v0.0.7 #12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This runs `cargo audit` on all dependencies (only if Cargo deps changed) | |
| name: Audit | |
| on: | |
| push: | |
| paths: | |
| - '**/Cargo.toml' | |
| - '**/Cargo.lock' | |
| env: | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| audit: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cargo | |
| target | |
| key: audit | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install dependencies | |
| run: cargo install cargo-audit --locked | |
| # Due to `matrix-sdk`. | |
| # | |
| # > Versions 0.5.0 and 0.5.1 of vodozemac have degraded | |
| # > secret zeroization capabilities [...] Overall, we | |
| # > consider the impact of this issue to be low. | |
| # | |
| # <https://rustsec.org/advisories/RUSTSEC-2024-0342> | |
| - name: Audit | |
| run: cargo audit --ignore RUSTSEC-2024-0342 |