DataDog · duncanista · Dec 8, 2025 · Dec 8, 2025 · Dec 8, 2025 · Dec 8, 2025
diff --git a/.github/workflows/rs_ci.yml b/.github/workflows/rs_ci.yml
@@ -167,3 +167,15 @@ jobs:
       - run: cargo install dd-rust-license-tool --locked
       - run: dd-rust-license-tool check
         working-directory: bottlecap
+
+  cargo-audit:
+    name: Audit
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout repository
+        uses: actions/[email protected]
+      - name: Scan Rust dependencies with cargo-audit
+        uses: rustsec/audit-check@69366f33c96575abad1ee0dba8212993eecbe998 # v2.0.0
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          working-directory: bottlecap
diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml
@@ -54,21 +54,8 @@ jobs:
           severity-cutoff: low
           output-format: table
 
-  rust-dependency-scan:
-    name: Rust Dependencies Scan
-    runs-on: ubuntu-22.04
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
-
-      - name: Scan Rust dependencies with cargo-audit
-        uses: rustsec/audit-check@69366f33c96575abad1ee0dba8212993eecbe998 # v2.0.0
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          working-directory: bottlecap
-
   retry:
-    needs: [trivy-scans, grype-scans, rust-dependency-scan]
+    needs: [trivy-scans, grype-scans]
     if: failure() && fromJSON(github.run_attempt) < 2
     runs-on: ubuntu-22.04
     permissions:
@@ -81,7 +68,7 @@ jobs:
         run: gh workflow run retry-workflow.yml -F run_id=${{ github.run_id }}
 
   notify:
-    needs: [trivy-scans, grype-scans, rust-dependency-scan]
+    needs: [trivy-scans, grype-scans]
     if: failure() && fromJSON(github.run_attempt) >= 2
     runs-on: ubuntu-22.04
     steps: