name: Security audit

on:
  schedule:
    # Launch everyday, at midnight
    - cron: '0 0 * * *'
  push:
    paths:
      - '**/Cargo.toml'
      - '**/Cargo.lock'
  pull_request:
  # Allow to manually trigger the check
  workflow_dispatch:

jobs:
  security_audit:
    runs-on: ubuntu-latest

    steps:
      # Checkout Git repository
      - name: Checkout sources
        uses: actions/checkout@v2

      # Security scan all dependencies, create a Pull Request if anyone found
      - name: Security audit used dependencies
        uses: actions-rs/audit-check@v1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}