Run cargo audit
in CI (#3123)
This commit is contained in:
parent
fad759c813
commit
c683ee42fb
2 changed files with 27 additions and 0 deletions
7
.cargo/audit.toml
Normal file
7
.cargo/audit.toml
Normal file
|
@ -0,0 +1,7 @@
|
|||
[advisories]
|
||||
ignore = [
|
||||
# Will be resolved once "surrealdb-jsonwebtoken", a temporary fork
|
||||
# of "jsonwebtoken", is replaced by the upstream version which no
|
||||
# longer uses the affected "rsa" crate.
|
||||
"RUSTSEC-2023-0071"
|
||||
]
|
20
.github/workflows/ci.yml
vendored
20
.github/workflows/ci.yml
vendored
|
@ -79,6 +79,26 @@ jobs:
|
|||
- name: Check workspace
|
||||
run: cargo make ci-check
|
||||
|
||||
check-dependencies:
|
||||
name: Check dependencies
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
|
||||
- name: Install stable toolchain
|
||||
uses: dtolnay/rust-toolchain@stable
|
||||
with:
|
||||
toolchain: 1.71.1
|
||||
components: rustfmt
|
||||
|
||||
- name: Checkout sources
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install cargo-audit
|
||||
run: cargo install --debug --locked cargo-audit
|
||||
|
||||
- name: Check dependencies
|
||||
run: cargo audit
|
||||
|
||||
check-wasm:
|
||||
name: Check Wasm
|
||||
runs-on: ubuntu-latest
|
||||
|
|
Loading…
Reference in a new issue