Skip to content

Commit 32a8e6d

Browse files
AlexMikhalevclaude
andauthored
ci: use pre-built cargo-audit binary instead of compiling from source (#736)
The Security Audit job had a 2-minute timeout but cargo-audit requires compiling ~400 crates from source when not cached on the runner. This caused consistent failures on runners without a warm cargo cache (e.g. runner-4). Download the pre-built binary from GitHub releases instead, which completes in seconds. Co-authored-by: Terraphim AI <noreply@anthropic.com>
1 parent a330ed4 commit 32a8e6d

1 file changed

Lines changed: 7 additions & 1 deletion

File tree

.github/workflows/ci-pr.yml

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -463,7 +463,13 @@ jobs:
463463
uses: dtolnay/rust-toolchain@stable
464464

465465
- name: Install cargo-audit
466-
run: which cargo-audit || cargo install cargo-audit --no-default-features
466+
run: |
467+
if ! which cargo-audit 2>/dev/null; then
468+
AUDIT_VERSION="0.22.1"
469+
curl -sSL "https://github.com/rustsec/rustsec/releases/download/cargo-audit/v${AUDIT_VERSION}/cargo-audit-x86_64-unknown-linux-gnu-v${AUDIT_VERSION}.tgz" \
470+
| tar xz --strip-components=1 -C "${CARGO_HOME:-$HOME/.cargo}/bin/" --wildcards '*/cargo-audit'
471+
fi
472+
cargo-audit --version
467473
468474
- name: Run security audit
469475
run: |

0 commit comments

Comments
 (0)