From b7eaf7a43e0fc9d899da548aa3c22fb1519329d5 Mon Sep 17 00:00:00 2001 From: Max Inden Date: Wed, 12 Jan 2022 19:18:00 +0100 Subject: [PATCH 1/5] .github/workflows: Add cargo audit Run cargo audit on each push and on a daily schedule. --- .github/workflows/cargo-audit.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 .github/workflows/cargo-audit.yml diff --git a/.github/workflows/cargo-audit.yml b/.github/workflows/cargo-audit.yml new file mode 100644 index 00000000000..362aff1f1eb --- /dev/null +++ b/.github/workflows/cargo-audit.yml @@ -0,0 +1,16 @@ +name: cargo audit +on: + schedule: + - cron: '0 0 * * *' + push: + paths: + - '**/Cargo.toml' + - '**/Cargo.lock' +jobs: + audit: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v1 + - uses: actions-rs/audit-check@v1 + with: + token: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file From af9c1a89bb2d3ba88ffc458d356b9e648292db5e Mon Sep 17 00:00:00 2001 From: Max Inden Date: Wed, 12 Jan 2022 19:22:38 +0100 Subject: [PATCH 2/5] .github/workflows/cargo-audit.yml: Align --- .github/workflows/cargo-audit.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cargo-audit.yml b/.github/workflows/cargo-audit.yml index 362aff1f1eb..c307d9ee0cc 100644 --- a/.github/workflows/cargo-audit.yml +++ b/.github/workflows/cargo-audit.yml @@ -10,7 +10,7 @@ jobs: audit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 - - uses: actions-rs/audit-check@v1 + - uses: actions/checkout@v2.4.0 + - uses: actions-rs/audit-check@v1 with: token: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file From ddc74b6ddd6c61b102708933f67da25e223902b8 Mon Sep 17 00:00:00 2001 From: Max Inden Date: Wed, 12 Jan 2022 19:26:22 +0100 Subject: [PATCH 3/5] .github/workflows/cargo-audit.yml: Execute on pull request --- .github/workflows/cargo-audit.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/cargo-audit.yml b/.github/workflows/cargo-audit.yml index c307d9ee0cc..fd07d49b690 100644 --- a/.github/workflows/cargo-audit.yml +++ b/.github/workflows/cargo-audit.yml @@ -6,6 +6,10 @@ on: paths: - '**/Cargo.toml' - '**/Cargo.lock' + pull_request: + paths: + - '**/Cargo.toml' + - '**/Cargo.lock' jobs: audit: runs-on: ubuntu-latest @@ -13,4 +17,4 @@ jobs: - uses: actions/checkout@v2.4.0 - uses: actions-rs/audit-check@v1 with: - token: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file + token: ${{ secrets.GITHUB_TOKEN }} From ff5f3f4a96e9b677b0578d0193f738fc3aee77be Mon Sep 17 00:00:00 2001 From: Max Inden Date: Wed, 12 Jan 2022 19:30:21 +0100 Subject: [PATCH 4/5] .github/workflows/cargo-audit.yml: Test without path --- .github/workflows/cargo-audit.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/cargo-audit.yml b/.github/workflows/cargo-audit.yml index fd07d49b690..042b2e66ef0 100644 --- a/.github/workflows/cargo-audit.yml +++ b/.github/workflows/cargo-audit.yml @@ -7,9 +7,6 @@ on: - '**/Cargo.toml' - '**/Cargo.lock' pull_request: - paths: - - '**/Cargo.toml' - - '**/Cargo.lock' jobs: audit: runs-on: ubuntu-latest From 91d3fbc44141183a8d02248e318c0c27f41fc314 Mon Sep 17 00:00:00 2001 From: Max Inden Date: Fri, 18 Mar 2022 17:20:59 +0100 Subject: [PATCH 5/5] Revert ".github/workflows/cargo-audit.yml: Test without path" This reverts commit ff5f3f4a96e9b677b0578d0193f738fc3aee77be. --- .github/workflows/cargo-audit.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/cargo-audit.yml b/.github/workflows/cargo-audit.yml index 042b2e66ef0..fd07d49b690 100644 --- a/.github/workflows/cargo-audit.yml +++ b/.github/workflows/cargo-audit.yml @@ -7,6 +7,9 @@ on: - '**/Cargo.toml' - '**/Cargo.lock' pull_request: + paths: + - '**/Cargo.toml' + - '**/Cargo.lock' jobs: audit: runs-on: ubuntu-latest