ci: run cargo-audit

Can be used to detect vulnerabilities in deps, see
https://blog.rust-lang.org/inside-rust/2019/10/03/Keeping-secure-with-cargo-audit-0.9.html

Added libssl-dev as it's a build dep of one of audit's crate.
This commit is contained in:
Guillaume Desmottes 2019-10-08 12:36:30 +02:00
parent 06a9f891bd
commit 69ed7cd630

View file

@ -20,6 +20,7 @@ stages:
libgl1-mesa-glx libgl1-mesa-glx
libwayland-egl1-mesa libwayland-egl1-mesa
xz-utils xz-utils
libssl-dev
before_script: before_script:
- apt-get update -yqq - apt-get update -yqq
- apt-get install -yqq --no-install-recommends $DEPENDENCIES - apt-get install -yqq --no-install-recommends $DEPENDENCIES
@ -142,3 +143,13 @@ clippy:
- | - |
cargo clippy --color=always --manifest-path examples/Cargo.toml --bins --examples --all-features -- -A clippy::redundant_pattern_matching -A clippy::single_match -A clippy::cast_lossless cargo clippy --color=always --manifest-path examples/Cargo.toml --bins --examples --all-features -- -A clippy::redundant_pattern_matching -A clippy::single_match -A clippy::cast_lossless
cargo clippy --color=always --manifest-path tutorials/Cargo.toml --bins --examples --all-features -- -A clippy::redundant_pattern_matching -A clippy::single_match -A clippy::cast_lossless cargo clippy --color=always --manifest-path tutorials/Cargo.toml --bins --examples --all-features -- -A clippy::redundant_pattern_matching -A clippy::single_match -A clippy::cast_lossless
audit:
extends: '.tarball_setup'
image: "rust:slim-buster"
stage: 'extras'
only:
- schedules
script:
- cargo install cargo-audit
- cargo audit --deny-warnings