Skip to content

Commit

Permalink
Merge #3092
Browse files Browse the repository at this point in the history 
3092: ci: add a scheduled audit workflow r=quake,liya2017 a=yangby-cryptape

### What problem does this PR solve?

At present, CKB only checks security vulnerabilities when some one submits a pull request.

If no one submit a pull request, we couldn't know whether CKB has security vulnerabilities or not.

This PR add a scheduled audit workflow to check security vulnerabilities daily.
So we could know any security vulnerability in 24 hours after it became public.

Ref: https://github.com/actions-rs/audit-check#scheduled-audit

### Check List

Tests

- No code (skip ci)

### Release note

```release-note
None: Exclude this PR from the release note.
```



Co-authored-by: Boyu Yang <[email protected]>
  • Loading branch information
@bors @yangby-cryptape
bors[bot] and yangby-cryptape authored Oct 20, 2021
2 parents 780ac48 + ba15414 commit a61d6f1
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions .github/workflows/scheduled_audit.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
name: Security Audit
on:
schedule:
- cron: '0 0 * * *'
jobs:
audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: yangby-cryptape/cargo-audit-check-action@customized-for-ckb
with:
token: ${{ secrets.GITHUB_TOKEN }}

0 comments on commit a61d6f1

Please sign in to comment.