name: "Security audit"
on:
  workflow_call:
  workflow_dispatch:
  schedule:
    - cron: "0 0 * * *"
  push:
    paths:
      - "**/Cargo.toml"
      - "**/Cargo.lock"
  pull_request:
    branches: ["master"]
    paths:
      - "**/Cargo.toml"
      - "**/Cargo.lock"

jobs:
  audit:
    name: Security Audit
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Install cargo-deny
        uses: taiki-e/install-action@cargo-deny

      - name: Scan for vulnerabilities
        run: cargo deny check advisories