Merge pull request #31 from sarroutbi/202601291442-use-cargo-audit-gh-action

Include 'cargo audit' GH action

Author: alicefr

.github/workflows/audit.yaml

@@ -0,0 +1,28 @@
+# SPDX-FileCopyrightText: Sergio Arroutbi Braojos <sarroutb@redhat.com>
+#
+# SPDX-License-Identifier: CC0-1.0
+---
+name: Security audit
+"on":
+  workflow_dispatch:
+    paths:
+      - '**/Cargo.toml'
+      - '**/Cargo.lock'
+  push:
+    branches: ["main"]
+    paths:
+      - '**/Cargo.toml'
+      - '**/Cargo.lock'
+  pull_request:
+    paths:
+      - '**/Cargo.toml'
+      - '**/Cargo.lock'
+
+jobs:
+  security_audit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions-rs/audit-check@v1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}