From 12b1c2c7723bd9a6d704ed7f9d9c2a9113e9de99 Mon Sep 17 00:00:00 2001
From: Alexander Koz <a@koz.email>
Date: Tue, 27 Oct 2020 13:36:58 +0300
Subject: [PATCH] CI: temporary ignore RUSTSEC-2020-0041 for cargo audit (#182)

---
 .github/workflows/audit.yml | 44 +++++++++++++++++++++++++++++--------
 1 file changed, 35 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
index b5346258..07a98340 100644
--- a/.github/workflows/audit.yml
+++ b/.github/workflows/audit.yml
@@ -3,19 +3,45 @@ on:
   pull_request:
   push:
     branches:
-    - master
-    - release-*
+      - master
+      - release-*
 
 jobs:
-  rust:
+  audit:
     name: Audit
     runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
 
     steps:
-    - name: Checkout
-      uses: actions/checkout@v2
+      - name: Checkout
+        uses: actions/checkout@v2
 
-    - name: cargo-audit
-      uses: actions-rs/audit-check@v1
-      with:
-        token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Rust Toolchain
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+          profile: minimal
+
+      - name: fix permissions
+        if: matrix.os == 'ubuntu-latest'
+        run: sudo chown -R $(whoami):$(id -ng) ~/.cargo/
+
+      - name: cached cargo audit version
+        continue-on-error: true
+        run: cargo-audit -h | sed -n 1p
+
+      - name: install cargo audit
+        continue-on-error: true
+        run: cargo install cargo-audit
+
+      - name: run cargo audit
+        run: cargo audit --ignore RUSTSEC-2020-0041
+
+      # temporary disabled because
+      # https://github.com/bodil/sized-chunks/issues/11
+      #   - name: cargo-audit
+      #     uses: actions-rs/audit-check@v1
+      #     with:
+      #       token: ${{ secrets.GITHUB_TOKEN }}