name: Security Audit
on:
push:
branches: [ master ]
pull_request:
permissions: {}
env:
CARGO_TERM_COLOR: always
jobs:
audit:
name: Audit Dependencies
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with:
persist-credentials: false
- name: Install cargo-audit
run: cargo install cargo-audit --locked
- name: Check for audit warnings
run: cargo audit -D warnings
continue-on-error: true
- name: Check for vulnerabilities
run: cargo audit