Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: cargo-denyのadvisoriesだけcronでの実行にする #893

Merged
merged 5 commits into from
Dec 23, 2024
Merged
Show file tree
Hide file tree
Changes from 4 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions .github/actions/install-cargo-deny/action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
name: Install cargo-deny
description: cargo-denyをインストールする。

runs:
using: composite
steps:
- name: Install cargo-binstall
uses: taiki-e/install-action@cargo-binstall
- name: Install cargo-deny
run: cargo binstall cargo-deny@^0.16 --no-confirm --log-level debug
24 changes: 24 additions & 0 deletions .github/workflows/audit.yml
qryxip marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# 依存ライブラリを監査する。
#
# RustSec Advisory Databaseに登録された、あるいは単にヤンクされたクレートを検出する。検出されるもの
# は脆弱性(`vulnerability`)のみとは限らない。依存ライブラリが単に"unmaintained"とされたりヤンクさ
# れたりしても反応する。
qryxip marked this conversation as resolved.
Show resolved Hide resolved

name: audit

# データベースへの登録とクレートのヤンクはこちらの依存ライブラリの編集と関係なく起きるため、`push`
# と`pull_request`はトリガーにしない。
on:
workflow_dispatch:
schedule:
- cron: '0 15 * * *'

jobs:
audit:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- name: Install cargo-deny
uses: ./.github/actions/install-cargo-deny
- name: cargo-deny
run: cargo deny --all-features check -s advisories
16 changes: 0 additions & 16 deletions .github/workflows/cargo-deny.yml

This file was deleted.

22 changes: 22 additions & 0 deletions .github/workflows/licenses.yml
Hiroshiba marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# 依存ライブラリのライセンスを確認する。
#
# `advisories`以外についてcargo-denyを実行する。

name: licenses

# 外部からの貢献者の負担を減らすため、PR時点では不適合になることを許容する。その代わりmainブランチで
# は毎回本ワークフローを実行する。
on:
push:
branches:
- main

jobs:
licenses:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- name: Install cargo-deny
uses: ./.github/actions/install-cargo-deny
- name: cargo-deny
run: cargo deny --all-features check -s bans licenses sources
Loading