Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): Add deny.yaml and a cargo deny CI job to check dependencies #3005

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

chore(deps): Add deny.yaml and a cargo deny CI job to check dependencies #3005

wants to merge 1 commit into from

Conversation

iamjpotts
Copy link
Contributor

@iamjpotts iamjpotts commented Jan 23, 2024
edited

cargo deny checks for dependencies with vulnerabilities, vulnerability advisories, unmaintained crates, duplicate dependencies, and other issues.

  • Add deny.yaml
  • Add exceptions for warnings without a resolution available
  • Add license line license = "MIT OR Apache-2.0" to sqlx-test crate to satisfy license checker. This license spec matches what is already in the workspace Cargo.toml file

@iamjpotts
Copy link
Contributor Author

Made the tempdir -> tempfile replacement its own PR: #3006

@iamjpotts iamjpotts force-pushed the 20240122-cargo-deny branch 3 times, most recently from c0f6b85 to 1ed24b5 Compare January 23, 2024 14:11
@iamjpotts
Copy link
Contributor Author

Moved env_logger upgrade to its own PR: #3009.

@iamjpotts
Copy link
Contributor Author

Moved criterion crate upgrade to #3010.

@iamjpotts iamjpotts force-pushed the 20240122-cargo-deny branch 2 times, most recently from 86567fc to b3c2400 Compare January 26, 2024 13:42
@iamjpotts
chore(deps): Add deny.yaml and a cargo deny CI job to check dependenc…
3a0415a 
…ies for vulnerabilities

Signed-off-by: Joshua Potts <8704475+iamjpotts@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@iamjpotts