slipenkomk/sequoia-sq
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add cargo-deny integration

Browse Source 
- Add `deny.toml` for `cargo deny` with advisory error for `RUSTSEC-
  2020-0071` disabled as it does not affect chrono (or us for that
  matter).
  Allow multiple versions as there is not much we can do about those
  anyways and it clutters the output immensely.
  Add all currently used licenses to allow list.
  Deny the use of `ring` as it does not have a responsible disclosure
  policy: https://github.com/briansmith/ring#bug-reporting
- Run `cargo deny` as further `test` step in GitLab CI, so that it is
  among the last things that may fail in a merge request.
This commit is contained in:
David Runge 2023-05-17 18:21:57 +02:00
parent f6aa19294a
commit 0682d6dcea
No known key found for this signature in database
GPG Key ID: BB992F9864FAD168
3 changed files with 48 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
.gitlab-ci.yml
View File

@ -125,6 +125,20 @@ codespell:
script: script:
- codespell --summary -L "crate,ede,iff,mut,nd,te,uint,KeyServer,keyserver,Keyserver,keyservers,Keyservers,keypair,keypairs,KeyPair,fpr,dedup,deriver" -S "*.bin,*.gpg,*.pgp,./.git,*/target,Cargo.lock" - codespell --summary -L "crate,ede,iff,mut,nd,te,uint,KeyServer,keyserver,Keyserver,keyservers,Keyservers,keypair,keypairs,KeyPair,fpr,dedup,deriver" -S "*.bin,*.gpg,*.pgp,./.git,*/target,Cargo.lock"
deny:
tags:
- linux
stage: test
interruptible: true
image: 192.168.122.1:5000/sequoia-pgp/build-docker-image/rust-stable:latest
before_script:
- *before_script_start
- cargo install --locked cargo-deny
- *before_script_end
script:
- cargo deny check
rust-stable: rust-stable:
tags: tags:
- linux - linux

31
deny.toml Normal file
View File

@ -0,0 +1,31 @@
[advisories]
ignore = [
"RUSTSEC-2020-0071", # chrono not affected by time 0.1 issue
]
unmaintained = "deny"
yanked = "deny"
[bans]
multiple-versions = "allow"
deny = [
# does not have responsible disclosure policy:
# https://github.com/briansmith/ring#bug-reporting
{name = "ring"},
]
[licenses]
allow = [
"Apache-2.0",
"BSD-3-Clause",
"BSL-1.0",
"CC0-1.0",
"GPL-2.0",
"GPL-3.0",
"ISC",
"LGPL-2.0",
"LGPL-3.0",
"MIT",
"MIT-0",
"MPL-2.0",
"Unicode-DFS-2016",
]

8
src/commands/decrypt.rs
View File

@ -149,11 +149,9 @@ impl<'a, 'certdb> Helper<'a, 'certdb> {
session_keys, session_keys,
dump_session_key, dump_session_key,
dumper: if dump { dumper: if dump {
let width = if let Some((width, _)) = terminal_size() { let width = terminal_size()
width.0.into() .map(|(width, _height)| width.0.into())
} else { .unwrap_or(80);
80
};
Some(PacketDumper::new(width, false)) Some(PacketDumper::new(width, false))
} else { } else {
None None