name: Security Audit
on:
pull_request:
schedule:
- cron: "0 2 * * 1" # Weekly on Monday
workflow_dispatch:
permissions:
contents: read
jobs:
cargo-audit:
name: Cargo Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Setup vx
uses: loonghao/vx@main
with:
version: '0.8.0'
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Setup tools (vx)
run: vx setup
- name: Install cargo-audit
run: vx cargo install cargo-audit --locked
- name: Run cargo audit
run: vx just audit