Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add cargo-auditable config option #1528

Merged
merged 12 commits into from
Nov 6, 2024
Merged

Add cargo-auditable config option #1528

merged 12 commits into from
Nov 6, 2024

Conversation

duckinator
Copy link
Contributor

@duckinator duckinator commented Nov 5, 2024
edited
Loading

deferred:

complete:

  • use cargo auditable build instead of cargo build if cargo-auditable=true
  • install cargo-auditable in workflows if cargo-auditable=true
  • tests for both of those
  • real-world local test
  • real-world CI test

Moved from #1516 because the duckinator/auditable-builds branch name was incompatible with testing dist from a GitHub branch.

@duckinator duckinator mentioned this pull request Nov 5, 2024
Closed
5 tasks
mistydemeo
mistydemeo requested changes Nov 5, 2024
View reviewed changes
Copy link
Contributor

@mistydemeo mistydemeo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Realized there's one mistake in the template setup - something needs to get moved.

cargo-dist/src/backend/ci/github.rs Outdated Show resolved Hide resolved
cargo-dist/src/backend/ci/mod.rs Show resolved Hide resolved
cargo-dist/src/build/cargo.rs Outdated Show resolved Hide resolved
cargo-dist/src/build/cargo.rs Show resolved Hide resolved
cargo-dist/templates/ci/github/release.yml.j2 Outdated Show resolved Hide resolved
@duckinator duckinator force-pushed the auditable-builds branch 2 times, most recently from 5fa1c10 to 6ae94be Compare November 5, 2024 22:00
@duckinator
Copy link
Contributor Author 

$ cargo audit bin axolotlsay                                                                                                              
    Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 664 security advisories (from /home/puppy/.cargo/advisory-db)
    Updating crates.io index
       Found 'cargo auditable' data in axolotlsay (23 dependencies)

mistydemeo
mistydemeo approved these changes Nov 6, 2024
View reviewed changes
Copy link
Contributor

@mistydemeo mistydemeo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One minor, non-blocking comment. Otherwise, I think we're looking great here! The snapshot tests show the changes we'd want to see in the outputs, too.

cargo-dist/src/backend/ci/github.rs Show resolved Hide resolved
@duckinator duckinator merged commit f1b4789 into main Nov 6, 2024
18 checks passed
@duckinator duckinator deleted the auditable-builds branch November 6, 2024 00:10
This was referenced Nov 6, 2024
Closed
Merged
@duckinator duckinator added this to the 0.26.0 milestone Nov 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mistydemeo mistydemeo mistydemeo approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.26.0
Development

Successfully merging this pull request may close these issues.
2 participants
@duckinator @mistydemeo