name: Security audit

on:
    push:
        branches: [master]
        paths:
            - "**/Cargo.toml"
            - "**/Cargo.lock"
    pull_request:
        branches: [master]
        paths:
            - "**/Cargo.toml"
            - "**/Cargo.lock"

jobs:
    audit:
        name: Security audit
        runs-on: ubuntu-latest
        steps:
            - uses: actions/checkout@v3
            - uses: dtolnay/rust-toolchain@nightly
            - run: cargo install --locked cargo-audit
            - run: cargo audit --deny warnings