From 388557f44f5f669f6e6ed38df3e1f37c996a30f9 Mon Sep 17 00:00:00 2001
From: Lia <lia@staff.identeco.de>
Date: Mon, 4 Mar 2024 16:21:56 +0100
Subject: [PATCH] add sast checks

---
 .github/workflows/yxcvbn.yml | 32 ++++++++++++++++++++++++--------
 1 file changed, 24 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/yxcvbn.yml b/.github/workflows/yxcvbn.yml
index fc47c92..0c143cc 100644
--- a/.github/workflows/yxcvbn.yml
+++ b/.github/workflows/yxcvbn.yml
@@ -8,12 +8,13 @@ on:
 
 
 jobs:
-  clippy-rustfmt:
+  sast:
     runs-on: ubuntu-latest
+
     steps:
       - uses: actions/checkout@v2
 
-      - name: Install stable
+      - name: Install Rust stable
         uses: actions-rs/toolchain@v1
         with:
           profile: minimal
@@ -22,18 +23,33 @@ jobs:
           components: clippy, rustfmt
     
 
-      - name: Run rustfmt
+      - name: Format
         uses: actions-rs/cargo@v1
         with:
           command: fmt
           args: -- --check --verbose
 
-      - name: Lint
-        uses: actions-rs/clippy-check@v1
+      - name: Clippy
+        uses: actions-rs/cargo@v1
+        with:
+          command: clippy
+
+      - name: Check
+        uses: actions-rs/cargo@v1
+        with:
+          command: check
+          args: --workspace
+    
+      - name: Install cargo-audit
+        uses: actions-rs/cargo@v1
+        with:
+          command: install
+          args: cargo-audit
+    
+      - name: Audit
+        uses: actions-rs/cargo@v1
         with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          args: --all-features --tests --benches
-          name: lint
+          command: audit
 
   test:
     strategy: