# Copyright 2019-2024 Tauri Programme within The Commons Conservancy # SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: MIT name: Audit on: workflow_dispatch: schedule: - cron: '0 0 * * *' push: paths: - '.github/workflows/audit.yml' - '**/Cargo.lock' - '**/Cargo.toml' - '**/package.json' - '**/yarn.lock' concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: audit-rust: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: rust audit uses: rustsec/audit-check@v1 with: token: ${{ secrets.GITHUB_TOKEN }} audit-js: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: audit workspace run: yarn audit - name: audit @tauri-apps/api working-directory: tooling/api run: yarn audit - name: audit @tauri-apps/cli working-directory: tooling/cli/node run: yarn audit