LucaCappelletti94 opened a new pull request, #2373: URL: https://github.com/apache/datafusion-sqlparser-rs/pull/2373
Adds a Security audit CI workflow that runs cargo-audit against the dependency tree on changes to Cargo.toml or Cargo.lock, on pull requests and the merge queue, and on a daily schedule. Known RUSTSEC advisories fail CI via cargo audit --deny warnings, and the daily run catches newly published advisories even when dependencies have not changed. The workflow uses no third-party actions and only contents: read permissions. Running cargo audit --deny warnings locally against the current tree passes with no advisories. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
