name: Security audit
on:
push:
branches:
- main
paths:
- '**/Cargo.toml'
- '**/Cargo.lock'
schedule:
- cron: '0 0 * * *'
permissions:
contents: read
jobs:
security_audit:
runs-on: ubuntu-latest
permissions:
checks: write
contents: read
issues: write
steps:
- uses: actions/checkout@v4
- name: Generate Cargo.lock
run: cargo generate-lockfile
- name: Audit Check
uses: rustsec/audit-check@master
with:
token: ${{ secrets.GITHUB_TOKEN }}