git.bitcoin.ninja Git - rust-lightning/blob - .github/workflows/audit.yml

   1 name: Security Audit
   2 on:
   3   workflow_dispatch:
   4   schedule:
   5     - cron: '0 0 * * *'
   6
   7 jobs:
   8   audit:
   9     runs-on: ubuntu-latest
  10     permissions:
  11       issues: write
  12       checks: write
  13     steps:
  14       - uses: actions/checkout@v3
  15       - uses: rustsec/audit-check@v1.4.1
  16         with:
  17           token: ${{ secrets.GITHUB_TOKEN }}
  18           ignore: "RUSTSEC-2021-0145"
  19               # RUSTSEC-2021-0145 pertains `atty`, which is a depencency of
  20               # `criterion`. While the latter removed the depencency in its
  21               # newest version, it would also require a higher `rustc`. We
  22               # therefore avoid bumping it to allow benchmarking with our
  23               # `rustc` 1.63 MSRV.