enable but ignore certain audits

Stephan Dilly · Stephan Dilly · commit 3bc4feb2ac90 · 2021-11-24T14:27:49.000+01:00
diff --git a/.cargo/audit.toml b/.cargo/audit.toml
@@ -0,0 +1,6 @@
+[advisories]
+ignore = [
+    # see https://github.com/extrawurst/gitui/issues/951
+    "RUSTSEC-2020-0159", 
+    # see https://github.com/extrawurst/gitui/issues/950
+    "RUSTSEC-2020-0071"]
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -142,18 +142,15 @@ jobs:
         components: rustfmt
     - run: cargo fmt -- --check
 
-  # TODO: enable again once we have these two fixed:
-  #  https://github.com/extrawurst/gitui/issues/950
-  #  https://github.com/extrawurst/gitui/issues/951
-  #
-  # sec:
-  #   name: Security audit
-  #   runs-on: ubuntu-latest
-  #   steps:
-  #   - uses: actions/checkout@v2
-  #   - uses: actions-rs/audit-check@v1
-  #     with:
-  #       token: ${{ secrets.GITHUB_TOKEN }}
+  
+  sec:
+    name: Security audit
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - uses: actions-rs/audit-check@v1
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
 
   log-test:
     name: Changelog Test
