chore(ci): audit scan check fix (#777)

nme-mvasylenko · web-flow · commit 7c5879b959cd · 2025-12-29T15:24:02.000+01:00
* chore(ci): install cargo 0.16.2+ with CVSS 4.0 support

* run on pull request

* run on workflow file change

* use force back

* ignore ruint
diff --git a/.github/workflows/rust_dependency_audit.yml b/.github/workflows/rust_dependency_audit.yml
@@ -5,6 +5,12 @@ on:
     paths:
       - '**/Cargo.toml'
       - '**/Cargo.lock'
+      - '.github/workflows/rust_dependency_audit.yml'
+  pull_request:
+    paths:
+      - '**/Cargo.toml'
+      - '**/Cargo.lock'
+      - '.github/workflows/rust_dependency_audit.yml'
 
 env:
   CARGO_TERM_COLOR: always
@@ -37,5 +43,5 @@ jobs:
 
       - name: Run audit-check action
         run: |
-          which cargo-deny || cargo install cargo-deny --locked --force
+          cargo install cargo-deny --locked --force
           cargo deny check
diff --git a/deny.toml b/deny.toml
@@ -18,6 +18,7 @@ yanked = "deny"
 ignore = [
     "RUSTSEC-2024-0436", # paste - no longer maintained
     "RUSTSEC-2023-0071", # https://github.com/NethermindEth/Catalyst/issues/735
+    "RUSTSEC-2025-0137", # ruint - no patched version available yet
 ]
 
 [licenses]

Original file line number	Diff line number	Diff line change
`@@ -18,6 +18,7 @@ yanked = "deny"`
`18`	`18`	`ignore = [`
`19`	`19`	`"RUSTSEC-2024-0436", # paste - no longer maintained`
`20`	`20`	`"RUSTSEC-2023-0071", # https://github.com/NethermindEth/Catalyst/issues/735`
	`21`	`+ "RUSTSEC-2025-0137", # ruint - no patched version available yet`
`21`	`22`	`]`
`22`	`23`
`23`	`24`	`[licenses]`