name: Audit Rust dependencies CI
on:
    push:
        paths:
            - .github/workflows/cargo-audit.yml
            - '**/*.rs'
            - Cargo.lock
    # Check if requested manually from the Actions tab
    workflow_dispatch:
jobs:
    audit:
        runs-on: ubuntu-latest
        steps:
            - name: Checkout repository
              uses: actions/checkout@v2

            - name: Install cargo-audit
              uses: actions-rs/install@v0.1.2
              with:
                  crate: cargo-audit
                  version: latest

            - name: Audit
              # TEMP: Ignore the time/chrono segfault CVEs since there are no known
              # good workarounds, and we want logs etc to be in local time.
              run: cargo audit --ignore RUSTSEC-2020-0159 --ignore RUSTSEC-2020-0071