Adding rust audit. (#1099)

* Adding rust audit. * Update clap version + derive_builder (they clashed). * Ignoring specific CVE which can be ignored Azure/iot-identity-service#481 * Updating python lock. * Revert `derive-builder` update. * Adding back help msg.
huggingface · Nov 9, 2022 · bbae829 · bbae829
1 parent 99c06c8
commit bbae829
Show file tree

Hide file tree

Showing 6 changed files with 967 additions and 835 deletions.
diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml
@@ -95,6 +95,14 @@ jobs:
           command: clippy
           args: --manifest-path ./bindings/python/Cargo.toml --all-targets --all-features -- -D warnings
 
+      - name: Run Audit
+        uses: actions-rs/cargo@v1
+        with:
+          command: audit
+          # ignoring specific CVE which probably isn't affecting this crate
+          # https://github.com/chronotope/chrono/issues/602
+          args: -D warnings -f ./bindings/python/Cargo.lock --ignore RUSTSEC-2020-0071
+
       - name: Install
         working-directory: ./bindings/python
         run: |

diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
@@ -81,6 +81,14 @@ jobs:
           command: test
           args: --verbose --manifest-path ./tokenizers/Cargo.toml --doc
 
+      - name: Run Audit
+        uses: actions-rs/cargo@v1
+        with:
+          command: audit
+          # ignoring specific CVE which probably isn't affecting this crate
+          # https://github.com/chronotope/chrono/issues/602
+          args: -D warnings -f ./tokenizers/Cargo.lock --ignore RUSTSEC-2020-0071
+
       # Verify that Readme.md is up to date.
       - name: Make sure, Readme generated from lib.rs matches actual Readme
         if: matrix.os == 'ubuntu-latest'