From 7639e8b4067ea7f3f5603b353cb307b3708580c9 Mon Sep 17 00:00:00 2001 From: Martin Nordholts Date: Sun, 14 May 2023 16:50:15 +0200 Subject: [PATCH] CICD.yml: Run cargo audit This CI check will fail if there are crates with known security vulnerabilities in Cargo.lock. It will not fail because of warnings. We currently have two warnings. Note that cargo-audit is installed by default on GitHub's Ubuntu runners. --- .github/workflows/CICD.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/CICD.yml b/.github/workflows/CICD.yml index d1e289c3..f43fd047 100644 --- a/.github/workflows/CICD.yml +++ b/.github/workflows/CICD.yml @@ -131,6 +131,13 @@ jobs: - name: Show man page run: man $(find . -name bat.1) + cargo-audit: + name: cargo audit + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - run: cargo audit + build: name: ${{ matrix.job.target }} (${{ matrix.job.os }}) runs-on: ${{ matrix.job.os }}