Skip to content

Commit

Permalink
Fix GHA invoking cargo audit
Browse files Browse the repository at this point in the history 
We recently got a major version update of the audit-check GHA.

This version invokes:

```console
cargo audit --json --file ./Cargo.lock
````

Which fails, because we don't have a `Cargo.lock` file.

This commit makes sure the `Cargo.lock` is present prior to
invoking `cargo audit`.

Signed-off-by: Flavio Castelli <fcastelli@suse.com>
  • Loading branch information
@flavio
flavio committed Oct 4, 2024
1 parent 43cc11d commit 76872a1
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/security-audit.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Generate lockfile
run: cargo generate-lockfile
- uses: rustsec/audit-check@69366f33c96575abad1ee0dba8212993eecbe998 # v2.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}

0 comments on commit 76872a1

Please sign in to comment.