Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: cargo-denyを復活させ、mainブランチ上で動かす #855

Merged
merged 4 commits into from
Oct 13, 2024
Merged

chore: cargo-denyを復活させ、mainブランチ上で動かす #855

merged 4 commits into from
Oct 13, 2024

Conversation

qryxip
Copy link
Member

@qryxip qryxip commented Oct 12, 2024

内容

題の通り。

関連 Issue

#333

その他

ドラフトにしているのは、advisoriesの領域だけunmaintainだのvulnerabilityが出ているためです。

 advisories FAILED: 10 errors, 1 warnings, 0 notes
           bans ok: 0 errors, 0 warnings, 76 notes
       licenses ok: 0 errors, 0 warnings, 425 notes
        sources ok: 0 errors, 0 warnings, 5 notes

image

@qryxip qryxip force-pushed the chore-revive-cargo-deny-and-run-on-main-branch branch from 752b9ae to 4a11b3d Compare October 12, 2024 15:06
@qryxip qryxip force-pushed the chore-revive-cargo-deny-and-run-on-main-branch branch from 4a11b3d to 04ecef1 Compare October 12, 2024 15:08
@qryxip qryxip mentioned this pull request Oct 12, 2024
Merged
@qryxip qryxip marked this pull request as ready for review October 13, 2024 06:00
@qryxip qryxip requested a review from Hiroshiba October 13, 2024 06:00
@qryxip
Copy link
Member Author

qryxip commented Oct 13, 2024 

cargo deny check -s
 advisories ok: 0 errors, 0 warnings, 0 notes
       bans ok: 0 errors, 0 warnings, 76 notes
   licenses ok: 0 errors, 0 warnings, 427 notes
    sources ok: 0 errors, 0 warnings, 5 notes

Hiroshiba
Hiroshiba reviewed Oct 13, 2024
View reviewed changes
Copy link
Member

@Hiroshiba Hiroshiba left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

あ、このプルリクの意図をお聞きできれば🙏
ライセンス的に利用できないものを早めに検知できた方が良い、とかでしょうか?
(であればとても良いと思います!!!)

@qryxip
Copy link
Member Author

qryxip commented Oct 13, 2024

そうですね。あとはadvisoriesの検査もできる(エンジンやエディタも似たようなことをしていたような?)。

mainブランチでしか動かないようにしたのでマージ後にCIが落ちるといったことが発生しそうですが、一番ライブラリを出し入れするだろう私が手元でcargo deny checkするように努めようとは思います。

あ、でも「 @qryxip とRenovateからのPR」に対してだけ起動するという手もありそう。

@Hiroshiba
Copy link
Member

なるほどです!! ライセンスチェックだけじゃなかったの忘れてました。

マージ後にCI落ちるのは一旦OKだと思います!
ただまあ二度手間になっちゃうので、手元でチェックするのはもちろん良さそうみ。

レビューします!

Hiroshiba
Hiroshiba approved these changes Oct 13, 2024
View reviewed changes
Copy link
Member

@Hiroshiba Hiroshiba left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!!

deny.toml Show resolved Hide resolved
Hiroshiba
Hiroshiba reviewed Oct 13, 2024
View reviewed changes
deny.toml Show resolved Hide resolved
@qryxip
Copy link
Member Author

qryxip commented Oct 13, 2024

一点だけ変更: 514a33d (#855)

@qryxip
Copy link
Member Author

qryxip commented Oct 13, 2024

これ↓については問題が起きてから考えることにして、マージしようと思います。

あ、でも「 @qryxip とRenovateからのPR」に対してだけ起動するという手もありそう。

@qryxip qryxip merged commit b82f7dc into VOICEVOX:main Oct 13, 2024
29 checks passed
@qryxip qryxip deleted the chore-revive-cargo-deny-and-run-on-main-branch branch October 13, 2024 09:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Hiroshiba Hiroshiba Hiroshiba approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@qryxip @Hiroshiba