Security audit #1206
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Security audit | |
| on: | |
| schedule: | |
| - cron: '0 0 * * *' | |
| env: | |
| # Disable incremental compilation. | |
| # | |
| # Incremental compilation is useful as part of an edit-build-test-edit cycle, | |
| # as it lets the compiler avoid recompiling code that hasn't changed. However, | |
| # on CI, we're not making small edits; we're almost always building the entire | |
| # project from scratch. Thus, incremental compilation on CI actually | |
| # introduces *additional* overhead to support making future builds | |
| # faster...but no future builds will ever occur in any given CI environment. | |
| # | |
| # See https://matklad.github.io/2021/09/04/fast-rust-builds.html#ci-workflow | |
| # for details. | |
| CARGO_INCREMENTAL: 0 | |
| # Allow more retries for network requests in cargo (downloading crates) and | |
| # rustup (installing toolchains). This should help to reduce flaky CI failures | |
| # from transient network timeouts or other issues. | |
| CARGO_NET_RETRY: 10 | |
| RUSTUP_MAX_RETRIES: 10 | |
| # Don't emit giant backtraces in the CI logs. | |
| RUST_BACKTRACE: short | |
| jobs: | |
| security_audit: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions-rs/audit-check@v1 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} |