audit.yml

name: Dependency Audit

on:
  # Automatically run the dependency audit every monday
  schedule:
    - cron: "0 0 * * 1"

  # Re-run the dependency audit whenever our Cargo.toml or
  # Cargo.lock changes
  push:
    paths:
      - "**/Cargo.toml"
      - "**/Cargo.lock"
      - ".github/workflows/audit.yml"

  # Run a dependency audit on all PRs
  pull_request:

jobs:
  pre_job:
    runs-on: ubuntu-latest
    outputs:
      should_skip: ${{ steps.skip_check.outputs.should_skip }}
    steps:
      - id: skip_check
        uses: fkirc/skip-duplicate-actions@master
        with:
          concurrent_skipping: 'same_content_newer'
          skip_after_successful_duplicate: 'true'
          paths_ignore: '["**/README.md", "**/doc/**"]'
          do_not_skip: '["workflow_dispatch", "schedule"]'
  audit:
    needs: pre_job
    if: ${{ needs.pre_job.outputs.should_skip != 'true' }}
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Run audit
        uses: actions-rs/audit-check@v1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}