name: Security Audit
on:
schedule:
- cron: '0 0 * * *'
pull_request:
branches: [main]
push:
branches: [main]
workflow_dispatch:
env:
CARGO_TERM_COLOR: always
jobs:
audit:
name: Cargo Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Checkout ant-quic
uses: actions/checkout@v4
with:
repository: saorsa-labs/ant-quic
path: .deps/ant-quic
- name: Checkout saorsa-gossip
uses: actions/checkout@v4
with:
repository: saorsa-labs/saorsa-gossip
path: .deps/saorsa-gossip
- name: Setup dependency symlinks
run: |
ln -s "$(pwd)/.deps/ant-quic" ../ant-quic
ln -s "$(pwd)/.deps/saorsa-gossip" ../saorsa-gossip
- name: Install Rust stable
uses: dtolnay/rust-toolchain@stable
- name: Install cargo-audit
run: cargo install cargo-audit --locked
- name: Run cargo audit
run: cargo audit
panic-check:
name: Panic Scanner
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Make script executable
run: chmod +x scripts/check-panics.sh
- name: Run panic scanner
run: ./scripts/check-panics.sh