Skip to content

Workflow file for this run

##
# This GitHub Action is using cargo-audit to perform an audit for crates with security vulnerabilities.
# https://github.com/rustsec/audit-check
##
name: Rustsec Cargo Audit
on:
workflow_dispatch:
push:
paths:
- "**/Cargo.toml"
- "**/Cargo.lock"
schedule:
- cron: "40 13 * * 0"
jobs:
security_audit:
runs-on: ${{ fromJson(github.repository_owner == 'autonomys' && '["self-hosted", "ubuntu-20.04-x86-64"]' || '"ubuntu-22.04"') }}
steps:
- uses: actions/checkout@v3
- uses: rustsec/audit-check@dd51754d4e59da7395a4cd9b593f0ff2d61a9b95 #v1.4.1
with:
token: ${{ secrets.GITHUB_TOKEN }}
# TODO: Remove once Substrate upgrades litep2p and we no longer have rustls 0.20.9 in our dependencies
ignore: RUSTSEC-2024-0336