more ci experimentation

.github/settings.yml

@@ -1,11 +1,11 @@
 # Reference: https://github.com/apps/settings
 repository:
-    name: tomb
+    name: banyan-cli
 
     default_branch: main
     private: false
 
-    description: Banyan's client, WNFS+CAR encrypted filesystem packer and metadata handler.
+    description: Command line interface for interacting with the Banyan Filesystem and Platform
     homepage: https://banyan.computer/
     topics: cli, platform
 
@@ -34,6 +34,10 @@ branches:
       required_status_checks:
         strict: true
         contexts:
+          - "rust / audit"
+          - "rust / build"
+          - "rust / format"
+          - "rust / test"
           - "cargo-deny (advisories)"
           - "cargo-deny (bans licenses sources)"
 

.github/workflows/advisories.yml

@@ -5,17 +5,17 @@ on:
     - cron: '0 14 * * 1'
 jobs:
   cargo-audit:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: rustsec/audit-check@v1.4.1
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
 
   cargo-deny:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: EmbarkStudios/cargo-deny-action@v1
         with:
           command: check advisories

.github/workflows/audits.yml

@@ -1,6 +1,4 @@
 name: 🛡 Dependency Security & License Audit
-on:
-  - pull_request
 
 jobs:
   cargo-deny:

.github/workflows/rust.yml

@@ -1,7 +1,18 @@
 name: rust
 
 on:
-  - pull_request
+  workflow_call:
+    inputs:
+      cache_version:
+        type: string
+        default: v1
+      cargo_audit_version:
+        type: string
+        default: 0.20.0
+      cargo_audit_ignores:
+        type: string
+        default: ''
+        description: Comma-delimited list of RUSTSEC CVE identifiers to ignore during audit.
 
 env:
   RUSTC_WRAPPER: sccache