name: Security audit

on:
  push:
    paths: 
      - '**/Cargo.toml'
      - '**/Cargo.lock'
      - '.github/workflows/audit.yml'
      - '**/audit.toml'
  schedule:
    - cron: '0 0 * * *'

permissions:
  issues: write
  checks: write
  pull-requests: read
  contents: read

jobs:
  security_audit:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - uses: actions-rs/audit-check@v1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}