Skip to content

Audit Rust dependencies #207

Audit Rust dependencies

Audit Rust dependencies #207

Workflow file for this run

name: Audit Rust dependencies
on:
pull_request:
paths:
- .github/workflows/*.yml
- Cargo.toml
- Cargo.lock
schedule:
# At 06:20 UTC every day. Will create an issue if a CVE is found.
- cron: '20 6 * * *'
workflow_dispatch:
jobs:
audit:
runs-on: ubuntu-latest
permissions:
issues: write
steps:
- uses: actions/checkout@v4
# We don't need to check CVEs against the checked in lockfile,
# but only against the newest compatible dependencies.
- name: Upgrade all dependencies
run: cargo update
- uses: actions-rust-lang/[email protected]
name: Audit Rust Dependencies
with:
denyWarnings: true
# RUSTSEC-2021-0127 - serde_cbor is unmaintained. Can be removed once we upgrade criterion
# RUSTSEC-2021-0145 - atty is unsound. Can be removed once we upgrade criterion
ignore: RUSTSEC-2021-0127,RUSTSEC-2021-0145