feat(rust): Update deny.toml config, make unmaintained as warnings (#346)

Mr-Leshiy · web-flow · commit b09268a593c1 · 2024-11-05T14:50:44.000+07:00
* remove redundant RUST-SEC exception list

* add new `allow-git` exceptions

* make unmaintained issues like warnings
diff --git a/earthly/rust/scripts/std_checks.py b/earthly/rust/scripts/std_checks.py
@@ -104,7 +104,7 @@ def main():
     results.add(exec_manager.cli_run("cargo machete", name="Unused Dependencies Check"))
     # Check if we have any supply chain issues with dependencies.
     results.add(
-        exec_manager.cli_run("cargo deny check --exclude-dev -W vulnerability", name="Supply Chain Issues Check")
+        exec_manager.cli_run("cargo deny check --exclude-dev -W vulnerability -W unmaintained", name="Supply Chain Issues Check")
     )
 
     results.print()
diff --git a/earthly/rust/stdcfgs/deny.toml b/earthly/rust/stdcfgs/deny.toml
@@ -16,11 +16,7 @@ targets = [
 
 [advisories]
 version = 2
-ignore = [
-    { id = "RUSTSEC-2020-0168", reason = "`mach` is used by wasmtime and we have no control over that." },
-    { id = "RUSTSEC-2021-0145", reason = "we don't target windows, and don't use a custom global allocator." },
-    { id = "RUSTSEC-2024-0370", reason = "`proc-macro-error` is used by crates we rely on, we can't control what they use."},
-]
+ignore = []
 
 [bans]
 multiple-versions = "warn"
@@ -58,6 +54,9 @@ allow-git = [
     "https://github.com/input-output-hk/catalyst-mithril.git",
     "https://github.com/bytecodealliance/wasmtime",
     "https://github.com/aldanor/hdf5-rust",
+    "https://github.com/txpipe/vrf",
+    "https://github.com/txpipe/kes",
+    "https://github.com/txpipe/curve25519-dalek",
 ]
 
 [licenses]
diff --git a/examples/rust/deny.toml b/examples/rust/deny.toml
@@ -16,11 +16,7 @@ targets = [
 
 [advisories]
 version = 2
-ignore = [
-    { id = "RUSTSEC-2020-0168", reason = "`mach` is used by wasmtime and we have no control over that." },
-    { id = "RUSTSEC-2021-0145", reason = "we don't target windows, and don't use a custom global allocator." },
-    { id = "RUSTSEC-2024-0370", reason = "`proc-macro-error` is used by crates we rely on, we can't control what they use."},
-]
+ignore = []
 
 [bans]
 multiple-versions = "warn"
@@ -58,6 +54,9 @@ allow-git = [
     "https://github.com/input-output-hk/catalyst-mithril.git",
     "https://github.com/bytecodealliance/wasmtime",
     "https://github.com/aldanor/hdf5-rust",
+    "https://github.com/txpipe/vrf",
+    "https://github.com/txpipe/kes",
+    "https://github.com/txpipe/curve25519-dalek",
 ]
 
 [licenses]

Original file line number	Diff line number	Diff line change
`@@ -104,7 +104,7 @@ def main():`
`104`	`104`	`results.add(exec_manager.cli_run("cargo machete", name="Unused Dependencies Check"))`
`105`	`105`	`# Check if we have any supply chain issues with dependencies.`
`106`	`106`	`results.add(`
`107`		`- exec_manager.cli_run("cargo deny check --exclude-dev -W vulnerability", name="Supply Chain Issues Check")`
	`107`	`+ exec_manager.cli_run("cargo deny check --exclude-dev -W vulnerability -W unmaintained", name="Supply Chain Issues Check")`
`108`	`108`	`)`
`109`	`109`
`110`	`110`	`results.print()`