Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: add a scheduled audit workflow #3092

Merged
merged 1 commit into from
Oct 20, 2021

Conversation

yangby-cryptape
Copy link
Collaborator

What problem does this PR solve?

At present, CKB only checks security vulnerabilities when some one submits a pull request.

If no one submit a pull request, we couldn't know whether CKB has security vulnerabilities or not.

This PR add a scheduled audit workflow to check security vulnerabilities daily.
So we could know any security vulnerability in 24 hours after it became public.

Ref: https://github.com/actions-rs/audit-check#scheduled-audit

Check List

Tests

  • No code (skip ci)

Release note

None: Exclude this PR from the release note.

@yangby-cryptape yangby-cryptape added the t:ci Type: CI label Oct 13, 2021
@yangby-cryptape yangby-cryptape requested a review from a team as a code owner October 13, 2021 09:31
@yangby-cryptape
Copy link
Collaborator Author

Due to this bug: actions-rs/audit-check#163

Close temporarily, until the fix that.

@liya2017 liya2017 self-requested a review October 14, 2021 08:06
@doitian
Copy link
Member

doitian commented Oct 19, 2021

bors r=quake,liya2017

@yangby-cryptape
Copy link
Collaborator Author

bors retry

@bors bors bot merged commit a61d6f1 into nervosnetwork:develop Oct 20, 2021
@yangby-cryptape yangby-cryptape deleted the pr/scheduled-audit branch October 20, 2021 01:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
t:ci Type: CI
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants