Audit workflows #190

Workflow file for this run

	name: CI

	on:
	push:
	branches:
	- master
	pull_request:

	env:
	CARGO_TERM_COLOR: always

	permissions:
	contents: read
	actions: read

	jobs:
	test:

	strategy:
	fail-fast: false
	matrix:
	include:
	- os: ubuntu-latest
	profile: dev
	- os: ubuntu-latest
	profile: release
	- os: windows-latest
	profile: release
	- os: macos-latest
	profile: release

	runs-on: ${{ matrix.os }}

	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false

	- uses: actions/cache@v4
	with:
	path: \|
	~/.cargo/registry
	~/.cargo/git
	target
	key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.toml') }}-${{ matrix.profile }}

	- uses: dtolnay/rust-toolchain@4305c38b25d97ef35a8ad1f985ccf2d2242004f2 # stable
	- run: cargo test --profile ${{ matrix.profile }}

	format:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false

	- uses: dtolnay/rust-toolchain@b95584d8105b9ab200e15821fa671848cf2b7017 # nightly
	with:
	components: rustfmt
	persist-credentials: false

	- run: cargo +nightly fmt --all -- --check

	clippy:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false

	- uses: actions/cache@v4
	with:
	path: \|
	~/.cargo/registry
	~/.cargo/git
	target
	key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.toml') }}

	- uses: dtolnay/rust-toolchain@4305c38b25d97ef35a8ad1f985ccf2d2242004f2 # stable
	with:
	components: clippy
	persist-credentials: false

	- run: cargo clippy --all-targets --all-features

	coverage:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false

	- uses: actions/cache@v4
	with:
	path: \|
	~/.cargo/registry
	~/.cargo/git
	target
	key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.toml') }}

	- uses: dtolnay/rust-toolchain@4305c38b25d97ef35a8ad1f985ccf2d2242004f2 # stable

	- uses: taiki-e/install-action@13fe1882c51d253ef22193d24823029c0acab68b # cargo-llvm-cov

	- run: cargo llvm-cov --all-features --workspace --lcov --output-path lcov.info

	- uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24
	with:
	token: ${{ secrets.CODECOV_TOKEN }}
	files: lcov.info
	persist-credentials: false

	examples:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false

	- uses: actions/cache@v4
	with:
	path: \|
	~/.cargo/registry
	~/.cargo/git
	target
	key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.toml') }}

	- uses: dtolnay/rust-toolchain@4305c38b25d97ef35a8ad1f985ccf2d2242004f2 # stable

	- run: make examples

	actions-audit:
	runs-on: ubuntu-latest

	container:
	image: ghcr.io/zizmorcore/zizmor@sha256:4d3128ae1370da9507bdd42a62d72b8304d4d0f290147aaac3eb0ebf51d70890 # 1.8.0
	options: --user root -v ${{ github.workspace }}:/workspace/:rw -w /workspace

	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false

	- name: Run Zizmor audit
	run: \|
	zizmor --gh-token ${{ secrets.GITHUB_TOKEN }} -p .github/workflows/

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Audit workflows #190

Workflow file

Audit workflows #190

Uh oh!

Jobs

Run details

Workflow file for this run