name: Cargo Audit Scanning
on:
  push:
    paths:
      - "**/Cargo.toml"
      - "**/Cargo.lock"
  schedule:
    - cron: "0 14 * * *" # 14:00 UTC
jobs:
  cargo-audit:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
      - uses: actions-rs/audit-check@v1
        # Don't run on dependabot PRs or forks
        # https://github.com/actions-rs/clippy-check/issues/2#issuecomment-807852653
        if: github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]'
        with:
          token: ${{ secrets.GITHUB_TOKEN }}