Skip to content

Merge pull request #3185 from autonomys/v3-lock-file #981

Merge pull request #3185 from autonomys/v3-lock-file

Merge pull request #3185 from autonomys/v3-lock-file #981

Workflow file for this run

##
# This GitHub Action is using cargo-audit to perform an audit for crates with security vulnerabilities.
# https://github.com/rustsec/audit-check
##
name: Rustsec Cargo Audit
on:
workflow_dispatch:
push:
paths:
- "**/Cargo.toml"
- "**/Cargo.lock"
schedule:
- cron: "40 13 * * 0"
jobs:
security_audit:
runs-on: ${{ fromJson(github.repository_owner == 'autonomys' && '["self-hosted", "ubuntu-22.04-x86-64"]' || '"ubuntu-22.04"') }}
steps:
- uses: actions/checkout@v3
- uses: rustsec/audit-check@69366f33c96575abad1ee0dba8212993eecbe998 #v2.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
# TODO: Remove once Substrate upgrades litep2p and we no longer have rustls 0.20.9 in our dependencies
ignore: RUSTSEC-2024-0336