summaryrefslogtreecommitdiffhomepage
path: root/.github/workflows
diff options
context:
space:
mode:
Diffstat (limited to '.github/workflows')
-rw-r--r--.github/workflows/cargo-audit.yml34
1 files changed, 12 insertions, 22 deletions
diff --git a/.github/workflows/cargo-audit.yml b/.github/workflows/cargo-audit.yml
index 75e6126ae4..4f5c87b660 100644
--- a/.github/workflows/cargo-audit.yml
+++ b/.github/workflows/cargo-audit.yml
@@ -16,30 +16,20 @@ on:
jobs:
audit:
runs-on: ubuntu-latest
+ permissions:
+ issues: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- - name: Install Protoc
- uses: arduino/setup-protoc@v1
+ - uses: actions-rust-lang/audit@v1
+ name: Audit Rust Dependencies
with:
- repo-token: ${{ secrets.GITHUB_TOKEN }}
-
- - name: Install cargo-audit
- uses: actions-rs/install@v0.1.2
- with:
- crate: cargo-audit
- version: latest
-
- - name: Audit
- # RUSTSEC-2020-0071: Ignore the time segfault CVE since there are no known
- # good workarounds, and we want logs etc to be in local time.
- #
- # RUSTSEC-2021-0145: The vulnerability affects custom global allocators,
- # so it should be safe to ignore it. Stop ignoring the warning once
- # atty has been replaced in clap (when we upgrade to clap 4):
- # https://github.com/clap-rs/clap/pull/4249
- run: |
- cargo audit --deny warnings \
- --ignore RUSTSEC-2020-0071 \
- --ignore RUSTSEC-2021-0145
+ denyWarnings: true
+ # RUSTSEC-2020-0071: Ignore the time segfault CVE since there are no known
+ # good workarounds, and we want logs etc to be in local time.
+ #
+ # RUSTSEC-2021-0145: The vulnerability affects custom global allocators,
+ # so it should be safe to ignore it. Stop ignoring the warning once
+ # atty has been removed from our dependency tree.
+ ignore: RUSTSEC-2020-0071,RUSTSEC-2021-0145