Skip to content
Security and Dependencies

Security and Dependencies #52

Sign in to view logs

Security and Dependencies

Security and Dependencies #52

Workflow file for this run

.github/workflows/security.yml at a785449
name: Security and Dependencies
on:
schedule:
# Run security audit daily at 02:00 UTC
- cron: '0 2 * * *'
push:
branches: [ main ]
paths:
- '**/Cargo.toml'
- '**/Cargo.lock'
pull_request:
paths:
- '**/Cargo.toml'
- '**/Cargo.lock'
env:
CARGO_TERM_COLOR: always
jobs:
security-audit:
name: Security Audit
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
- name: Install cargo-audit
uses: taiki-e/install-action@cargo-audit
- name: Run cargo audit
run: cargo audit
- name: Run cargo audit (JSON output)
run: cargo audit --json > audit-results.json
continue-on-error: true
- name: Upload audit results
uses: actions/upload-artifact@v4
if: always()
with:
name: security-audit-results
path: audit-results.json
dependency-review:
name: Dependency Review
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Dependency Review
uses: actions/dependency-review-action@v3
license-check:
name: License Check
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
- name: Install cargo-license
uses: taiki-e/install-action@cargo-license
- name: Check licenses
run: |
echo "## License Report" > license-report.md
echo "" >> license-report.md
cargo license --json | jq -r '.[] | "- **\(.name)** (\(.version)): \(.license // "Unknown")"' >> license-report.md
cat license-report.md
- name: Upload license report
uses: actions/upload-artifact@v4
with:
name: license-report
path: license-report.md