mirror of
https://github.com/girlbossceo/conduwuit.git
synced 2025-03-14 12:45:37 +00:00
add cargo auditable for future use, ignore paste dependency being unmaintained for now
Signed-off-by: strawberry <june@girlboss.ceo> Signed-off-by: June Clementine Strawberry <june@3.dog>
This commit is contained in:
parent
c8a730c29e
commit
ef96e7afac
3 changed files with 33 additions and 4 deletions
27
.cargo/audit.toml
Normal file
27
.cargo/audit.toml
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
[advisories]
|
||||||
|
ignore = ["RUSTSEC-2024-0436"] # advisory IDs to ignore e.g. ["RUSTSEC-2019-0001", ...]
|
||||||
|
informational_warnings = [] # warn for categories of informational advisories
|
||||||
|
severity_threshold = "none" # CVSS severity ("none", "low", "medium", "high", "critical")
|
||||||
|
|
||||||
|
# Advisory Database Configuration
|
||||||
|
[database]
|
||||||
|
path = "~/.cargo/advisory-db" # Path where advisory git repo will be cloned
|
||||||
|
url = "https://github.com/RustSec/advisory-db.git" # URL to git repo
|
||||||
|
fetch = true # Perform a `git fetch` before auditing (default: true)
|
||||||
|
stale = false # Allow stale advisory DB (i.e. no commits for 90 days, default: false)
|
||||||
|
|
||||||
|
# Output Configuration
|
||||||
|
[output]
|
||||||
|
deny = ["warnings", "unmaintained", "unsound", "yanked"] # exit on error if unmaintained dependencies are found
|
||||||
|
format = "terminal" # "terminal" (human readable report) or "json"
|
||||||
|
quiet = false # Only print information on error
|
||||||
|
show_tree = true # Show inverse dependency trees along with advisories (default: true)
|
||||||
|
|
||||||
|
# Target Configuration
|
||||||
|
[target]
|
||||||
|
arch = ["x86_64", "aarch64"] # Ignore advisories for CPU architectures other than these
|
||||||
|
os = ["linux", "windows", "macos"] # Ignore advisories for operating systems other than these
|
||||||
|
|
||||||
|
[yanked]
|
||||||
|
enabled = true # Warn for yanked crates in Cargo.lock (default: true)
|
||||||
|
update_index = true # Auto-update the crates.io index (default: true)
|
|
@ -63,7 +63,7 @@ script = "markdownlint --version"
|
||||||
[[task]]
|
[[task]]
|
||||||
name = "cargo-audit"
|
name = "cargo-audit"
|
||||||
group = "security"
|
group = "security"
|
||||||
script = "cargo audit -D warnings -D unmaintained -D unsound -D yanked"
|
script = "cargo audit --color=always -D warnings -D unmaintained -D unsound -D yanked"
|
||||||
|
|
||||||
[[task]]
|
[[task]]
|
||||||
name = "cargo-fmt"
|
name = "cargo-fmt"
|
||||||
|
|
|
@ -144,18 +144,20 @@
|
||||||
toolchain
|
toolchain
|
||||||
]
|
]
|
||||||
++ (with pkgsHost.pkgs; [
|
++ (with pkgsHost.pkgs; [
|
||||||
engage
|
|
||||||
cargo-audit
|
|
||||||
|
|
||||||
# Required by hardened-malloc.rs dep
|
# Required by hardened-malloc.rs dep
|
||||||
binutils
|
binutils
|
||||||
|
|
||||||
|
cargo-audit
|
||||||
|
cargo-auditable
|
||||||
|
|
||||||
# Needed for producing Debian packages
|
# Needed for producing Debian packages
|
||||||
cargo-deb
|
cargo-deb
|
||||||
|
|
||||||
# Needed for CI to check validity of produced Debian packages (dpkg-deb)
|
# Needed for CI to check validity of produced Debian packages (dpkg-deb)
|
||||||
dpkg
|
dpkg
|
||||||
|
|
||||||
|
engage
|
||||||
|
|
||||||
# Needed for Complement
|
# Needed for Complement
|
||||||
go
|
go
|
||||||
|
|
||||||
|
|
Loading…
Add table
Reference in a new issue