bottom/.github/workflows/audit.yml

# A routine check to see if there are any Rust-specific security vulnerabilities in the repo we should be aware of.

name: audit
on:
  workflow_dispatch:
  schedule:
    - cron: "0 0 * * 1"
jobs:
  audit:
    timeout-minutes: 18
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2

      - name: Set up Rust toolchain
        uses: dtolnay/rust-toolchain@b44cb146d03e8d870c57ab64b80f04586349ca5d
        with:
          toolchain: stable

      - name: Enable Rust cache
        uses: Swatinem/rust-cache@988c164c3d0e93c4dbab36aaf5bbeb77425b2894 # 2.4.0
        with:
          cache-targets: false
          cache-all-crates: true
          cache-on-failure: true

      - name: Install cargo-audit
        run: |
          cargo install cargo-audit --locked
          rm -rf ~/.cargo/registry || echo "no registry to delete"

      - uses: rustsec/audit-check@dd51754d4e59da7395a4cd9b593f0ff2d61a9b95 # v1.4.1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
ci: add some documentation in the workflow files 2021-10-18 03:54:06 +02:00			`# A routine check to see if there are any Rust-specific security vulnerabilities in the repo we should be aware of.`

ci: Fix some bugs/typos with the deploy script and components (#329) - Fix bug with choco and homebrew using incorrect bash syntax causing broken downloads. Why this didn't fail, idk. - Add tag entry for manual runs to make it easier to deploy/re-run - Fixed some typos - Fixed incorrect string in choco python script 2020-11-26 09:28:56 +01:00			`name: audit`
github: Add cargo-audit cron job 2020-11-01 01:40:50 +01:00			`on:`
ci: allow manual triggering of audit action 2021-10-18 03:32:08 +02:00			`workflow_dispatch:`
github: Add cargo-audit cron job 2020-11-01 01:40:50 +01:00			`schedule:`
ci: make audit action weekly It really doesn't need to run daily. It now runs every Monday. 2021-08-30 23:07:48 +02:00			`- cron: "0 0 * * 1"`
github: Add cargo-audit cron job 2020-11-01 01:40:50 +01:00			`jobs:`
			`audit:`
ci: reduce CI timeout to 18 minutes (#1028) * ci: reduce CI timeout to 15 minutes * add additional timeouts * go with 18 minutes for safety 2023-02-21 10:09:19 +01:00			`timeout-minutes: 18`
github: Add cargo-audit cron job 2020-11-01 01:40:50 +01:00			`runs-on: ubuntu-latest`
			`steps:`
ci: try moving to rust-toolchain (#745) action-rs' action seems to not be really maintained anymore and throws some redundant warnings that kinda clog up outputs. As such, I feel like moving to a more active action is probably worth it. 2022-06-03 00:04:51 +02:00			`- name: Checkout repository`
ci: pin and update some workflow actions (#1145) * ci: pin and update some workflow actions * also update setup-python * and rust-toolchain 2023-05-11 06:42:39 +02:00			`uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2`
ci: update audit workflow (#685) Manually install the audit crate as part of the audit CI since it seems to be using too old of a version of Rust. 2022-02-28 01:52:09 +01:00
ci: try moving to rust-toolchain (#745) action-rs' action seems to not be really maintained anymore and throws some redundant warnings that kinda clog up outputs. As such, I feel like moving to a more active action is probably worth it. 2022-06-03 00:04:51 +02:00			`- name: Set up Rust toolchain`
ci: pin and update some workflow actions (#1145) * ci: pin and update some workflow actions * also update setup-python * and rust-toolchain 2023-05-11 06:42:39 +02:00			`uses: dtolnay/rust-toolchain@b44cb146d03e8d870c57ab64b80f04586349ca5d`
github: Add cargo-audit cron job 2020-11-01 01:40:50 +01:00			`with:`
ci: update audit workflow (#685) Manually install the audit crate as part of the audit CI since it seems to be using too old of a version of Rust. 2022-02-28 01:52:09 +01:00			`toolchain: stable`

ci: add cache to audit job (#1175) * ci: add cache to audit job * always cache, and skip target * delete registry too 2023-05-27 06:59:16 +02:00			`- name: Enable Rust cache`
			`uses: Swatinem/rust-cache@988c164c3d0e93c4dbab36aaf5bbeb77425b2894 # 2.4.0`
			`with:`
			`cache-targets: false`
			`cache-all-crates: true`
			`cache-on-failure: true`

ci: update audit workflow (#685) Manually install the audit crate as part of the audit CI since it seems to be using too old of a version of Rust. 2022-02-28 01:52:09 +01:00			`- name: Install cargo-audit`
			`run: \|`
			`cargo install cargo-audit --locked`
ci: add cache to audit job (#1175) * ci: add cache to audit job * always cache, and skip target * delete registry too 2023-05-27 06:59:16 +02:00			`rm -rf ~/.cargo/registry \|\| echo "no registry to delete"`
ci: update audit workflow (#685) Manually install the audit crate as part of the audit CI since it seems to be using too old of a version of Rust. 2022-02-28 01:52:09 +01:00
ci: pin and update some workflow actions (#1145) * ci: pin and update some workflow actions * also update setup-python * and rust-toolchain 2023-05-11 06:42:39 +02:00			`- uses: rustsec/audit-check@dd51754d4e59da7395a4cd9b593f0ff2d61a9b95 # v1.4.1`
github: Add cargo-audit cron job 2020-11-01 01:40:50 +01:00			`with:`
			`token: ${{ secrets.GITHUB_TOKEN }}`