samanthanguyen.me
+16
-4
.github/workflows/audit.yml
+16
-4
.github/workflows/audit.yml
···
2
2
on:
3
3
pull_request:
4
4
paths:
5
-
- '.github/workflows/security-audit.yml'
5
+
- '.github/workflows/audit.yml'
6
6
- '**/Cargo.toml'
7
7
- '**/Cargo.lock'
8
8
push:
9
9
branches:
10
10
- main
11
11
paths:
12
-
- '.github/workflows/security-audit.yml'
12
+
- '.github/workflows/audit.yml'
13
13
- '**/Cargo.toml'
14
14
- '**/Cargo.lock'
15
15
schedule:
···
24
24
audit:
25
25
runs-on: ubuntu-latest
26
26
steps:
27
-
- uses: actions/checkout@v4
28
-
- uses: rustsec/audit-check@v2.0.0
27
+
- name: Checkout repository
28
+
uses: actions/checkout@v4
29
+
- name: Check if Cargo.lock file exists
30
+
run: |
31
+
if [ -f "Cargo.lock" ]; then
32
+
echo "cargo_lock_exists=true" >> $GITHUB_ENV
33
+
else
34
+
echo "cargo_lock_exists=false" >> $GITHUB_ENV
35
+
fi
36
+
- name: Generate Cargo.lock if file does not exist
37
+
if: env.cargo_lock_exists == 'false'
38
+
run: cargo generate-lockfile
39
+
- name: Run cargo-audit
40
+
uses: rustsec/audit-check@v2.0.0
29
41
with:
30
42
token: ${{ secrets.GITHUB_TOKEN }}
-4
.gitignore
-4
.gitignore
···
9
9
# Resources:
10
10
# - https://doc.rust-lang.org/cargo/faq.html#why-have-cargolock-in-version-control
11
11
# - https://blog.rust-lang.org/2023/08/29/committing-lockfiles.html
12
-
#
13
-
# NOTE: For reference, by default this file is **NOT** ignored, so that the tool
14
-
# `cargo-audit` can scan for security vulnerabilities.
15
-
#
16
12
# Cargo.lock
17
13
18
14
# These are backup files generated by rustfmt