Update audit.yml

.github/workflows/audit.yml

@@ -1,27 +1,26 @@
-name: Audit project
+name: "Audit Dependencies"
 on:
-  workflow_dispatch:
+  push:
+    paths:
+      # Run on changed dependencies
+      - '**/Cargo.toml'
+      - '**/Cargo.lock'
+  # Rerun periodicly to pick up new advisories
   schedule:
-    - cron: '30 5 * * 1,3'
+    - cron: '0 0 * * *'
+  # Run manually
+  workflow_dispatch:
 
 jobs:
   audit:
     runs-on: ubuntu-latest
     permissions:
-      contents: write
-      pull-requests: write
-
+      contents: read
+      issues: write
     steps:
-      - name: Run cargo audit fix
-        uses: simonhyll/cargo-audit@v1
-
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+      - uses: actions/checkout@v4
+      - uses: actions-rust-lang/audit@v1
+        name: Audit Rust Dependencies
         with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          branch: bot/cargo-audit
-          title: "[Bot] Audit fixes"
-          commit-message: Cargo audit fixes
-          body: >
-            Updates to Cargo.toml and/or Cargo.lock with security fixes.
-          labels: automated pr
+          # Comma separated list of issues to ignore
+          ignore: RUSTSEC-2020-0036