mirror of
https://github.com/tokio-rs/tokio.git
synced 2025-09-28 12:10:37 +00:00
519afd4458
- Use dtolnay/rust-toolchain instead of actions-rs/toolchain - Use cargo/cross directly instead of actions-rs/cargo - Use rustsec/audit-check instead of actions-rs/audit-check
29 lines
529 B
YAML
29 lines
529 B
YAML
name: Pull Request Security Audit
|
|
|
|
on:
|
|
push:
|
|
paths:
|
|
- '**/Cargo.toml'
|
|
pull_request:
|
|
paths:
|
|
- '**/Cargo.toml'
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
security-audit:
|
|
runs-on: ubuntu-latest
|
|
if: "!contains(github.event.head_commit.message, 'ci skip')"
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Install cargo-audit
|
|
run: cargo install cargo-audit
|
|
|
|
- name: Generate lockfile
|
|
run: cargo generate-lockfile
|
|
|
|
- name: Audit dependencies
|
|
run: cargo audit
|