Commit 67d9bf4
committed
On CI, have
This splits the `EmbarkStudios/cargo-deny-action` step in
`cargo-deny-advisories` into two such steps:
- Scan the workspace except prune `gix-testtools` and everything
reachable through it (following it neither as a root, nor when it
is found as dev dependency of another crate). This doesn't get to
its obsolete dependencies, while still ensuring that nothing in
the workspace *except* what we reach through `gix-testtools` is
affected by RUSTSEC-2025-0021.
- Scan the whole workspace, including `gix-testtools` and all its
dependencies, including the obsolete version of `gix-features`
that is affected by RUSTSEC-2025-0021. But ignore that advisory.
To support this, steps are added to install the `yq`-associated
`tomlq` command and use it to produce the modified configuration
file for the second scan in a way that shouldn't break under any
changes to comments, spacing, style, or ordering in `deny.toml`.cargo deny allow RUSTSEC-2025-0021 via gix-testtools1 parent 7ad29e6 commit 67d9bf4
1 file changed
+19
-1
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
344 | 344 | | |
345 | 345 | | |
346 | 346 | | |
347 | | - | |
| 347 | + | |
| 348 | + | |
| 349 | + | |
| 350 | + | |
| 351 | + | |
| 352 | + | |
| 353 | + | |
| 354 | + | |
| 355 | + | |
| 356 | + | |
| 357 | + | |
| 358 | + | |
| 359 | + | |
| 360 | + | |
| 361 | + | |
| 362 | + | |
| 363 | + | |
| 364 | + | |
348 | 365 | | |
349 | 366 | | |
350 | 367 | | |
| 368 | + | |
351 | 369 | | |
352 | 370 | | |
353 | 371 | | |
| |||
0 commit comments