name: "Audit Dependencies"
on:
push:
paths:
- '.github/workflows/audit.yml'
- '**/Cargo.toml'
- '**/Cargo.lock'
- '**/audit.toml'
# Rerun periodicly to pick up new advisories
schedule:
- cron: '0 0 * * *'
# Run manually
workflow_dispatch:
jobs:
audit:
runs-on: ubuntu-latest
permissions:
contents: read
issues: write
steps:
- uses: actions/checkout@v4
- uses: actions-rust-lang/audit@v1
name: Audit Rust Dependencies
with:
file: Cargo.lock