xevion/byte-me
1
0
Fork 0
mirror of https://github.com/Xevion/byte-me.git synced 2025-12-09 12:06:44 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
fc47fd9fe989611a8d012417f024dedb2b6f81e8
byte-me/.github/workflows/security-audit.yml
Xevion 50f53eccf1 Merge pull request #5 from Xevion/dependabot/github_actions/actions/checkout-5 
chore(deps): bump actions/checkout from 4 to 5
2025-08-20 09:25:15 -05:00

53 lines
1.1 KiB
YAML
Raw Blame History

name: Security Audit
on:
workflow_dispatch: # Allow manual triggering
push:
paths:
- "**/Cargo.toml"
- "**/Cargo.lock"
- "**/package.json"
- "**/pnpm-lock.yaml"
jobs:
rust-audit:
name: Rust Security Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- name: Install cargo-audit
uses: taiki-e/install-action@cargo-audit
- name: Run cargo audit
run: cargo audit --file src-tauri/Cargo.lock
- name: Install cargo-deny
uses: taiki-e/install-action@cargo-deny
- name: Run cargo deny
run: cargo deny --manifest-path src-tauri/Cargo.toml check
npm-audit:
name: NPM Security Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- name: Install pnpm
uses: pnpm/action-setup@v4
with:
version: 10
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: "20"
cache: "pnpm"
- name: Install dependencies
run: pnpm install
- name: Run npm audit
run: pnpm audit --audit-level moderate
Reference in New Issue View Git Blame Copy Permalink