Skip to content

chore: cargo audit fixes #38

chore: cargo audit fixes

chore: cargo audit fixes #38

Workflow file for this run

name: Pull Request Security Audit
on:
push:
paths:
- '**/Cargo.toml'
pull_request:
paths:
- '**/Cargo.toml'
permissions:
contents: read
jobs:
security-audit:
runs-on: ubuntu-latest
if: "!contains(github.event.head_commit.message, 'ci skip')"
steps:
- uses: actions/checkout@v3
- name: Install cargo-audit
run: cargo install cargo-audit
- name: Generate lockfile
run: cargo generate-lockfile
- name: Audit dependencies
# RUSTSEC-2021-0145 is caused by criterion and is a dev only dependency
# RUSTSEC-2023-0071 is caused by a sqlx dependency. no current fix
run: cargo audit -D warnings --ignore RUSTSEC-2021-0145 --ignore RUSTSEC-2023-0071