audit #4007
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: audit | |
# This is a separate file so it can have a separate badge in readme | |
# and therefore spread awareness of cargo audit a tiny bit. | |
on: | |
push: | |
branches: [master] | |
pull_request: | |
branches: [master] | |
schedule: | |
# Runs at 15:00 UTC on Fri | |
- cron: "0 15 * * 5" | |
workflow_dispatch: | |
# This allows running it on any branch manually: | |
# https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow | |
env: | |
CARGO_TERM_COLOR: always | |
jobs: | |
audit: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
# Actions-rs/install is unmaintained but works for now. | |
# Alternatives for when it breaks: | |
# - dtolnay/install - not a full replacement - only supports crates he uses (not audit currently) | |
# - baptiste0928/cargo-install - looks like it just compiles the crate and then caches it for subsequent runs | |
# - just `cargo install` and caching it | |
- uses: actions-rs/[email protected] | |
with: | |
crate: cargo-audit | |
version: latest | |
- run: cargo audit --version | |
# RUSTSEC-2020-0097: xcb - Soundness issue with base::Error | |
# RUSTSEC-2022-0048: xml-rs is Unmaintained | |
# For more info: https://github.com/FyroxEngine/Fyrox/issues/208 | |
- run: cargo audit --deny warnings --ignore RUSTSEC-2020-0097 --ignore RUSTSEC-2022-0048 --ignore RUSTSEC-2021-0140 |