ci: Use "v2.0.0" branch for audit check #477
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
permissions: | |
contents: read | |
on: | |
pull_request: | |
push: | |
branches: | |
- master | |
schedule: | |
- cron: '0 2 * * 0' | |
env: | |
CARGO_INCREMENTAL: 0 | |
CARGO_NET_GIT_FETCH_WITH_CLI: true | |
CARGO_NET_RETRY: 10 | |
CARGO_TERM_COLOR: always | |
RUST_BACKTRACE: 1 | |
RUSTFLAGS: -D warnings | |
RUSTDOCFLAGS: -D warnings | |
RUSTUP_MAX_RETRIES: 10 | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
test: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-latest, windows-latest, macos-latest] | |
rust: [nightly, beta, stable] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Rust | |
# --no-self-update is necessary because the windows environment cannot self-update rustup.exe. | |
run: rustup update ${{ matrix.rust }} --no-self-update && rustup default ${{ matrix.rust }} | |
- run: cargo build --all --all-features --all-targets | |
- name: Run cargo check (without dev-dependencies to catch missing feature flags) | |
if: startsWith(matrix.rust, 'nightly') | |
run: cargo check -Z features=dev_dep | |
- run: cargo test | |
msrv: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-latest, windows-latest] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install cargo-hack | |
uses: taiki-e/install-action@cargo-hack | |
- run: cargo hack build --rust-version | |
clippy: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Rust | |
run: rustup update stable | |
- run: cargo clippy --all-features --all-targets | |
fmt: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Rust | |
run: rustup update stable | |
- run: cargo fmt --all --check | |
security_audit: | |
permissions: | |
checks: write | |
contents: read | |
issues: write | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
# rustsec/audit-check used to do this automatically | |
- name: Generate Cargo.lock | |
run: cargo generate-lockfile | |
# https://github.com/rustsec/audit-check/issues/2 | |
- uses: rustsec/[email protected] | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} |