YGGverse/agate
1
0
Fork 0
mirror of https://github.com/YGGverse/agate.git synced 2026-04-08 12:35:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

remove perms and ignore dependabot prs for cargo audit check (#84)

Browse source 
It's meant to only run on commits on master but just to be safe
This commit is contained in:
j-k 2021-10-19 17:33:11 +01:00 committed by GitHub
parent 7cb0696f3f
commit 57e4054cbe
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
.github/workflows/cargo-audit.yml vendored
View file

@ -6,13 +6,14 @@ on:
- "**/Cargo.lock" - "**/Cargo.lock"
schedule: schedule:
- cron: "0 14 * * *" # 14:00 UTC - cron: "0 14 * * *" # 14:00 UTC
permissions:
repository-projects: read
jobs: jobs:
cargo-audit: cargo-audit:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v2
- uses: actions-rs/audit-check@v1 - uses: actions-rs/audit-check@v1
# Don't run on dependabot PRs or forks
# https://github.com/actions-rs/clippy-check/issues/2#issuecomment-807852653
if: github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]'
with: with:
token: ${{ secrets.GITHUB_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }}