name: Cargo Audit

on:
  push:
    branches:
      - main
      - dev
  pull_request:
  workflow_dispatch:

jobs:
  cargo-audit:
    name: Cargo Vulnerability Scanner
    if: github.actor != 'github-actions[bot]'
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Checkout submodules
        run: git submodule update --init
      # Install cargo audit
      - name: Install Cargo Audit
        uses: actions-rs/install@v0.1
        with:
          crate: cargo-audit
          version: latest
      # Run cargo audit using args from .cargo/audit.toml (ignores, etc.)
      - name: Run Cargo Audit
        run: cargo audit -c always