Test #95
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependencies | |
| on: | |
| pull_request: | |
| paths: | |
| - "**/Cargo.toml" | |
| - "deny.toml" | |
| push: | |
| paths: | |
| - "**/Cargo.toml" | |
| - "deny.toml" | |
| branches: | |
| - main | |
| env: | |
| CARGO_TERM_COLOR: always | |
| DENY_OUT_BASE: "/tmp/deny-bans-base" | |
| DENY_OUT_PR: "/tmp/deny-bans-pr" | |
| jobs: | |
| check-advisories: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: dtolnay/rust-toolchain@stable | |
| - name: Install cargo-deny | |
| run: cargo install cargo-deny | |
| - name: Check for security advisories and unmaintained crates | |
| run: cargo deny check advisories | |
| check-bans: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: dtolnay/rust-toolchain@stable | |
| - name: Install cargo-deny | |
| run: cargo install cargo-deny | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.base_ref }} | |
| - name: Cargo update (base) | |
| run: cargo update | |
| - name: Check for banned and duplicated dependencies (base) | |
| run: | | |
| cargo deny --format json check bans 2>&1 | jq -r -n '[inputs][] | select(.fields.severity != null) | "\(.fields.severity) \(.fields.message)"' | sort > $DENY_OUT_BASE | |
| - uses: actions/checkout@v4 | |
| - name: Cargo update (PR) | |
| run: cargo update | |
| - name: Check for banned and duplicated dependencies (PR) | |
| run: | | |
| set -o pipefail | |
| cargo deny --format json check bans 2>&1 | jq -r -n '[inputs][] | select(.fields.severity != null) | "\(.fields.severity) \(.fields.message)"' | sort > $DENY_OUT_PR && fail=0 || fail=1 | |
| set +o pipefail | |
| if [[ $fail = "1" ]]; then | |
| # show the diff with the entire output. if there's no diff, display the output. | |
| diff -U99999 $DENY_OUT_PR $DENY_OUT_BASE && cat $DENY_OUT_PR | |
| exit 1 | |
| fi | |
| check-licenses: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: dtolnay/rust-toolchain@stable | |
| - name: Install cargo-deny | |
| run: cargo install cargo-deny | |
| - name: Check for unauthorized licenses | |
| run: cargo deny check licenses | |
| check-sources: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: dtolnay/rust-toolchain@stable | |
| - name: Install cargo-deny | |
| run: cargo install cargo-deny | |
| - name: Checked for unauthorized crate sources | |
| run: cargo deny check sources |