aboutsummaryrefslogtreecommitdiff
path: root/.github/workflows
diff options
context:
space:
mode:
authorAleksey Kladov <[email protected]>2020-08-12 14:54:39 +0100
committerAleksey Kladov <[email protected]>2020-08-12 14:54:39 +0100
commit5534bc0321f3a1174882b3fbbf2a08eb19a9868d (patch)
tree57aa74d0edbf8bdae5c3bd6b9f45a4d6d7ee1b48 /.github/workflows
parent5b8fdfe23100b88e4fd8e210ccf6b852f5c9bf2a (diff)
Completely remove cargo audit
My current feeling is that the build maintenance friction it creates is not proportional to the benefits it provides. We are pretty frugal with the set of Rust dependencies, and our security model is "we run build.rs and proc macros", so it doesn't seem like cargo audit could help us much.
Diffstat (limited to '.github/workflows')
-rw-r--r--.github/workflows/ci.yaml14
1 files changed, 0 insertions, 14 deletions
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index f977c88be..f46fb8fec 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -16,20 +16,6 @@ env:
16 RUSTUP_MAX_RETRIES: 10 16 RUSTUP_MAX_RETRIES: 10
17 17
18jobs: 18jobs:
19 # rust-audit:
20 # name: Audit Rust vulnerabilities
21 # runs-on: ubuntu-latest
22 # steps:
23 # - name: Checkout repository
24 # uses: actions/checkout@v2
25
26 # - uses: actions-rs/[email protected]
27 # with:
28 # crate: cargo-audit
29 # use-tool-cache: true
30
31 # - run: cargo audit
32
33 rust: 19 rust:
34 name: Rust 20 name: Rust
35 runs-on: ${{ matrix.os }} 21 runs-on: ${{ matrix.os }}