ci: run cargo-audit

Can be used to detect vulnerabilities in deps, see https://blog.rust-lang.org/inside-rust/2019/10/03/Keeping-secure-with-cargo-audit-0.9.html Added libssl-dev as it's a build dep of one of audit's crate.
2024-05-14 06:12:40 +00:00 · 2019-10-08 12:36:30 +02:00 · 2019-10-08 12:36:30 +02:00 · 69ed7cd630
parent 06a9f891bd
commit 69ed7cd630
1 changed files with 11 additions and 0 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -20,6 +20,7 @@ stages:
      libgl1-mesa-glx
      libwayland-egl1-mesa
      xz-utils
+      libssl-dev
  before_script:
    - apt-get update -yqq
    - apt-get install -yqq --no-install-recommends $DEPENDENCIES
@ -142,3 +143,13 @@ clippy:
    - |
      cargo clippy --color=always --manifest-path examples/Cargo.toml --bins --examples --all-features -- -A clippy::redundant_pattern_matching -A clippy::single_match -A clippy::cast_lossless
      cargo clippy --color=always --manifest-path tutorials/Cargo.toml --bins --examples --all-features -- -A clippy::redundant_pattern_matching -A clippy::single_match -A clippy::cast_lossless
+
+audit:
+  extends: '.tarball_setup'
+  image: "rust:slim-buster"
+  stage: 'extras'
+  only:
+    - schedules
+  script:
+    - cargo install cargo-audit
+    - cargo audit --deny-warnings