mirror of
https://github.com/tokio-rs/tracing.git
synced 2026-03-19 14:14:08 +00:00
65093b38a5
Older versions use node 12 which is no longer supported (end-of-life on April 30, 2022). Also, @main/@master is not very good as they may run into unreleased breaking changes.
36 lines
1.2 KiB
YAML
36 lines
1.2 KiB
YAML
name: Security audit
|
|
|
|
on:
|
|
schedule:
|
|
- cron: '0 0 * * *'
|
|
|
|
env:
|
|
# Disable incremental compilation.
|
|
#
|
|
# Incremental compilation is useful as part of an edit-build-test-edit cycle,
|
|
# as it lets the compiler avoid recompiling code that hasn't changed. However,
|
|
# on CI, we're not making small edits; we're almost always building the entire
|
|
# project from scratch. Thus, incremental compilation on CI actually
|
|
# introduces *additional* overhead to support making future builds
|
|
# faster...but no future builds will ever occur in any given CI environment.
|
|
#
|
|
# See https://matklad.github.io/2021/09/04/fast-rust-builds.html#ci-workflow
|
|
# for details.
|
|
CARGO_INCREMENTAL: 0
|
|
# Allow more retries for network requests in cargo (downloading crates) and
|
|
# rustup (installing toolchains). This should help to reduce flaky CI failures
|
|
# from transient network timeouts or other issues.
|
|
CARGO_NET_RETRY: 10
|
|
RUSTUP_MAX_RETRIES: 10
|
|
# Don't emit giant backtraces in the CI logs.
|
|
RUST_BACKTRACE: short
|
|
|
|
jobs:
|
|
security_audit:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- uses: actions-rs/audit-check@v1
|
|
with:
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|