Radish alpha
r
radicle-ci-broker
Radicle CI broker
Radicle
Git (anonymous pull)
Log in to clone via SSH
Commits
chore: add cargo audit
Fintan Halpenny committed 1 year ago
commit da7971ada31b9684abe6182429eb3f7488d5d13c
parent 8d67442766386b1ff17457de3a118a602433506a
2 files changed +12 -0
added .cargo/audit.toml
@@ -0,0 +1,7 @@
+ 
[advisories]
+ 
ignore = [
+ 
  # heartwood issue bd8af7a5e3fd02c0963d7550a5cc2cab00950775
+ 
  # TL;DR rsa is vulnerable, but heartwood does not use the rsa crate, even
+ 
  # through the transitivie dependency
+ 
  "RUSTSEC-2023-0071",
+ 
]
modified flake.nix
@@ -156,6 +156,10 @@
        fmt = craneLib.cargoFmt basicArgs;

        deny = craneLib.cargoDeny commonArgs;
+ 
        audit = craneLib.cargoAudit {
+ 
          inherit src advisory-db;
+ 
        };
+ 


        # Run tests with cargo-nextest

        nextest = craneLib.cargoNextest (commonArgs

          // {
@@ -213,3 +217,4 @@
      };

    });

}
+