Skip to content

Commit

Permalink
ci: use cargo deny (#6931)
Browse files Browse the repository at this point in the history
  • Loading branch information
Darksonn authored Oct 23, 2024
1 parent 01e04da commit ebe2416
Show file tree
Hide file tree
Showing 9 changed files with 41 additions and 30 deletions.
18 changes: 6 additions & 12 deletions .github/workflows/audit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,18 +13,12 @@ permissions:
contents: read

jobs:
security-audit:
cargo-deny:
permissions:
checks: write # for rustsec/audit-check to create check
contents: read # for actions/checkout to fetch code
issues: write # for rustsec/audit-check to create issues
checks: write
contents: read
issues: write
runs-on: ubuntu-latest
if: "!contains(github.event.head_commit.message, 'ci skip')"
steps:
- uses: actions/checkout@v4

- name: Audit Check
# https://github.com/rustsec/audit-check/issues/2
uses: rustsec/audit-check@master
with:
token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/checkout@v4
- uses: EmbarkStudios/cargo-deny-action@v2
15 changes: 3 additions & 12 deletions .github/workflows/pr-audit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,17 +16,8 @@ permissions:
contents: read

jobs:
security-audit:
cargo-deny:
runs-on: ubuntu-latest
if: "!contains(github.event.head_commit.message, 'ci skip')"
steps:
- uses: actions/checkout@v4

- name: Install cargo-audit
run: cargo install cargo-audit

- name: Generate lockfile
run: cargo generate-lockfile

- name: Audit dependencies
run: cargo audit
- uses: actions/checkout@v4
- uses: EmbarkStudios/cargo-deny-action@v2
3 changes: 2 additions & 1 deletion benches/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ name = "benches"
version = "0.0.0"
publish = false
edition = "2021"
license = "MIT"

[features]
test-util = ["tokio/test-util"]
Expand All @@ -15,7 +16,7 @@ rand_chacha = "0.3"

[dev-dependencies]
tokio-util = { version = "0.7.0", path = "../tokio-util", features = ["full"] }
tokio-stream = { path = "../tokio-stream" }
tokio-stream = { version = "0.1", path = "../tokio-stream" }

[target.'cfg(unix)'.dependencies]
libc = "0.2.42"
Expand Down
21 changes: 21 additions & 0 deletions deny.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# https://embarkstudios.github.io/cargo-deny/cli/init.html

[graph]
all-features = true

[licenses]
allow = [
"MIT",
"Apache-2.0",
]
exceptions = [
{ allow = ["Unicode-DFS-2016"], crate = "unicode-ident" },
]

[bans]
multiple-versions = "allow"
wildcards = "deny"

[sources]
unknown-registry = "deny"
unknown-git = "deny"
1 change: 1 addition & 0 deletions examples/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ name = "examples"
version = "0.0.0"
publish = false
edition = "2021"
license = "MIT"

# If you copy one of the examples into a new project, you should be using
# [dependencies] instead, and delete the **path**.
Expand Down
3 changes: 2 additions & 1 deletion stress-test/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,13 @@ name = "stress-test"
version = "0.1.0"
authors = ["Tokio Contributors <[email protected]>"]
edition = "2021"
license = "MIT"
publish = false

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[dependencies]
tokio = { path = "../tokio/", features = ["full"] }
tokio = { version = "1.0.0", path = "../tokio/", features = ["full"] }

[dev-dependencies]
rand = "0.8"
3 changes: 2 additions & 1 deletion tests-build/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,15 @@ name = "tests-build"
version = "0.1.0"
authors = ["Tokio Contributors <[email protected]>"]
edition = "2021"
license = "MIT"
publish = false

[features]
full = ["tokio/full"]
rt = ["tokio/rt", "tokio/macros"]

[dependencies]
tokio = { path = "../tokio", optional = true }
tokio = { version = "1.0.0", path = "../tokio", optional = true }

[dev-dependencies]
trybuild = "1.0"
5 changes: 3 additions & 2 deletions tests-integration/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ name = "tests-integration"
version = "0.1.0"
authors = ["Tokio Contributors <[email protected]>"]
edition = "2021"
license = "MIT"
publish = false

[[bin]]
Expand Down Expand Up @@ -55,8 +56,8 @@ rt = ["tokio/rt"]
rt-multi-thread = ["rt", "tokio/rt-multi-thread"]

[dependencies]
tokio = { path = "../tokio" }
tokio-test = { path = "../tokio-test", optional = true }
tokio = { version = "1.0.0", path = "../tokio" }
tokio-test = { version = "0.4", path = "../tokio-test", optional = true }
doc-comment = "0.3.1"
futures = { version = "0.3.0", features = ["async-await"] }
bytes = "1.0.0"
2 changes: 1 addition & 1 deletion tokio-stream/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ tokio-util = { version = "0.7.0", path = "../tokio-util", optional = true }
tokio = { version = "1.2.0", path = "../tokio", features = ["full", "test-util"] }
async-stream = "0.3"
parking_lot = "0.12.0"
tokio-test = { path = "../tokio-test" }
tokio-test = { version = "0.4", path = "../tokio-test" }
futures = { version = "0.3", default-features = false }

[package.metadata.docs.rs]
Expand Down

0 comments on commit ebe2416

Please sign in to comment.