GitHub CI: Replace security-audit with dependency-audit

.github/workflows/dependency-audit.yaml

@@ -0,0 +1,36 @@
+# SPDX-FileCopyrightText: The djio authors
+# SPDX-License-Identifier: CC0-1.0
+
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow
+
+# Same as file name
+name: dependency-audit
+
+permissions:
+  contents: read
+
+on:
+  push:
+    paths:
+      - "**/Cargo.toml"
+  schedule:
+    # Weekly, i.e. on Sunday at 13:37 UTC
+    - cron: "37 13 * * 0"
+  workflow_dispatch:
+
+jobs:
+  run:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Generate Cargo.lock
+        run: cargo generate-lockfile
+
+      - uses: EmbarkStudios/cargo-deny-action@v1
+        with:
+          command: check
+          arguments: >-
+            --all-features
+            --locked

.pre-commit-config.yaml

@@ -36,7 +36,7 @@ repos:
       - id: markdownlint-cli2
         exclude: ^LICENSE\.md$
   - repo: https://github.com/shellcheck-py/shellcheck-py
-    rev: v0.9.0.5
+    rev: v0.9.0.6
     hooks:
       - id: shellcheck
   - repo: https://github.com/codespell-project/codespell
@@ -45,7 +45,7 @@ repos:
       - id: codespell
         args: [--ignore-words=.codespellignore]
   - repo: https://github.com/sirosen/check-jsonschema
-    rev: 0.26.3
+    rev: 0.27.0
     hooks:
       - id: check-github-actions
       - id: check-github-workflows

Cargo.toml

@@ -22,7 +22,7 @@ futures = "0.3.28"
 is_sorted = "0.1.1"
 log = "0.4.20"
 strum = { version = "0.25.0", features = ["derive"] }
-thiserror = "1.0.48"
+thiserror = "1.0.49"
 
 # Optional dependencies
 discro = { version = "0.26.0", optional = true }