]> git.bitcoin.ninja Git - rust-lightning/blob - .github/workflows/audit.yml
Merge pull request #3054 from TheBlueMatt/2024-04-fuzz-bolt11
[rust-lightning] / .github / workflows / audit.yml
1 name: Security Audit
2 on:
3   workflow_dispatch:
4   schedule:
5     - cron: '0 0 * * *'
6
7 jobs:
8   audit:
9     runs-on: ubuntu-latest
10     permissions:
11       issues: write
12       checks: write
13     steps:
14       - uses: actions/checkout@v3
15       - uses: rustsec/audit-check@v1.4.1
16         with:
17           token: ${{ secrets.GITHUB_TOKEN }}
18           ignore: "RUSTSEC-2021-0145"
19               # RUSTSEC-2021-0145 pertains `atty`, which is a depencency of
20               # `criterion`. While the latter removed the depencency in its
21               # newest version, it would also require a higher `rustc`. We
22               # therefore avoid bumping it to allow benchmarking with our
23               # `rustc` 1.63 MSRV.