Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lint dependencies with cargo deny #56

Open
3 tasks
CharlyCst opened this issue Apr 30, 2024 · 3 comments · Fixed by #192
Open
3 tasks

Lint dependencies with cargo deny #56

CharlyCst opened this issue Apr 30, 2024 · 3 comments · Fixed by #192
Labels
Exploration Test Testing or CI setup

Comments

@CharlyCst
Copy link
Owner

CharlyCst commented Apr 30, 2024
edited by francois141
Loading

At some point in the future we will probably want to lint our dependencies with cargo-deny. It might be good to set-up cargo-deny early-on to catch issues (such as deprecated/unmaintained crates) before we start relying too much on some crates.

The questions we need to answer:

  • What can cargo-deny do?
  • Among the available lints, which one de we want to put in place?
  • When do we want to run the lints? Once a week? On every PR? Should they block merging?
@CharlyCst CharlyCst added Exploration Test Testing or CI setup labels Apr 30, 2024
@CharlyCst
Copy link
Owner Author

In the same vein, what about cargo vet?

At first glance it seems Cargo Vet is more thorough and focusing on audits. Is it a complete replacement for caego-deny or a complement?

@francois141 francois141 linked a pull request Sep 17, 2024 that will close this issue
Integrate cargo deny in the CI / CD pipeline #192
Merged
@francois141
Copy link
Collaborator

francois141 commented Sep 17, 2024
edited
Loading

@CharlyCst cargo vet is a tool that seems to help focusing on auditing the code each time there is a change. I don't think it brings much value. That being said, I created a follow up PR with Clippy, which is a linter for Rust and is in my opinion a nice complement to cargo fmtand cargo deny.

@CharlyCst
Copy link
Owner Author

Reopening the issue: we don't run Cargo Deny as part of the CI yet, because of the time it takes to install it in the CI.

See #192 (comment) for reference.

@CharlyCst CharlyCst reopened this Sep 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Exploration Test Testing or CI setup
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Integrate cargo deny in the CI / CD pipeline CharlyCst/miralis
2 participants
@CharlyCst @francois141