add audit job for auditing packages with vulnerabilities

LivacoNew · Sep 8, 2024 · b97c406 · b97c406
1 parent 9140b19
commit b97c406
Showing 1 changed file with 35 additions and 0 deletions.
diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
@@ -0,0 +1,35 @@
+name: Audit for vulnerabilities
+
+on:
+  push:
+    branches: ["master"]
+  pull_request:
+    branches: ["master"]
+
+jobs:
+  audit:
+    runs-on: ubuntu-latest
+    steps:
+      # Checkout
+      - uses: actions/checkout@v3
+        with:
+          repository: LivacoNew/CrabFetch
+          ref: master
+          path: CrabFetch
+
+      # Setup Rust & Cargo's Cache
+      - uses: dtolnay/rust-toolchain@stable
+      - uses: Swatinem/rust-cache@v2
+        with:
+          workspaces: CrabFetch
+
+      # Install cargo audit
+      - name: Install Cargo Audit
+        run: |
+          cargo install cargo-audit --locked
+    
+      # Run it
+      - name: cargo audit
+        run: |
+          cd CrabFetch
+          cargo audit