Merge #16: Fix audit workflow

fc8ba0e fix(audit-workflow): update audit workflow (Vihiga Tyonum)

Pull request description:

  <!-- You can erase any parts of this template not applicable to your Pull Request. -->

  ### Description

  Fixes #15 and #14

  Updates Audit Workflow

  <!-- Describe the purpose of this PR, what's being adding and/or fixed -->

  ### Notes to the reviewers

  - remove master branch filter
  - fix invalid pinned SHA
  - removed Swatinem/rust-cache action

  ### Checklists

  #### All Submissions:

  * [x] I've signed all my commits
  * [x] I followed the [contribution guidelines](https://github.com/bitcoindevkit/bdk/blob/master/CONTRIBUTING.md)
  * [x] I ran `cargo fmt` and `cargo clippy` before committing

ACKs for top commit:
  ValuedMammal:
    ACK fc8ba0e

Tree-SHA512: 3d340d524141b718f27d39f657fed437c2a7468c33b48e3ce5f6c9ddb19ece8706adada083adfae9d022e22281b5b94c4c57850781a67dbaab76be4ac08b61ad

Author: ValuedMammal

.github/workflows/audit.yml

@@ -1,54 +1,50 @@
 name: Security Audit
 
 on:
-  pull_request:
+  push:
     paths:
       - '**/Cargo.toml'
       - '**/Cargo.lock'
-  merge_group:
-  push:
-    branches: [master]
+  pull_request:
     paths:
       - '**/Cargo.toml'
       - '**/Cargo.lock'
   schedule:
     # weekly
     - cron: '0 0 * * 0'
+  workflow_dispatch:
 
 env:
   CARGO_TERM_COLOR: always
 
 permissions:
-  contents: read               
-  security-events: write      
-  issues: write                
+  contents: read
+  security-events: write   
+  issues: write            
 
 jobs:
   cargo-audit:
     name: RustSec Audit (vulnerabilities)
     runs-on: ubuntu-latest
     timeout-minutes: 15
+
     steps:
       - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-
-      - name: Install Rust toolchain
-        uses: dtolnay/rust-toolchain@stable
-
-      - name: Cache cargo registry/index/target
-        uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      - name: Install Rust toolchain and configure cache
+        uses: actions-rust-lang/setup-rust-toolchain@1780873c7b576612439a134613cc4cc74ce5538c
         with:
-          cache-on-failure: true
+          toolchain: stable
+          cache: true
 
       - name: Install cargo-audit
         run: cargo install cargo-audit --locked
 
-      - name: Run cargo audit (raw output — you will see this clearly)
-        run: cargo audit --deny warnings   
-        
-      - name: Run cargo audit again for GitHub Security tab upload
-        uses: rustsec/audit-check@69366f33c96575abad1ee0dba8212ae3e3c0d700
+      - name: Run cargo audit 
+        run: cargo audit --deny warnings
+
+      - name: Upload SARIF to GitHub Security tab
+        uses: rustsec/audit-check@69366f33c96575abad1ee0dba8212993eecbe998
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           deny: warnings
-