From 8f9e745a07763aa62084c3e899b8ac62aac3a142 Mon Sep 17 00:00:00 2001
From: Tony Arcieri <bascule@gmail.com>
Date: Wed, 11 Dec 2024 12:39:44 -0700
Subject: [PATCH] CI: use latest `rustsec/audit-check` for security audit

It was previously using a very outdated version of the abandoned
`actions-rs/audit-check`.

This updates to the latest version with Cargo.lock V4 support.
---
 .github/workflows/security-audit.yml | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/security-audit.yml b/.github/workflows/security-audit.yml
index a932bafe..015e1317 100644
--- a/.github/workflows/security-audit.yml
+++ b/.github/workflows/security-audit.yml
@@ -1,10 +1,13 @@
 name: Security Audit
 on:
   pull_request:
-    paths: Cargo.lock
+    paths:
+      - Cargo.lock
+      - .github/workflows/security-audit.yml
   push:
     branches: master
-    paths: Cargo.lock
+    paths:
+      - Cargo.lock
   schedule:
     - cron: "0 0 * * *"
 
@@ -18,7 +21,7 @@ jobs:
         uses: actions/cache@v4
         with:
           path: ~/.cargo/bin
-          key: ${{ runner.os }}-cargo-audit-v0.13.0
-      - uses: actions-rs/audit-check@v1
+          key: ${{ runner.os }}-cargo-audit-v0.21.0
+      - uses: rustsec/audit-check@v2
         with:
           token: ${{ secrets.GITHUB_TOKEN }}