Update cargo-audit to 0.21.0

updates:
- [github.com/asottile/pyupgrade: v3.18.0 → v3.19.0](https://github.com/asottile/pyupgrade/compare/v3.18.0...v3.19.0)
- [github.com/pre-commit/mirrors-mypy: v1.12.1 → v1.13.0](https://github.com/pre-commit/mirrors-mypy/compare/v1.12.1...v1.13.0)

.pre-commit-config.yaml

@@ -1,10 +1,10 @@
 repos:
   - repo: https://github.com/psf/black
-    rev: 24.4.2
+    rev: 24.10.0
     hooks:
       - id: black
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.6.0
+    rev: v5.0.0
     hooks:
       - id: check-ast
       - id: check-case-conflict
@@ -20,18 +20,18 @@ repos:
       - id: isort
         args: ["--profile=black"]
   - repo: https://github.com/asottile/pyupgrade
-    rev: v3.15.2
+    rev: v3.19.0
     hooks:
       - id: pyupgrade
         args: ["--py37-plus"]
   - repo: https://github.com/pre-commit/mirrors-mypy
-    rev: v1.10.0
+    rev: v1.13.0
     hooks:
       - id: mypy
         additional_dependencies:
           - types-requests
   - repo: https://github.com/python-jsonschema/check-jsonschema
-    rev: 0.28.2
+    rev: 0.29.4
     hooks:
       - id: check-dependabot
       - id: check-github-actions

CHANGELOG.md

@@ -7,6 +7,19 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.2.2] - 2024-11-06
+
+* Update `cargo-audit` to 0.21.0
+
+## [1.2.1] - 2024-07-31
+
+* Temporarily remove `--locked` from the install instructions again, since cargo-audit relies on an old version of `time` that is incompatible with Rust 1.80.
+
+## [1.2.0] - 2024-03-05
+
+* feat: add --locked to cargo install cargo-audit by @lwshang in #72
+* Add working directory input to configure where cargo audit executes by @jonasbb in #78
+
 ## [1.1.14] - 2024-02-18
 
 * Update `cargo-audit` to 0.20.0

README.md

@@ -58,6 +58,18 @@ Setting `denyWarnings` to true will also enable these warnings, but each warning
 | `createIssues`     | Create/Update issues for each found vulnerability. By default only on `main` or `master` branch. | `github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/main'` |
 | `workingDirectory` | Run `cargo audit` from the given working directory                                               |                                                                          |
 
+## Dependencies
+
+The action works best on the GitHub-hosted runners, but can work on self-hosted ones too, provided the necessary dependencies are available.
+PRs to add support for more environments are welcome.
+
+* bash
+* Python 3.9+
+    * requests
+* Rust stable
+    * cargo
+* use node actions
+
 ## License
 
 The scripts and documentation in this project are released under the [MIT License].

action.yml

@@ -45,12 +45,12 @@ runs:
           ${{ steps.cargo-home.outputs.cargohome }}/bin/cargo-audit*
           ${{ steps.cargo-home.outputs.cargohome }}/.crates.toml
           ${{ steps.cargo-home.outputs.cargohome }}/.crates2.json
-        key: cargo-audit-v0.20.0
+        key: cargo-audit-v0.21.0
 
     - name: Install cargo-audit
       if: steps.cache.outputs.cache-hit != 'true'
       # Update both this version number and the cache key
-      run: cargo install cargo-audit --vers 0.20.0 --no-default-features --locked
+      run: cargo install cargo-audit --vers 0.21.0 --no-default-features
       shell: bash
 
     - run: |