# Copyright 2026 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. name: Audit on: push: branches: [main] paths: ['Cargo.lock', 'Cargo.toml', 'crates/*/Cargo.toml'] pull_request: branches: [main] paths: ['Cargo.lock', 'Cargo.toml', 'crates/*/Cargo.toml'] schedule: - cron: '0 6 * * *' # Daily at 06:00 UTC workflow_dispatch: concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} jobs: audit: name: Security Audit runs-on: ubuntu-latest steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Install cargo-audit uses: taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b # cargo-llvm-cov with: tool: cargo-audit - name: Run cargo audit run: cargo audit