Setting up a GitHub token usually isn't easy and often requires access that I, as a member of an organization, don't have. Presently, if token is not passed, the job fails. All I'd like it to do is to run cargo audit without needing to access/update anything in GitHub. I simply want my build to fail with reports on what vulnerabilities were found in the logs within GitHub Actions.
naftulikay
commented
2 years ago
Motivation
Setting up a GitHub token usually isn't easy and often requires access that I, as a member of an organization, don't have. Presently, if
tokenis not passed, the job fails. All I'd like it to do is to runcargo auditwithout needing to access/update anything in GitHub. I simply want my build to fail with reports on what vulnerabilities were found in the logs within GitHub Actions.Workflow example