Dependencies & Security #18

Workflow file for this run

.github/workflows/dependencies.yml at 47420be

	name: Dependencies & Security

	on:
	schedule:
	# Run weekly on Sundays at 2 AM UTC
	- cron: '0 2 * * 0'
	workflow_dispatch:

	env:
	FLUTTER_VERSION: '3.35.2'
	RUST_VERSION: '1.89.0'

	jobs:
	# Check for Rust security vulnerabilities
	rust-security:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup Rust
	uses: dtolnay/rust-toolchain@stable
	with:
	toolchain: ${{ env.RUST_VERSION }}

	- name: Install cargo-audit
	run: cargo install cargo-audit

	- name: Run security audit
	run: \|
	cd rust
	cargo audit

	- name: Install cargo-outdated
	run: cargo install cargo-outdated

	- name: Check for outdated dependencies
	run: \|
	cd rust
	cargo outdated

	# Check Flutter dependencies
	flutter-dependencies:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup Flutter
	uses: subosito/flutter-action@v2
	with:
	flutter-version: ${{ env.FLUTTER_VERSION }}
	channel: 'stable'
	cache: true

	- name: Install dependencies
	run: flutter pub get

	- name: Check for outdated packages
	run: flutter pub outdated

	- name: Run dependency validator
	run: flutter pub deps

	# License compliance check
	license-check:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup Rust
	uses: dtolnay/rust-toolchain@stable
	with:
	toolchain: ${{ env.RUST_VERSION }}

	- name: Install cargo-license
	run: cargo install cargo-license

	- name: Check Rust licenses
	run: \|
	cd rust
	cargo license

	- name: Setup Flutter
	uses: subosito/flutter-action@v2
	with:
	flutter-version: ${{ env.FLUTTER_VERSION }}
	channel: 'stable'
	cache: true

	- name: Install dependencies
	run: flutter pub get

	- name: Check Flutter licenses
	run: \|
	flutter pub deps --json \| jq '.packages[] \| {name: .name, version: .version}'

	# Code quality checks
	code-quality:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup Rust
	uses: dtolnay/rust-toolchain@stable
	with:
	toolchain: ${{ env.RUST_VERSION }}
	components: clippy

	- name: Setup Rust cache
	uses: Swatinem/rust-cache@v2
	with:
	workspaces: rust

	- name: Run Clippy
	run: \|
	cd rust
	cargo clippy -- -D warnings

	- name: Setup Flutter
	uses: subosito/flutter-action@v2
	with:
	flutter-version: ${{ env.FLUTTER_VERSION }}
	channel: 'stable'
	cache: true

	- name: Install dependencies
	run: flutter pub get

	- name: Run Flutter analyze
	run: flutter analyze --fatal-infos

	- name: Check Dart/Flutter formatting
	run: dart format --set-exit-if-changed .

	- name: Check Rust formatting
	run: \|
	cd rust
	cargo fmt --check

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Dependencies & Security #18

Workflow file

Dependencies & Security #18

Uh oh!

Workflow file for this run