File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ name : Cargo Security Audit
2+
3+ on :
4+ push :
5+ branches : [main, develop]
6+ paths :
7+ - " **/Cargo.toml"
8+ - " **/Cargo.lock"
9+ - " .github/workflows/cargo-security-audit.yml"
10+
11+ pull_request :
12+ paths :
13+ - " **/Cargo.toml"
14+ - " **/Cargo.lock"
15+ - " .github/workflows/cargo-security-audit.yml"
16+
17+ # Scheduled scans are important because new RustSec advisories can appear
18+ # even when the codebase and lockfile do not change.
19+ schedule :
20+ - cron : " 0 6 * * *" # Daily at 6 AM UTC
21+
22+ workflow_dispatch :
23+
24+ jobs :
25+ cargo-audit :
26+ name : Audit Rust Dependencies
27+ runs-on : ubuntu-latest
28+ timeout-minutes : 10
29+
30+ # cspell:ignore rustsec
31+ # rustsec/audit-check can create issues and checks on scheduled runs.
32+ permissions :
33+ contents : read
34+ checks : write
35+ issues : write
36+
37+ steps :
38+ - name : Checkout code
39+ uses : actions/checkout@v5
40+
41+ - name : Run cargo audit via RustSec action
42+ uses : rustsec/audit-check@v2.0.0
43+ with :
44+ token : ${{ secrets.GITHUB_TOKEN }}
Original file line number Diff line number Diff line change 1- [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/linting.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/testing.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/test-dependency-installer.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/test-e2e-infrastructure.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/test-e2e-deployment.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/test-sdk-examples.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/test-lxd-provision.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/coverage.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/container.yaml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/backup-container.yaml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/docker-security-scan.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/code-statistics.yml)
1+ [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/linting.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/testing.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/test-dependency-installer.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/test-e2e-infrastructure.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/test-e2e-deployment.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/test-sdk-examples.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/test-lxd-provision.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/coverage.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/container.yaml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/backup-container.yaml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/docker-security-scan.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/cargo-security-audit.yml) [](https://github.com/torrust/torrust-tracker-deployer/actions/workflows/code-statistics.yml)
22
33[ ![ Open in GitHub Codespaces] ( https://github.com/codespaces/badge.svg )] ( https://codespaces.new/torrust/torrust-tracker-deployer?quickstart=1 )
44
You can’t perform that action at this time.
0 commit comments