starship/.github/workflows/security-audit.yml

name: Security audit
on:
  pull_request:
    paths:
      - "**/Cargo.toml"
      - "**/Cargo.lock"
  push:
    paths:
      - "**/Cargo.toml"
      - "**/Cargo.lock"
  schedule:
    - cron: "0 0 * * *"
jobs:
  security_audit:
    if: (github.event_name == 'schedule' && github.repository == 'starship/starship') || (github.event_name != 'schedule')
    runs-on: ubuntu-latest
    steps:
      - name: Setup | Checkout
        uses: actions/checkout@v2.4.0
      - name: Setup | Rust
        uses: actions-rs/toolchain@v1.0.7
        with:
          toolchain: stable
          override: true
          profile: minimal
      - name: Test | Security Audit
        uses: actions-rs/audit-check@v1.2.0
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
ci: refactor GitHub Actions workflow file (#1249) * Clean up the workflow file This removes the trailing whitespace from the workflow, removes an unused step and fixes up some yaml formatting. * Make the caching more aggressive This makes the caching more aggressive by allowing for partial restoration of the cached data and use the cache for more jobs. * Run all the tests in parallel Have stopped the testsuites from requiring the compile checks, Github Actions doesn't mind that we are running multiple tests in parallel and this does over a bit of a speed up. * Separate Security Audit into a separate workflow Have moved the Cargo Audit check into it's own workflow and switched it to use the `actions-rs/audit-check` to simplify the setup. Have also added in a daily security scan. 2020-05-25 02:45:47 +02:00			`name: Security audit`
			`on:`
Fix security audit github action (#1256) This fixes the Security Audit github workflow by consolidating the two separte yaml documents that Github Actions didn't like into a single workflow with multiple triggers. I also added a trigger for PRs as well as pushes. 2020-05-25 16:04:26 +02:00			`pull_request:`
			`paths:`
chore: upgrade to edition 2021 (#3171) 2021-10-25 19:39:09 +02:00			`- "**/Cargo.toml"`
			`- "**/Cargo.lock"`
ci: refactor GitHub Actions workflow file (#1249) * Clean up the workflow file This removes the trailing whitespace from the workflow, removes an unused step and fixes up some yaml formatting. * Make the caching more aggressive This makes the caching more aggressive by allowing for partial restoration of the cached data and use the cache for more jobs. * Run all the tests in parallel Have stopped the testsuites from requiring the compile checks, Github Actions doesn't mind that we are running multiple tests in parallel and this does over a bit of a speed up. * Separate Security Audit into a separate workflow Have moved the Cargo Audit check into it's own workflow and switched it to use the `actions-rs/audit-check` to simplify the setup. Have also added in a daily security scan. 2020-05-25 02:45:47 +02:00			`push:`
			`paths:`
chore: upgrade to edition 2021 (#3171) 2021-10-25 19:39:09 +02:00			`- "**/Cargo.toml"`
			`- "**/Cargo.lock"`
ci: refactor GitHub Actions workflow file (#1249) * Clean up the workflow file This removes the trailing whitespace from the workflow, removes an unused step and fixes up some yaml formatting. * Make the caching more aggressive This makes the caching more aggressive by allowing for partial restoration of the cached data and use the cache for more jobs. * Run all the tests in parallel Have stopped the testsuites from requiring the compile checks, Github Actions doesn't mind that we are running multiple tests in parallel and this does over a bit of a speed up. * Separate Security Audit into a separate workflow Have moved the Cargo Audit check into it's own workflow and switched it to use the `actions-rs/audit-check` to simplify the setup. Have also added in a daily security scan. 2020-05-25 02:45:47 +02:00			`schedule:`
chore: upgrade to edition 2021 (#3171) 2021-10-25 19:39:09 +02:00			`- cron: "0 0 * * *"`
ci: refactor GitHub Actions workflow file (#1249) * Clean up the workflow file This removes the trailing whitespace from the workflow, removes an unused step and fixes up some yaml formatting. * Make the caching more aggressive This makes the caching more aggressive by allowing for partial restoration of the cached data and use the cache for more jobs. * Run all the tests in parallel Have stopped the testsuites from requiring the compile checks, Github Actions doesn't mind that we are running multiple tests in parallel and this does over a bit of a speed up. * Separate Security Audit into a separate workflow Have moved the Cargo Audit check into it's own workflow and switched it to use the `actions-rs/audit-check` to simplify the setup. Have also added in a daily security scan. 2020-05-25 02:45:47 +02:00			`jobs:`
			`security_audit:`
ci: disable the security-audit cron on non-canonical forks (#3027) Co-authored-by: Chris Rose <offline@offby1.net> 2021-09-01 19:47:07 +02:00			`if: (github.event_name == 'schedule' && github.repository == 'starship/starship') \|\| (github.event_name != 'schedule')`
ci: refactor GitHub Actions workflow file (#1249) * Clean up the workflow file This removes the trailing whitespace from the workflow, removes an unused step and fixes up some yaml formatting. * Make the caching more aggressive This makes the caching more aggressive by allowing for partial restoration of the cached data and use the cache for more jobs. * Run all the tests in parallel Have stopped the testsuites from requiring the compile checks, Github Actions doesn't mind that we are running multiple tests in parallel and this does over a bit of a speed up. * Separate Security Audit into a separate workflow Have moved the Cargo Audit check into it's own workflow and switched it to use the `actions-rs/audit-check` to simplify the setup. Have also added in a daily security scan. 2020-05-25 02:45:47 +02:00			`runs-on: ubuntu-latest`
			`steps:`
chore: upgrade to edition 2021 (#3171) 2021-10-25 19:39:09 +02:00			`- name: Setup \| Checkout`
build: bump actions/checkout from 2.3.5 to 2.4.0 (#3201) Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.5 to 2.4.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2.3.5...v2.4.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 2021-11-03 08:05:25 +01:00			`uses: actions/checkout@v2.4.0`
chore: upgrade to edition 2021 (#3171) 2021-10-25 19:39:09 +02:00			`- name: Setup \| Rust`
			`uses: actions-rs/toolchain@v1.0.7`
			`with:`
			`toolchain: stable`
			`override: true`
			`profile: minimal`
			`- name: Test \| Security Audit`
			`uses: actions-rs/audit-check@v1.2.0`
ci: refactor GitHub Actions workflow file (#1249) * Clean up the workflow file This removes the trailing whitespace from the workflow, removes an unused step and fixes up some yaml formatting. * Make the caching more aggressive This makes the caching more aggressive by allowing for partial restoration of the cached data and use the cache for more jobs. * Run all the tests in parallel Have stopped the testsuites from requiring the compile checks, Github Actions doesn't mind that we are running multiple tests in parallel and this does over a bit of a speed up. * Separate Security Audit into a separate workflow Have moved the Cargo Audit check into it's own workflow and switched it to use the `actions-rs/audit-check` to simplify the setup. Have also added in a daily security scan. 2020-05-25 02:45:47 +02:00			`with:`
			`token: ${{ secrets.GITHUB_TOKEN }}`