---
name: Security Audit
on:
workflow_call:
schedule:
- cron: '0 0 * * *'
push:
branches:
- main
- master
pull_request:
jobs:
security-audit:
name: Security Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Cache cargo-audit
uses: actions/cache@v5
with:
path: ~/.cargo/bin/cargo-audit
key: ${{ runner.os }}-cargo-audit
- name: Install cargo-audit
run: |
if ! command -v cargo-audit &> /dev/null; then
cargo install cargo-audit --locked
fi
- name: Run cargo audit
run: cargo audit
cargo-deny:
name: Cargo Deny
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Cargo Deny
uses: EmbarkStudios/cargo-deny-action@v2
with:
log-level: warn
command: check
arguments: --all-features