0 0 * * *' +jobs: + audit: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v1 + - uses: actions-rs/audit-check@v1 + with: + token: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 90bfd18..600d3f7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -38,25 +38,13 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} - audit: + security_audit: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - - - uses: actions-rs/toolchain@v1 - with: - profile: minimal - toolchain: stable - default: true - - name: Install cargo-audit - uses: actions-rs/install@v0.1.2 + - uses: actions-rs/audit-check@v1 with: - crate: cargo-audit - version: latest - use-tool-cache: true - - name: Audit - run: cargo audit --deny warnings - + token: ${{ secrets.GITHUB_TOKEN }} build-and-test: strategy: