diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
index 104166d..3b7cd95 100644
--- a/.github/workflows/rust.yml
+++ b/.github/workflows/rust.yml
@@ -2,13 +2,13 @@ name: Rust
 
 on:
   push:
-    branches: [
-      master,
-      auto,   # used for bors
-      try     # used for bors
-    ]
+    branches:
+      - master
+      - stable
   pull_request:
-    branches: [ master ]
+    branches:
+      - master
+      - stable
 
 env:
   CARGO_TERM_COLOR: always
@@ -39,26 +39,15 @@ jobs:
       run: cargo doc --verbose --no-deps
     - name: Check big endian
       run: cargo check --target powerpc64-unknown-linux-gnu --verbose --all
-
-  # These jobs doesn't actually test anything, but they're only used to tell
-  # bors the build completed, as there is no practical way to detect when a
-  # workflow is successful listening to webhooks only.
-  #
-  # ALL THE PREVIOUS JOBS NEED TO BE ADDED TO THE `needs` SECTION OF THIS JOB!
-  end-success:
-    name: bors build finished
-    runs-on: ubuntu-latest
-    needs: [build]
-    if: github.event.pusher.name == 'bors' && success()
-    steps:
-      - name: mark the job as a success
-        run: exit 0
-
-  end-failure:
-    name: bors build finished
+  success:
+    needs:
+      - build
     runs-on: ubuntu-latest
-    needs: [build]
-    if: github.event.pusher.name == 'bors' && (failure() || cancelled())
+    # GitHub branch protection is exceedingly silly and treats "jobs skipped because a dependency
+    # failed" as success. So we have to do some contortions to ensure the job fails if any of its
+    # dependencies fails.
+    if: always() # make sure this is never "skipped"
     steps:
-      - name: mark the job as a failure
-        run: exit 1
+      # Manually check the status of all dependencies. `if: failure()` does not work.
+      - name: check if any dependency failed
+        run: jq --exit-status 'all(.result == "success")' <<< '${{ toJson(needs) }}'