CICD.yml: Run cargo audit

This CI check will fail if there are crates with known security vulnerabilities in Cargo.lock. It will not fail because of warnings. We currently have two warnings. Note that cargo-audit is installed by default on GitHub's Ubuntu runners.
2025-09-02 03:12:25 +01:00 · 2023-05-14 16:50:15 +02:00
parent 149dec6953
commit 7639e8b406
1 changed files with 7 additions and 0 deletions
--- a/.github/workflows/CICD.yml
+++ b/.github/workflows/CICD.yml
@@ -131,6 +131,13 @@ jobs:
    - name: Show man page
      run: man $(find . -name bat.1)

+  cargo-audit:
+    name: cargo audit
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - run: cargo audit
+
  build:
    name: ${{ matrix.job.target }} (${{ matrix.job.os }})
    runs-on: ${{ matrix.job.os }}