Security audit #1842

	name: Security audit

	on:
	pull_request:
	paths:
	- "**/Cargo.toml"
	- "**/Cargo.lock"
	- "**/pnpm-lock.yaml"
	- "**/package.json"
	push:
	paths:
	- "**/Cargo.toml"
	- "**/Cargo.lock"
	- "**/pnpm-lock.yaml"
	- "**/package.json"
	workflow_dispatch:
	schedule:
	- cron: "0 0 * * *"

	jobs:
	security-audit:
	runs-on: ubuntu-latest
	permissions:
	issues: write
	checks: write

	steps:
	- uses: actions/checkout@v4

	- name: Install Mask
	run: \|
	curl -sL https://github.com/jacobdeichert/mask/releases/download/v0.11.3/mask-v0.11.3-x86_64-unknown-linux-gnu.zip -o mask.zip && \
	unzip mask.zip && \
	mv mask-v0.11.3-x86_64-unknown-linux-gnu/mask /usr/local/bin/mask && \
	chmod +x /usr/local/bin/mask && \
	rm -rf mask.zip mask-v0.11.3-x86_64-unknown-linux-gnu

	- uses: pnpm/action-setup@v2
	with:
	version: latest

	- name: Install Node
	uses: actions/setup-node@v3
	with:
	cache: "pnpm"
	node-version: 18

	- name: Install dependencies
	run: pnpm install

	- name: Audit
	run: mask audit

Provide feedback