You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@arrow.apache.org by al...@apache.org on 2024/02/14 14:24:38 UTC
(arrow-datafusion) branch main updated: Add cargo audit CI (#9182)
This is an automated email from the ASF dual-hosted git repository.
alamb pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-datafusion.git
The following commit(s) were added to refs/heads/main by this push:
new ac919d58ad Add cargo audit CI (#9182)
ac919d58ad is described below
commit ac919d58ad1a472bf0681055f1e243ae329f5389
Author: Chih Wang <on...@users.noreply.github.com>
AuthorDate: Wed Feb 14 22:24:33 2024 +0800
Add cargo audit CI (#9182)
* Add cargo audit CI
* Installing cargo-audit from cargo instead of action from rustsec/audit-check
* Remove specific target branch
---
.github/workflows/audit.yml | 43 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 43 insertions(+)
diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
new file mode 100644
index 0000000000..0d65b1aa80
--- /dev/null
+++ b/.github/workflows/audit.yml
@@ -0,0 +1,43 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+name: Security audit
+
+concurrency:
+ group: ${{ github.repository }}-${{ github.head_ref || github.sha }}-${{ github.workflow }}
+ cancel-in-progress: true
+
+on:
+ push:
+ paths:
+ - "**/Cargo.toml"
+ - "**/Cargo.lock"
+
+ pull_request:
+ paths:
+ - "**/Cargo.toml"
+ - "**/Cargo.lock"
+
+jobs:
+ security_audit:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ - name: Install cargo-audit
+ run: cargo install cargo-audit
+ - name: Run audit check
+ run: cargo audit