mirror of
https://github.com/jlengrand/engine.git
synced 2026-03-10 08:11:21 +00:00
sec: add a security-audit workflow in CI
This CL introduces: - adds a security audit check in CI workflow aiming to check any security issues in packages. - updates packages versions
This commit is contained in:
Benjamin Chastanier
committed by
Pierre Mavro
Pierre Mavro
parent
e2c3b29669
commit
c8d409c4a8
7
.github/workflows/tests.yml
vendored
7
.github/workflows/tests.yml
vendored
@@ -7,6 +7,13 @@ on:
|
||||
branches-ignore: [ main, dev ]
|
||||
|
||||
jobs:
|
||||
security_audit:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- uses: actions-rs/audit-check@v1
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
|
||||
1291
Cargo.lock
generated
1291
Cargo.lock
generated
File diff suppressed because it is too large
Load Diff
36
Cargo.toml
36
Cargo.toml
@@ -7,20 +7,20 @@ edition = "2018"
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
[dependencies]
|
||||
chrono = "0.4.11"
|
||||
cmd_lib = "0.7.8"
|
||||
git2 = "0.13.8"
|
||||
walkdir = "2.3.1"
|
||||
itertools = "0.9.0"
|
||||
base64 = "0.12.3"
|
||||
dirs = "3.0.1"
|
||||
chrono = "0.4.19"
|
||||
cmd_lib = "1.0.13"
|
||||
git2 = "0.13.20"
|
||||
walkdir = "2.3.2"
|
||||
itertools = "0.10.0"
|
||||
base64 = "0.13.0"
|
||||
dirs = "3.0.2"
|
||||
rust-crypto = "0.2.36"
|
||||
retry = "1.2.1"
|
||||
trust-dns-resolver = "0.19.6"
|
||||
rand = "0.7.3"
|
||||
trust-dns-resolver = "0.20.3"
|
||||
rand = "0.8.3"
|
||||
gethostname = "0.2.1"
|
||||
reqwest = { version = "0.10.8", features = ["blocking"] }
|
||||
futures = "0.3"
|
||||
reqwest = { version = "0.11.3", features = ["blocking"] }
|
||||
futures = "0.3.15"
|
||||
timeout-readwrite = "0.3.1"
|
||||
lazy_static = "1.4.0"
|
||||
|
||||
@@ -31,23 +31,23 @@ flate2 = "1.0.20" # tar gz
|
||||
tar = "0.4.35"
|
||||
|
||||
# logger
|
||||
tracing = "0.1"
|
||||
tracing-subscriber = "0.2"
|
||||
tracing = "0.1.26"
|
||||
tracing-subscriber = "0.2.18"
|
||||
|
||||
# Docker deps
|
||||
# shiplift = "0.6.0"
|
||||
|
||||
# Filesystem
|
||||
sysinfo = "0.16.4"
|
||||
sysinfo = "0.18.2"
|
||||
|
||||
# Jinja2
|
||||
tera = "1.10.0"
|
||||
# Json
|
||||
serde = "1.0.114"
|
||||
serde_json = "1.0.57"
|
||||
serde_derive = "1.0"
|
||||
serde = "1.0.126"
|
||||
serde_json = "1.0.64"
|
||||
serde_derive = "1.0.126"
|
||||
# AWS deps
|
||||
tokio = { version = "1.5.0", features = ["full"] }
|
||||
tokio = { version = "1.6.1", features = ["full"] }
|
||||
rusoto_core = "0.46.0"
|
||||
rusoto_sts = "0.46.0"
|
||||
rusoto_credential = "0.46.0"
|
||||
|
||||
@@ -971,6 +971,7 @@ impl Clone2 for Context {
|
||||
let suffix = rand::thread_rng()
|
||||
.sample_iter(&Alphanumeric)
|
||||
.take(10)
|
||||
.map(|e| e.to_string())
|
||||
.collect::<String>();
|
||||
new.execution_id = format!("{}-{}", self.execution_id, suffix);
|
||||
new
|
||||
|
||||
Reference in New Issue
Block a user