From 4d4578df6c650d1add35e7e136d0bff98787668f Mon Sep 17 00:00:00 2001
From: Jens <jens.brimfors@gmail.com>
Date: Mon, 11 May 2020 14:12:32 +0200
Subject: [PATCH 1/8] Create rust-audit.yml

---
 .github/workflows/rust-audit.yml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 .github/workflows/rust-audit.yml

diff --git a/.github/workflows/rust-audit.yml b/.github/workflows/rust-audit.yml
new file mode 100644
index 00000000000..20d8ed80447
--- /dev/null
+++ b/.github/workflows/rust-audit.yml
@@ -0,0 +1,28 @@
+name: Rust security audit
+
+on:
+  schedule:
+    - cron: '0 2 * * *' # run at 2 AM UTC
+  push:
+    paths:
+      - '**/Cargo.toml'
+      - 'Cargo.lock'
+
+jobs:
+  security-audit:
+    runs-on: ubuntu-latest
+    if: "!contains(github.event.head_commit.message, 'ci skip')"
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions-rs/audit-check@v1.2.0
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Discord notification
+        if: failure()
+        env:
+          run_url: "https://github.com/tokio-rs/tokio/actions/runs/${{ github.run_id }}"
+          DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }}
+          DISCORD_USERNAME: GitHub dependency audit
+        uses: Ilshidur/action-discord@f237343
+        with:
+          args: "Dependency security audit failed.\n${{ env.run_url }}"

From 1d26124c64869748e124b2bb6a94beae95acc1b0 Mon Sep 17 00:00:00 2001
From: Geoff Shannon <geoffpshannon@gmail.com>
Date: Sun, 7 Jun 2020 05:29:25 -0700
Subject: [PATCH 2/8] Split different audit checks into different workflows

---
 .github/workflows/pr-audit.yml   | 29 +++++++++++++++++++++++++++++
 .github/workflows/rust-audit.yml | 21 +++++----------------
 2 files changed, 34 insertions(+), 16 deletions(-)
 create mode 100644 .github/workflows/pr-audit.yml

diff --git a/.github/workflows/pr-audit.yml b/.github/workflows/pr-audit.yml
new file mode 100644
index 00000000000..2c71ddece91
--- /dev/null
+++ b/.github/workflows/pr-audit.yml
@@ -0,0 +1,29 @@
+name: Pull Request Security Audit
+
+on:
+  push:
+    paths:
+      - '**/Cargo.toml'
+
+jobs:
+  security-audit:
+    runs-on: ubuntu-latest
+    if: !contains('github.event.head_commit.message', 'ci skip')
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Install cargo-audit
+        uses: action-rs/cargo@v1
+        with:
+          command: install
+          args: cargo-audit
+
+      - name: Generate lockfile
+        uses: action-rs/cargo@v1
+        with:
+          command: generate-lockfile
+
+      - name: Audit dependencies
+        uses: action-rs/cargo@v1
+        with:
+          command: audit
diff --git a/.github/workflows/rust-audit.yml b/.github/workflows/rust-audit.yml
index 20d8ed80447..e27eef1f8b8 100644
--- a/.github/workflows/rust-audit.yml
+++ b/.github/workflows/rust-audit.yml
@@ -1,28 +1,17 @@
-name: Rust security audit
+name: Daily Security Audit
 
 on:
   schedule:
     - cron: '0 2 * * *' # run at 2 AM UTC
-  push:
-    paths:
-      - '**/Cargo.toml'
-      - 'Cargo.lock'
 
 jobs:
   security-audit:
     runs-on: ubuntu-latest
-    if: "!contains(github.event.head_commit.message, 'ci skip')"
+    if: !contains('github.event.head_commit.message', 'ci skip')
     steps:
       - uses: actions/checkout@v2
-      - uses: actions-rs/audit-check@v1.2.0
+
+      - name: Audit Check
+        uses: action-rs/audit-check@v1
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
-      - name: Discord notification
-        if: failure()
-        env:
-          run_url: "https://github.com/tokio-rs/tokio/actions/runs/${{ github.run_id }}"
-          DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }}
-          DISCORD_USERNAME: GitHub dependency audit
-        uses: Ilshidur/action-discord@f237343
-        with:
-          args: "Dependency security audit failed.\n${{ env.run_url }}"

From 9aa73c75cf64b7b1dbe600464480c9c146d254ee Mon Sep 17 00:00:00 2001
From: Geoff Shannon <geoffpshannon@gmail.com>
Date: Sun, 7 Jun 2020 05:38:04 -0700
Subject: [PATCH 3/8] Specify run conditions more precisely and add Discord
 notification

---
 .github/workflows/pr-audit.yml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/.github/workflows/pr-audit.yml b/.github/workflows/pr-audit.yml
index 2c71ddece91..1197acefbea 100644
--- a/.github/workflows/pr-audit.yml
+++ b/.github/workflows/pr-audit.yml
@@ -2,6 +2,11 @@ name: Pull Request Security Audit
 
 on:
   push:
+    branches:
+      - master
+    paths:
+      - '**/Cargo.toml'
+  pull_request:
     paths:
       - '**/Cargo.toml'
 
@@ -27,3 +32,13 @@ jobs:
         uses: action-rs/cargo@v1
         with:
           command: audit
+
+      - name: Discord notification
+        if: failure() && (github.event_name == 'push' && github.event.ref == 'refs/heads/master')
+        env:
+          run_url: "https://github.com/tokio-rs/tokio/actions/runs/${{ github.run_id }}"
+          DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }}
+          DISCORD_USERNAME: GitHub dependency audit
+        uses: Ilshidur/action-discord@f237343
+        with:
+          args: "Dependency security audit failed.\n${{ env.run_url }}"

From 8639c8e39edaf769b6c7a1e41050164b4d3e40c2 Mon Sep 17 00:00:00 2001
From: Geoff Shannon <geoffpshannon@gmail.com>
Date: Sun, 7 Jun 2020 05:50:34 -0700
Subject: [PATCH 4/8] Split trigger conditions up more sensibly

---
 .github/workflows/pr-audit.yml   | 12 ------------
 .github/workflows/rust-audit.yml | 15 +++++++++++++++
 2 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/pr-audit.yml b/.github/workflows/pr-audit.yml
index 1197acefbea..69b401b7ac4 100644
--- a/.github/workflows/pr-audit.yml
+++ b/.github/workflows/pr-audit.yml
@@ -2,8 +2,6 @@ name: Pull Request Security Audit
 
 on:
   push:
-    branches:
-      - master
     paths:
       - '**/Cargo.toml'
   pull_request:
@@ -32,13 +30,3 @@ jobs:
         uses: action-rs/cargo@v1
         with:
           command: audit
-
-      - name: Discord notification
-        if: failure() && (github.event_name == 'push' && github.event.ref == 'refs/heads/master')
-        env:
-          run_url: "https://github.com/tokio-rs/tokio/actions/runs/${{ github.run_id }}"
-          DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }}
-          DISCORD_USERNAME: GitHub dependency audit
-        uses: Ilshidur/action-discord@f237343
-        with:
-          args: "Dependency security audit failed.\n${{ env.run_url }}"
diff --git a/.github/workflows/rust-audit.yml b/.github/workflows/rust-audit.yml
index e27eef1f8b8..33322cd9521 100644
--- a/.github/workflows/rust-audit.yml
+++ b/.github/workflows/rust-audit.yml
@@ -1,6 +1,11 @@
 name: Daily Security Audit
 
 on:
+  push:
+    branches:
+      - master
+    paths:
+      - '**/Cargo.toml'
   schedule:
     - cron: '0 2 * * *' # run at 2 AM UTC
 
@@ -15,3 +20,13 @@ jobs:
         uses: action-rs/audit-check@v1
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Discord notification
+        if: failure() && (github.event_name == 'push' && github.event.ref == 'refs/heads/master')
+        env:
+          run_url: "https://github.com/tokio-rs/tokio/actions/runs/${{ github.run_id }}"
+          DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }}
+          DISCORD_USERNAME: GitHub dependency audit
+        uses: Ilshidur/action-discord@f237343
+        with:
+          args: "Dependency security audit failed.\n${{ env.run_url }}"

From 54915e71969097f856ef5bf8f7bf4bbf6452df49 Mon Sep 17 00:00:00 2001
From: Geoff Shannon <geoffpshannon@gmail.com>
Date: Sun, 7 Jun 2020 06:08:52 -0700
Subject: [PATCH 5/8] Fix yaml syntax

---
 .github/workflows/pr-audit.yml   | 2 +-
 .github/workflows/rust-audit.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/pr-audit.yml b/.github/workflows/pr-audit.yml
index 69b401b7ac4..61328fa89c6 100644
--- a/.github/workflows/pr-audit.yml
+++ b/.github/workflows/pr-audit.yml
@@ -11,7 +11,7 @@ on:
 jobs:
   security-audit:
     runs-on: ubuntu-latest
-    if: !contains('github.event.head_commit.message', 'ci skip')
+    if: "!contains(github.event.head_commit.message, 'ci skip')"
     steps:
       - uses: actions/checkout@v2
 
diff --git a/.github/workflows/rust-audit.yml b/.github/workflows/rust-audit.yml
index 33322cd9521..fa7de521ccd 100644
--- a/.github/workflows/rust-audit.yml
+++ b/.github/workflows/rust-audit.yml
@@ -12,7 +12,7 @@ on:
 jobs:
   security-audit:
     runs-on: ubuntu-latest
-    if: !contains('github.event.head_commit.message', 'ci skip')
+    if: "!contains(github.event.head_commit.message, 'ci skip')"
     steps:
       - uses: actions/checkout@v2
 

From ed6cdaadb5a6947595d1bc646fd36a0b7f12b8d7 Mon Sep 17 00:00:00 2001
From: Geoff Shannon <geoffpshannon@gmail.com>
Date: Sun, 7 Jun 2020 06:18:15 -0700
Subject: [PATCH 6/8] Fix names

---
 .github/workflows/{rust-audit.yml => audit.yml} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename .github/workflows/{rust-audit.yml => audit.yml} (97%)

diff --git a/.github/workflows/rust-audit.yml b/.github/workflows/audit.yml
similarity index 97%
rename from .github/workflows/rust-audit.yml
rename to .github/workflows/audit.yml
index fa7de521ccd..8be4225a440 100644
--- a/.github/workflows/rust-audit.yml
+++ b/.github/workflows/audit.yml
@@ -1,4 +1,4 @@
-name: Daily Security Audit
+name: Security Audit
 
 on:
   push:

From bfa4dfeda3d9fd8571bd51d9cd211cf08093c1fe Mon Sep 17 00:00:00 2001
From: Geoff Shannon <geoffpshannon@gmail.com>
Date: Sun, 7 Jun 2020 06:30:21 -0700
Subject: [PATCH 7/8] Correct paths to rust actions

---
 .github/workflows/audit.yml    | 2 +-
 .github/workflows/pr-audit.yml | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index 8be4225a440..174326af8e0 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -17,7 +17,7 @@ jobs:
       - uses: actions/checkout@v2
 
       - name: Audit Check
-        uses: action-rs/audit-check@v1
+        uses: actions-rs/audit-check@v1
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
 
diff --git a/.github/workflows/pr-audit.yml b/.github/workflows/pr-audit.yml
index 61328fa89c6..26c0ee2f119 100644
--- a/.github/workflows/pr-audit.yml
+++ b/.github/workflows/pr-audit.yml
@@ -16,17 +16,17 @@ jobs:
       - uses: actions/checkout@v2
 
       - name: Install cargo-audit
-        uses: action-rs/cargo@v1
+        uses: actions-rs/cargo@v1
         with:
           command: install
           args: cargo-audit
 
       - name: Generate lockfile
-        uses: action-rs/cargo@v1
+        uses: actions-rs/cargo@v1
         with:
           command: generate-lockfile
 
       - name: Audit dependencies
-        uses: action-rs/cargo@v1
+        uses: actions-rs/cargo@v1
         with:
           command: audit

From 3c3b4ead6c9a1d680950c540fb49b98735d04c05 Mon Sep 17 00:00:00 2001
From: Geoff Shannon <geoffpshannon@gmail.com>
Date: Thu, 11 Jun 2020 01:45:23 -0700
Subject: [PATCH 8/8] Remove Discord notification

---
 .github/workflows/audit.yml | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index 174326af8e0..a901a0fd014 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -20,13 +20,3 @@ jobs:
         uses: actions-rs/audit-check@v1
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Discord notification
-        if: failure() && (github.event_name == 'push' && github.event.ref == 'refs/heads/master')
-        env:
-          run_url: "https://github.com/tokio-rs/tokio/actions/runs/${{ github.run_id }}"
-          DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }}
-          DISCORD_USERNAME: GitHub dependency audit
-        uses: Ilshidur/action-discord@f237343
-        with:
-          args: "Dependency security audit failed.\n${{ env.run_url }}"