mirror of
https://github.com/rust-lang/cargo
synced 2024-10-31 07:46:57 +00:00
f08bcd9b12
We skip failure for advisories on the step, rather than the job, to not distract contributors in thinking they broke something as that bubbles up into the PR job summary.
30 lines
624 B
YAML
30 lines
624 B
YAML
name: Security audit
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
on:
|
|
pull_request:
|
|
paths:
|
|
- '**/Cargo.toml'
|
|
- '**/Cargo.lock'
|
|
push:
|
|
branches:
|
|
- master
|
|
|
|
jobs:
|
|
cargo_deny:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
matrix:
|
|
checks:
|
|
- advisories
|
|
- bans licenses sources
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- uses: EmbarkStudios/cargo-deny-action@v1
|
|
# Prevent sudden announcement of a new advisory from failing ci:
|
|
continue-on-error: ${{ matrix.checks == 'advisories' }}
|
|
with:
|
|
command: check ${{ matrix.checks }}
|
|
rust-version: stable
|