starship/.github/workflows/security-audit.yml

30 lines
675 B
YAML

name: Security audit
on:
pull_request:
paths:
- "**/Cargo.toml"
- "**/Cargo.lock"
push:
paths:
- "**/Cargo.toml"
- "**/Cargo.lock"
jobs:
security_audit:
runs-on: ubuntu-latest
strategy:
matrix:
checks:
- advisories
- bans licenses sources
# Prevent sudden announcement of a new advisory from failing ci:
continue-on-error: ${{ matrix.checks == 'advisories' }}
steps:
- name: Setup | Checkout
uses: actions/checkout@v3
- name: Test | Security Audit
uses: EmbarkStudios/cargo-deny-action@v1.5.0
with:
command: check ${{ matrix.checks }}