Skip to content

Commit

Permalink
Use a pinned compiler version to run cargo audit
Browse files Browse the repository at this point in the history 
This avoids CI failures like this
  https://gitlab.torproject.org/nickm/arti/-/jobs/617654
arising from situations like this
  cargo-audit install fails with rust 1.80
    rustsec/rustsec#1217
  error[E0282]: type annotations needed for Box<_>
    time-rs/time#693

IMO we should pin many of the other images too but I suspect that may
be controversial.  I'm hoping that pinning this one to get CI working
is uncontroversial (perhaps only on a temporary basis).

The other way to solve this would be to remove --locked which IMO is
going in the wrong direction, by exposing us to more rather than fewer
uncontrolled inputs from our upstreams.
  • Loading branch information
@ijackson
ijackson committed Jul 29, 2024
1 parent 2b7abcd commit 80a0615
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .gitlab-ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,7 @@ cargo-audit:
# all the other tests will have been run.
stage: test
# Using "amd64/" single-arch variant to work around https://gitlab.torproject.org/tpo/tpa/team/-/issues/41621.
image: amd64/rust:bookworm
image: amd64/rust:1.79.0-bookworm
script:
- rustup show
- ./maint/common/via-cargo-install-in-ci cargo-audit
Expand Down

0 comments on commit 80a0615

Please sign in to comment.