From 2cffafd2f48092dc65281fb5c514d58ce4cf1566 Mon Sep 17 00:00:00 2001 From: Romain Ruetschi Date: Fri, 6 Mar 2020 11:35:24 +0100 Subject: [PATCH 1/2] Run cargo-audit daily and when dependencies have changed See https://github.com/interchainio/tendermint-rs/pull/144#issuecomment-595322485 --- .github/workflows/audit.yaml | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/.github/workflows/audit.yaml b/.github/workflows/audit.yaml index 53d1675693..dd202c8434 100644 --- a/.github/workflows/audit.yaml +++ b/.github/workflows/audit.yaml @@ -1,11 +1,25 @@ -name: Audit Check -on: [pull_request] +name: Security Audit +on: + pull_request: + paths: Cargo.lock + push: + branches: develop + paths: Cargo.lock + schedule: + - cron: '0 0 * * *' jobs: security_audit: + name: Security Audit runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v1 + - name: Cache cargo bin + uses: actions/cache@v1 + with: + path: ~/.cargo/bin + key: ${{ runner.os }}-cargo-audit-v0.11.2 - uses: actions-rs/audit-check@v1 with: + args: --ignore RUSTSEC-2019-0031 token: ${{ secrets.GITHUB_TOKEN }} From 6c7efdfb2cf6d493ee9c63c67e7cfdc60467ef98 Mon Sep 17 00:00:00 2001 From: Romain Ruetschi Date: Fri, 6 Mar 2020 14:16:34 +0100 Subject: [PATCH 2/2] Change actions/checkout back to v2 --- .github/workflows/audit.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/audit.yaml b/.github/workflows/audit.yaml index dd202c8434..e82002aa2d 100644 --- a/.github/workflows/audit.yaml +++ b/.github/workflows/audit.yaml @@ -13,7 +13,7 @@ jobs: name: Security Audit runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v2 - name: Cache cargo bin uses: actions/cache@v1 with: