faern
commented
2 years ago Never mind this PR. The following issue makes the cargo-audit plugin somewhat useless for this crate: https://github.com/actions-rs/audit-check/issues/163
Closed faern closed 2 years ago
faern
commented
2 years ago Never mind this PR. The following issue makes the cargo-audit plugin somewhat useless for this crate: https://github.com/actions-rs/audit-check/issues/163
While fiddling with the CI and checking out the https://github.com/actions-rs organization for various Rust related Github Actions actions I found the
audit-checkaction. Seems way simpler to use than the way we installed and rancargo audit.I'm adding this both as a scheduled job and on each PR. It's relevant in PRs if the PR changes the dependency tree. And it's relevant as a scheduled job since CVEs can pop up at any time even when the dependency tree is not changing.
This change is