apalis-postgres/.github/workflows/rust-security.yml at f239668fdc2d489570512ea6f4242fc7d1f26610 · apalis-dev/apalis-postgres · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
name: Rust Security

on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]
  schedule:
    - cron: '0 3 * * 1'  # Run weekly on Monday at 3 AM UTC

env:
  CARGO_TERM_COLOR: always

jobs:
  cargo-deny:
    name: Cargo Deny
    runs-on: ubuntu-latest
    steps:
      - name: Checkout sources
        uses: actions/checkout@v4

      - name: Install Rust toolchain
        uses: dtolnay/rust-toolchain@stable

      - name: Install cargo-deny
        uses: taiki-e/install-action@cargo-deny

      - name: Run cargo deny
        run: cargo deny check

  supply-chain:
    name: Supply Chain Security
    runs-on: ubuntu-latest
    steps:
      - name: Checkout sources
        uses: actions/checkout@v4

      - name: Install Rust toolchain
        uses: dtolnay/rust-toolchain@stable

      - name: Install cargo-audit
        uses: taiki-e/install-action@cargo-audit

      - name: Audit dependencies
        run: cargo audit

      - name: Install cargo-outdated
        uses: taiki-e/install-action@cargo-outdated

      - name: Check for outdated dependencies
        run: cargo outdated --exit-code 1
        continue-on-error: true

  unused-deps:
    name: Unused Dependencies
    runs-on: ubuntu-latest
    steps:
      - name: Checkout sources
        uses: actions/checkout@v4

      - name: Install Rust nightly toolchain
        uses: dtolnay/rust-toolchain@nightly

      - name: Install cargo-udeps
        uses: taiki-e/install-action@cargo-udeps

      - name: Check for unused dependencies
        run: cargo +nightly udeps --all-targets --all-features