cloud-hypervisor/.github/workflows/audit.yaml

name: Cloud Hypervisor Dependency Audit
on:
  pull_request:
    paths: 
      - '**/Cargo.toml'
      - '**/Cargo.lock'

jobs:
  security_audit:
    name: Audit
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions-rust-lang/audit@v1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
build: Run cargo-audit from a GitHub action Signed-off-by: Rob Bradford <robert.bradford@intel.com> 2020-08-13 12:33:21 +00:00			`name: Cloud Hypervisor Dependency Audit`
			`on:`
			`pull_request:`
			`paths:`
			`- '**/Cargo.toml'`
			`- '**/Cargo.lock'`
build: Ensure all required checks run on merge_group And clean up some of the whitespace formatting so that the "name" and "on" are grouped away from the "jobs". Signed-off-by: Rob Bradford <rbradford@rivosinc.com> 2024-02-28 09:49:28 +00:00
build: Run cargo-audit from a GitHub action Signed-off-by: Rob Bradford <robert.bradford@intel.com> 2020-08-13 12:33:21 +00:00			`jobs:`
			`security_audit:`
			`name: Audit`
			`runs-on: ubuntu-latest`
			`steps:`
github: ci: Move to action/checkout v4 There is a mix of v2, v3 and v4 in the codebase. Let's move to v4 everywhere because v2 seems to be using a deprecated version of nodejs. This is throwing warnings when the Github action CI is running. Signed-off-by: Jinank Jain <jinankjain@microsoft.com> 2023-12-11 11:56:22 +00:00			`- uses: actions/checkout@v4`
build: replace actions-rs/audit-check with actions-rust-lang/audit actions-rs/audit-check is unmaintained, hence replace it with actions-rust-lang/audit See: #5929 Signed-off-by: Ruslan Mstoi <ruslan.mstoi@intel.com> 2024-03-12 15:50:56 +00:00			`- uses: actions-rust-lang/audit@v1`
build: Run cargo-audit from a GitHub action Signed-off-by: Rob Bradford <robert.bradford@intel.com> 2020-08-13 12:33:21 +00:00			`with:`
github: ci: Move to action/checkout v4 There is a mix of v2, v3 and v4 in the codebase. Let's move to v4 everywhere because v2 seems to be using a deprecated version of nodejs. This is throwing warnings when the Github action CI is running. Signed-off-by: Jinank Jain <jinankjain@microsoft.com> 2023-12-11 11:56:22 +00:00			`token: ${{ secrets.GITHUB_TOKEN }}`