Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package cargo-audit for openSUSE:Factory
checked in at 2022-11-10 14:19:05
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/cargo-audit (Old)
and /work/SRC/openSUSE:Factory/.cargo-audit.new.1597 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cargo-audit"
Thu Nov 10 14:19:05 2022 rev:14 rq:1034648 version:0.17.4~git0.0b05e18
Changes:
--------
--- /work/SRC/openSUSE:Factory/cargo-audit/cargo-audit.changes 2022-11-02
12:48:00.485831961 +0100
+++ /work/SRC/openSUSE:Factory/.cargo-audit.new.1597/cargo-audit.changes
2022-11-10 14:19:07.817287436 +0100
@@ -1,0 +2,25 @@
+Wed Nov 09 00:01:18 UTC 2022 - william.br...@suse.com
+
+- Update to version 0.17.4~git0.0b05e18:
+ * Set 0.17.4 date in changelog
+ * Bump `cargo-audit` to 0.17.4
+ * Update documentation for 0.17.4; `cargo audit bin` is now officially
enabled by default
+ * Fix homepage style on mobile (#755)
+ * Add comment
+ * Only attempt to check for yanked crates for crates coming from crates.io
+ * Remove an unused inport
+ * placate Clippy
+ * cargo fmt
+ * Fix #747 in `cargo-audit instead, and don't silence errors that occur
during checking for yanked crates`
+ * Revert "Only check if a package is yanked if it comes from crates.io;
fixes #747" This is a significant behavioral change that should only come with
a semver bump
+ * Add tests validating yank behavior so that #747 can't regress again
+ * Only check if a package is yanked if it comes from crates.io; fixes #747
+ * Add a test fixture depending on a yanked crate
+ * Consolidate CODE_OF_CONDUCT.d files into one; switch to Rust code of
conduct (#751)
+ * Release rustsec-admit 0.8.3
+ * fix links in admin/CHANGELOG.md
+ * bump `platforms` to 3.0.2
+ * regenerate `platforms` crate
+ * Prepare rustsec-admin release
+
+-------------------------------------------------------------------
Old:
----
rustsec-0.17.3~git0.fdb9752.tar.xz
New:
----
rustsec-0.17.4~git0.0b05e18.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cargo-audit.spec ++++++
--- /var/tmp/diff_new_pack.vRCkXO/_old 2022-11-10 14:19:09.005293983 +0100
+++ /var/tmp/diff_new_pack.vRCkXO/_new 2022-11-10 14:19:09.009294005 +0100
@@ -20,7 +20,7 @@
%global workspace_name rustsec
Name: cargo-audit
-Version: 0.17.3~git0.fdb9752
+Version: 0.17.4~git0.0b05e18
Release: 0
Summary: Audit rust sources for known security vulnerabilities
License: ( 0BSD OR MIT OR Apache-2.0 ) AND ( Apache-2.0 OR BSL-1.0 )
AND ( Apache-2.0 OR MIT ) AND ( MIT OR Zlib OR Apache-2.0 ) AND ( Unlicense OR
MIT ) AND ( Zlib OR Apache-2.0 OR MIT ) AND Apache-2.0 AND BSD-2-Clause AND
BSD-3-Clause AND CC0-1.0 AND MIT AND MPL-2.0 AND MPL-2.0+
++++++ _service ++++++
--- /var/tmp/diff_new_pack.vRCkXO/_old 2022-11-10 14:19:09.073294358 +0100
+++ /var/tmp/diff_new_pack.vRCkXO/_new 2022-11-10 14:19:09.077294380 +0100
@@ -3,7 +3,7 @@
<param name="url">https://github.com/RustSec/rustsec.git</param>
<param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param>
<param name="scm">git</param>
- <param name="revision">cargo-audit/v0.17.3</param>
+ <param name="revision">cargo-audit/v0.17.4</param>
<param name="match-tag">cargo-audit*</param>
<param name="versionrewrite-pattern">.*v(\d+\.\d+\.\d+)</param>
<param name="versionrewrite-replacement">\1</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.vRCkXO/_old 2022-11-10 14:19:09.093294468 +0100
+++ /var/tmp/diff_new_pack.vRCkXO/_new 2022-11-10 14:19:09.101294512 +0100
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/RustSec/rustsec.git</param>
- <param
name="changesrevision">fdb97522db786819262b1ddb030c2ae5d8c47cd8</param></service></servicedata>
+ <param
name="changesrevision">0b05e18c0f719076d56942e6b0e1e13dec11a428</param></service></servicedata>
(No newline at EOF)
++++++ rustsec-0.17.3~git0.fdb9752.tar.xz -> rustsec-0.17.4~git0.0b05e18.tar.xz
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rustsec-0.17.3~git0.fdb9752/CODE_OF_CONDUCT.md
new/rustsec-0.17.4~git0.0b05e18/CODE_OF_CONDUCT.md
--- old/rustsec-0.17.3~git0.fdb9752/CODE_OF_CONDUCT.md 1970-01-01
01:00:00.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/CODE_OF_CONDUCT.md 2022-11-08
22:14:30.000000000 +0100
@@ -0,0 +1,5 @@
+# Code of Conduct
+
+People participating in the project are expected to abide by the [Rust Code of
Conduct](https://www.rust-lang.org/policies/code-of-conduct).
+
+If you feel you have been or are being harassed or made uncomfortable by a
community member, please contact any of the [Rust Moderation
Team](rust-m...@rust-lang.org) immediately. Whether you are a regular
contributor or a newcomer, we care about making the community a safe space for
you.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rustsec-0.17.3~git0.fdb9752/Cargo.lock
new/rustsec-0.17.4~git0.0b05e18/Cargo.lock
--- old/rustsec-0.17.3~git0.fdb9752/Cargo.lock 2022-11-01 19:18:25.000000000
+0100
+++ new/rustsec-0.17.4~git0.0b05e18/Cargo.lock 2022-11-08 22:14:30.000000000
+0100
@@ -275,7 +275,7 @@
[[package]]
name = "cargo-audit"
-version = "0.17.3"
+version = "0.17.4"
dependencies = [
"abscissa_core",
"auditable-info",
@@ -1523,7 +1523,7 @@
[[package]]
name = "platforms"
-version = "3.0.1"
+version = "3.0.2"
dependencies = [
"serde",
]
@@ -1780,7 +1780,7 @@
[[package]]
name = "rustsec-admin"
-version = "0.8.2"
+version = "0.8.3"
dependencies = [
"abscissa_core",
"askama",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rustsec-0.17.3~git0.fdb9752/admin/CHANGELOG.md
new/rustsec-0.17.4~git0.0b05e18/admin/CHANGELOG.md
--- old/rustsec-0.17.3~git0.fdb9752/admin/CHANGELOG.md 2022-11-01
19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/admin/CHANGELOG.md 2022-11-08
22:14:30.000000000 +0100
@@ -1,8 +1,22 @@
+## 0.8.3 (2022-11-03)
+- Replace the about page with a new home page ([#666])
+- Render advisory-db's `CONTRIBUTING.md` on the website ([#666])
+- Add an icon for external links on the website ([#675])
+- Don't build `comrak` with default features ([#677])
+- Don't build `chrono` with default features ([#679])
+- Update `chrono` to v0.4.22 ([#679])
+
+[#666]: https://github.com/rustsec/rustsec/pull/666
+[#675]: https://github.com/rustsec/rustsec/pull/675
+[#677]: https://github.com/rustsec/rustsec/pull/677
+[#679]: https://github.com/rustsec/rustsec/pull/679
+
## 0.8.2 (2022-08-28)
- Add a search field for IDs and packages on the website ([#641])
- Adjust website templates to advertise GHSA integration on rustsec.org
([#665])
-[#633]: https://github.com/rustsec/rustsec/pull/633
+[#641]: https://github.com/rustsec/rustsec/pull/641
+[#665]: https://github.com/rustsec/rustsec/pull/665
## 0.8.1 (2022-08-09)
- Adjust website templates to advertise OSV integration on rustsec.org ([#633])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rustsec-0.17.3~git0.fdb9752/admin/Cargo.toml
new/rustsec-0.17.4~git0.0b05e18/admin/Cargo.toml
--- old/rustsec-0.17.3~git0.fdb9752/admin/Cargo.toml 2022-11-01
19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/admin/Cargo.toml 2022-11-08
22:14:30.000000000 +0100
@@ -1,7 +1,7 @@
[package]
name = "rustsec-admin"
description = "Admin utility for maintaining the RustSec Advisory Database"
-version = "0.8.2"
+version = "0.8.3"
authors = ["Tony Arcieri <basc...@gmail.com>"]
license = "Apache-2.0 OR MIT"
homepage = "https://rustsec.org";
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/rustsec-0.17.3~git0.fdb9752/admin/src/web/static/css/index.css
new/rustsec-0.17.4~git0.0b05e18/admin/src/web/static/css/index.css
--- old/rustsec-0.17.3~git0.fdb9752/admin/src/web/static/css/index.css
2022-11-01 19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/admin/src/web/static/css/index.css
2022-11-08 22:14:30.000000000 +0100
@@ -162,6 +162,12 @@
margin-top: 20px;
}
+@media (max-width: 800px) {
+ .row {
+ flex-direction: column;
+ }
+}
+
.column {
flex: 1;
background-color: #282828;
@@ -192,6 +198,12 @@
margin: auto;
}
+@media (max-width: 800px) {
+ .header-row {
+ flex-direction: column;
+ }
+}
+
.header-column-text {
flex: 3;
padding: 15px;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/rustsec-0.17.3~git0.fdb9752/admin/src/web/templates/index.html
new/rustsec-0.17.4~git0.0b05e18/admin/src/web/templates/index.html
--- old/rustsec-0.17.3~git0.fdb9752/admin/src/web/templates/index.html
2022-11-01 19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/admin/src/web/templates/index.html
2022-11-08 22:14:30.000000000 +0100
@@ -63,8 +63,9 @@
<div class="row">
<div class="column">
- <h3><a
href="https://github.com/rust-secure-code/cargo-auditable";>cargo-auditable</a></h3>
+ <h3><code>cargo-auditable</code></h3>
<p>Embed the dependency tree into compiled executables, to
make production Rust binaries auditable by cargo-audit.</p>
+ <p class="get-started-button"><a class="button"
href="https://github.com/rust-secure-code/cargo-auditable";>Get started</a></p>
</div>
<div class="column">
<h3><code>cargo-audit</code> Github action</h3>
@@ -73,7 +74,6 @@
<code>rust-audit-check</code> Github action.
</p>
<p class="get-started-button"><a class="button"
href="https://github.com/rustsec/audit-check";>Get started</a></p>
-
</div>
<div class="column">
<h3><code>cargo-deny</code> Github action</h3>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rustsec-0.17.3~git0.fdb9752/cargo-audit/CHANGELOG.md
new/rustsec-0.17.4~git0.0b05e18/cargo-audit/CHANGELOG.md
--- old/rustsec-0.17.3~git0.fdb9752/cargo-audit/CHANGELOG.md 2022-11-01
19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/cargo-audit/CHANGELOG.md 2022-11-08
22:14:30.000000000 +0100
@@ -4,6 +4,14 @@
The format is based on [Keep a
Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic
Versioning](https://semver.org/spec/v2.0.0.html).
+## 0.17.4 (2022-11-08)
+### Fixed
+
+ - Checks for yanked crates were broken since 0.17.0. This release restores
them and adds tests to prevent future regressions.
+
+### Changed
+ - Binary scanning is enabled by default and documented as such. It can still
be disabled by disabling the `binary-scanning` feature.
+
## 0.17.3 (2022-11-01)
### Added
@@ -18,6 +26,7 @@
- Up to 5x faster `cargo audit bin` when scanning multiple files thanks to
caching crates.io index lookups (implemented in `rustsec` crate).
- Notices about `cargo audit` or `rustsec` will now result in a scanning
error being reported (exit code 2) as opposed to reporting them as
vulnerabilities in the scanned binary (exit code 1). They are treated as
warnings by default, so `--deny=warnings` is required to observe the new
behavior.
+ - The `binary-scanning` feature that adds the `cargo audit bin` subcommand is
now enabled by default, but is not documented as such.
[#729]: https://github.com/rustsec/rustsec/pull/729
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/rustsec-0.17.3~git0.fdb9752/cargo-audit/CODE_OF_CONDUCT.md
new/rustsec-0.17.4~git0.0b05e18/cargo-audit/CODE_OF_CONDUCT.md
--- old/rustsec-0.17.3~git0.fdb9752/cargo-audit/CODE_OF_CONDUCT.md
2022-11-01 19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/cargo-audit/CODE_OF_CONDUCT.md
1970-01-01 01:00:00.000000000 +0100
@@ -1,74 +0,0 @@
-# Contributor Covenant Code of Conduct
-
-## Our Pledge
-
-In the interest of fostering an open and welcoming environment, we as
-contributors and maintainers pledge to making participation in our project and
-our community a harassment-free experience for everyone, regardless of age,
body
-size, disability, ethnicity, gender identity and expression, level of
experience,
-nationality, personal appearance, race, religion, or sexual identity and
-orientation.
-
-## Our Standards
-
-Examples of behavior that contributes to creating a positive environment
-include:
-
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
-
-Examples of unacceptable behavior by participants include:
-
-* The use of sexualized language or imagery and unwelcome sexual attention or
-advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
- address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
- professional setting
-
-## Our Responsibilities
-
-Project maintainers are responsible for clarifying the standards of acceptable
-behavior and are expected to take appropriate and fair corrective action in
-response to any instances of unacceptable behavior.
-
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
-
-## Scope
-
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
-address, posting via an official social media account, or acting as an
appointed
-representative at an online or offline event. Representation of a project may
be
-further defined and clarified by project maintainers.
-
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at basc...@gmail.com. All
-complaints will be reviewed and investigated and will result in a response that
-is deemed necessary and appropriate to the circumstances. The project team is
-obligated to maintain confidentiality with regard to the reporter of an
incident.
-Further details of specific enforcement policies may be posted separately.
-
-Project maintainers who do not follow or enforce the Code of Conduct in good
-faith may face temporary or permanent repercussions as determined by other
-members of the project's leadership.
-
-## Attribution
-
-This Code of Conduct is adapted from the [Contributor Covenant][homepage],
version 1.4,
-available at [http://contributor-covenant.org/version/1/4][version]
-
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/4/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rustsec-0.17.3~git0.fdb9752/cargo-audit/Cargo.toml
new/rustsec-0.17.4~git0.0b05e18/cargo-audit/Cargo.toml
--- old/rustsec-0.17.3~git0.fdb9752/cargo-audit/Cargo.toml 2022-11-01
19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/cargo-audit/Cargo.toml 2022-11-08
22:14:30.000000000 +0100
@@ -1,7 +1,7 @@
[package]
name = "cargo-audit"
description = "Audit Cargo.lock for crates with security vulnerabilities"
-version = "0.17.3"
+version = "0.17.4"
authors = ["Tony Arcieri <basc...@gmail.com>"]
license = "Apache-2.0 OR MIT"
homepage = "https://rustsec.org";
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rustsec-0.17.3~git0.fdb9752/cargo-audit/README.md
new/rustsec-0.17.4~git0.0b05e18/cargo-audit/README.md
--- old/rustsec-0.17.3~git0.fdb9752/cargo-audit/README.md 2022-11-01
19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/cargo-audit/README.md 2022-11-08
22:14:30.000000000 +0100
@@ -7,7 +7,7 @@
![Apache 2.0 OR MIT licensed][license-image]
[![Project Chat][chat-image]][chat-link]
-Audit `Cargo.lock` files for crates with security vulnerabilities reported to
the
+Audit your dependencies for crates with security vulnerabilities reported to
the
[RustSec Advisory Database].
## Requirements
@@ -66,7 +66,7 @@
```
Once installed, run `cargo audit fix` to automatically fix vulnerable
-dependency requirements:
+dependency requirements in your `Cargo.toml`:
<img
src="https://raw.githubusercontent.com/RustSec/cargo-audit/c857beb/img/screenshot-fix.png";
alt="Screenshot" style="max-width:100%;">
@@ -76,9 +76,12 @@
## `cargo audit bin` subcommand
+Run `cargo audit bin` followed by the paths to your binaries to audit them:
+
+<img
src="https://github.com/rustsec/rustsec/raw/46eeb09cef411bbe926a82c8a0d678a3e43299a1/.img/screenshot-bin.png";
alt="Screenshot" style="max-width:100%;">
+
If your programs have been compiled with [`cargo
auditable`](https://github.com/rust-secure-code/cargo-auditable),
-they can be audited even without having the original `Cargo.lock`,
-because all the necessary information is embedded in the compiled binary.
+the audit is fully accurate because all the necessary information is embedded
in the compiled binary.
For binaries that were not compiled with [`cargo
auditable`](https://github.com/rust-secure-code/cargo-auditable)
it will recover a part of the dependency list by parsing panic messages.
@@ -86,16 +89,6 @@
because the Rust compiler is very good at removing unnecessary panics,
but that's better than having no vulnerability information whatsoever.
-To use binary scanning, install `cargo audit` with the `binary-scanning`
feature enabled:
-
-```
-$ cargo install cargo-audit --features=binary-scanning
-```
-
-Once installed, run `cargo audit bin` followed by the paths to your binaries
to audit them:
-
-<img
src="https://github.com/rustsec/rustsec/raw/46eeb09cef411bbe926a82c8a0d678a3e43299a1/.img/screenshot-bin.png";
alt="Screenshot" style="max-width:100%;">
-
## Ignoring advisories
The first and best way to fix a vulnerability is to upgrade the vulnerable
crate.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/rustsec-0.17.3~git0.fdb9752/cargo-audit/src/auditor.rs
new/rustsec-0.17.4~git0.0b05e18/cargo-audit/src/auditor.rs
--- old/rustsec-0.17.3~git0.fdb9752/cargo-audit/src/auditor.rs 2022-11-01
19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/cargo-audit/src/auditor.rs 2022-11-08
22:14:30.000000000 +0100
@@ -3,7 +3,6 @@
use crate::{config::AuditConfig, lockfile, prelude::*, presenter::Presenter};
use rustsec::{registry, report, Error, ErrorKind, Lockfile, Warning,
WarningKind};
use std::{
- collections::btree_map as map,
io::{self, Read},
path::Path,
process::exit,
@@ -204,19 +203,13 @@
let mut report = rustsec::Report::generate(&self.database, lockfile,
&self.report_settings);
// Warn for yanked crates
- if let Some(index) = &mut self.registry_index {
- if let Ok(yanked) = index.find_yanked(&lockfile.packages) {
- for pkg in yanked {
- let warning = Warning::new(WarningKind::Yanked, pkg, None,
None);
-
- match report.warnings.entry(WarningKind::Yanked) {
- map::Entry::Occupied(entry) =>
(*entry.into_mut()).push(warning),
- map::Entry::Vacant(entry) => {
- entry.insert(vec![warning]);
- }
- }
- }
- }
+ let mut yanked = self.check_for_yanked_crates(lockfile);
+ if !yanked.is_empty() {
+ report
+ .warnings
+ .entry(WarningKind::Yanked)
+ .or_default()
+ .append(&mut yanked);
}
let self_advisories = self.self_advisories();
@@ -227,6 +220,32 @@
Ok(report)
}
+ fn check_for_yanked_crates(&mut self, lockfile: &Lockfile) -> Vec<Warning>
{
+ let mut result = Vec::new();
+ if let Some(index) = &mut self.registry_index {
+ for pkg in &lockfile.packages {
+ if let Some(source) = &pkg.source {
+ // only check for yanking if the package comes from
crates.io
+ if source.is_default_registry() {
+ match index.is_yanked(pkg) {
+ Ok(false) => (),
+ Ok(true) => {
+ let warning =
Warning::new(WarningKind::Yanked, pkg, None, None);
+ result.push(warning);
+ }
+ Err(e) => status_err!(
+ "couldn't check if the package {} is yanked:
{}",
+ &pkg.name,
+ e
+ ),
+ }
+ }
+ }
+ }
+ }
+ result
+ }
+
/// Load the lockfile to be audited
fn load_lockfile(&self, lockfile_path: &Path) -> rustsec::Result<Lockfile>
{
if lockfile_path == Path::new("-") {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/rustsec-0.17.3~git0.fdb9752/cargo-audit/tests/acceptance.rs
new/rustsec-0.17.4~git0.0b05e18/cargo-audit/tests/acceptance.rs
--- old/rustsec-0.17.3~git0.fdb9752/cargo-audit/tests/acceptance.rs
2022-11-01 19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/cargo-audit/tests/acceptance.rs
2022-11-08 22:14:30.000000000 +0100
@@ -68,6 +68,11 @@
new_cmd_runner("unmaintained")
}
+/// Get a `CmdRunner` to a project with a yanked dependency
+pub fn yanked_cmd_runner() -> CmdRunner {
+ new_cmd_runner("yanked")
+}
+
/// Get the advisory JSON output from a `CmdRunner`
pub fn get_advisories_json(process: &mut Process) -> serde_json::Value {
let mut output = String::new();
@@ -93,7 +98,7 @@
#[test]
fn unmaintained_exit_success_by_default() {
- unmaintained_cmd_runner().status().expect_code(0);
+ unmaintained_cmd_runner().status().expect_success();
}
#[test]
@@ -103,6 +108,21 @@
let process = runner.run();
process.wait().unwrap().expect_code(1);
}
+
+#[test]
+fn yanked_exit_success_by_default() {
+ let runner = yanked_cmd_runner();
+ let process = runner.run();
+ process.wait().unwrap().expect_success();
+}
+
+#[test]
+fn yanked_exit_failure_deny_yanked() {
+ let mut runner = yanked_cmd_runner();
+ runner.arg("--deny=yanked");
+ let process = runner.run();
+ process.wait().unwrap().expect_code(1);
+}
#[test]
fn no_advisories_found_empty_json() {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/rustsec-0.17.3~git0.fdb9752/cargo-audit/tests/support/yanked/Cargo.lock
new/rustsec-0.17.4~git0.0b05e18/cargo-audit/tests/support/yanked/Cargo.lock
--- old/rustsec-0.17.3~git0.fdb9752/cargo-audit/tests/support/yanked/Cargo.lock
1970-01-01 01:00:00.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/cargo-audit/tests/support/yanked/Cargo.lock
2022-11-08 22:14:30.000000000 +0100
@@ -0,0 +1,16 @@
+# This file is automatically @generated by Cargo.
+# It is not intended for manual editing.
+version = 3
+
+[[package]]
+name = "rustsec-example-crate"
+version = "0.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index";
+checksum = "dd8f09fe07eddc205c81b5622267ef9cf00dcf58c2610558937fd4b645e2e2a3"
+
+[[package]]
+name = "yanked"
+version = "0.1.0"
+dependencies = [
+ "rustsec-example-crate",
+]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/rustsec-0.17.3~git0.fdb9752/cargo-audit/tests/support/yanked/Cargo.toml
new/rustsec-0.17.4~git0.0b05e18/cargo-audit/tests/support/yanked/Cargo.toml
--- old/rustsec-0.17.3~git0.fdb9752/cargo-audit/tests/support/yanked/Cargo.toml
1970-01-01 01:00:00.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/cargo-audit/tests/support/yanked/Cargo.toml
2022-11-08 22:14:30.000000000 +0100
@@ -0,0 +1,14 @@
+[package]
+name = "yanked"
+version = "0.1.0"
+edition = "2021"
+
+# See more keys and their definitions at
https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+# depend on the yanked `rustsec-example-crate` crate version
+rustsec-example-crate = "=0.0.0"
+# if you need to regenerate the lockfile, you can follow the steps outlined in
+# https://github.com/rust-lang/cargo/issues/4225 to build a patched Cargo
+
+[workspace]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/rustsec-0.17.3~git0.fdb9752/cargo-audit/tests/support/yanked/src/main.rs
new/rustsec-0.17.4~git0.0b05e18/cargo-audit/tests/support/yanked/src/main.rs
---
old/rustsec-0.17.3~git0.fdb9752/cargo-audit/tests/support/yanked/src/main.rs
1970-01-01 01:00:00.000000000 +0100
+++
new/rustsec-0.17.4~git0.0b05e18/cargo-audit/tests/support/yanked/src/main.rs
2022-11-08 22:14:30.000000000 +0100
@@ -0,0 +1,3 @@
+fn main() {
+ println!("Hello, world!");
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rustsec-0.17.3~git0.fdb9752/cvss/CODE_OF_CONDUCT.md
new/rustsec-0.17.4~git0.0b05e18/cvss/CODE_OF_CONDUCT.md
--- old/rustsec-0.17.3~git0.fdb9752/cvss/CODE_OF_CONDUCT.md 2022-11-01
19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/cvss/CODE_OF_CONDUCT.md 1970-01-01
01:00:00.000000000 +0100
@@ -1,74 +0,0 @@
-# Contributor Covenant Code of Conduct
-
-## Our Pledge
-
-In the interest of fostering an open and welcoming environment, we as
-contributors and maintainers pledge to making participation in our project and
-our community a harassment-free experience for everyone, regardless of age,
body
-size, disability, ethnicity, gender identity and expression, level of
experience,
-nationality, personal appearance, race, religion, or sexual identity and
-orientation.
-
-## Our Standards
-
-Examples of behavior that contributes to creating a positive environment
-include:
-
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
-
-Examples of unacceptable behavior by participants include:
-
-* The use of sexualized language or imagery and unwelcome sexual attention or
-advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
- address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
- professional setting
-
-## Our Responsibilities
-
-Project maintainers are responsible for clarifying the standards of acceptable
-behavior and are expected to take appropriate and fair corrective action in
-response to any instances of unacceptable behavior.
-
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
-
-## Scope
-
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
-address, posting via an official social media account, or acting as an
appointed
-representative at an online or offline event. Representation of a project may
be
-further defined and clarified by project maintainers.
-
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at basc...@gmail.com. All
-complaints will be reviewed and investigated and will result in a response that
-is deemed necessary and appropriate to the circumstances. The project team is
-obligated to maintain confidentiality with regard to the reporter of an
incident.
-Further details of specific enforcement policies may be posted separately.
-
-Project maintainers who do not follow or enforce the Code of Conduct in good
-faith may face temporary or permanent repercussions as determined by other
-members of the project's leadership.
-
-## Attribution
-
-This Code of Conduct is adapted from the [Contributor Covenant][homepage],
version 1.4,
-available at [http://contributor-covenant.org/version/1/4][version]
-
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/4/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/rustsec-0.17.3~git0.fdb9752/platforms/CODE_OF_CONDUCT.md
new/rustsec-0.17.4~git0.0b05e18/platforms/CODE_OF_CONDUCT.md
--- old/rustsec-0.17.3~git0.fdb9752/platforms/CODE_OF_CONDUCT.md
2022-11-01 19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/platforms/CODE_OF_CONDUCT.md
1970-01-01 01:00:00.000000000 +0100
@@ -1,74 +0,0 @@
-# Contributor Covenant Code of Conduct
-
-## Our Pledge
-
-In the interest of fostering an open and welcoming environment, we as
-contributors and maintainers pledge to making participation in our project and
-our community a harassment-free experience for everyone, regardless of age,
body
-size, disability, ethnicity, gender identity and expression, level of
experience,
-nationality, personal appearance, race, religion, or sexual identity and
-orientation.
-
-## Our Standards
-
-Examples of behavior that contributes to creating a positive environment
-include:
-
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
-
-Examples of unacceptable behavior by participants include:
-
-* The use of sexualized language or imagery and unwelcome sexual attention or
-advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
- address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
- professional setting
-
-## Our Responsibilities
-
-Project maintainers are responsible for clarifying the standards of acceptable
-behavior and are expected to take appropriate and fair corrective action in
-response to any instances of unacceptable behavior.
-
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
-
-## Scope
-
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
-address, posting via an official social media account, or acting as an
appointed
-representative at an online or offline event. Representation of a project may
be
-further defined and clarified by project maintainers.
-
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at basc...@gmail.com. All
-complaints will be reviewed and investigated and will result in a response that
-is deemed necessary and appropriate to the circumstances. The project team is
-obligated to maintain confidentiality with regard to the reporter of an
incident.
-Further details of specific enforcement policies may be posted separately.
-
-Project maintainers who do not follow or enforce the Code of Conduct in good
-faith may face temporary or permanent repercussions as determined by other
-members of the project's leadership.
-
-## Attribution
-
-This Code of Conduct is adapted from the [Contributor Covenant][homepage],
version 1.4,
-available at [http://contributor-covenant.org/version/1/4][version]
-
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/4/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rustsec-0.17.3~git0.fdb9752/platforms/Cargo.toml
new/rustsec-0.17.4~git0.0b05e18/platforms/Cargo.toml
--- old/rustsec-0.17.3~git0.fdb9752/platforms/Cargo.toml 2022-11-01
19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/platforms/Cargo.toml 2022-11-08
22:14:30.000000000 +0100
@@ -4,7 +4,7 @@
Rust platform registry with information about valid Rust platforms (target
triple, target_arch, target_os) sourced from the Rust compiler.
"""
-version = "3.0.1"
+version = "3.0.2"
authors = ["Tony Arcieri <basc...@gmail.com>"]
license = "Apache-2.0 OR MIT"
homepage = "https://rustsec.org";
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/rustsec-0.17.3~git0.fdb9752/platforms/src/platform/platforms.rs
new/rustsec-0.17.4~git0.0b05e18/platforms/src/platform/platforms.rs
--- old/rustsec-0.17.3~git0.fdb9752/platforms/src/platform/platforms.rs
2022-11-01 19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/platforms/src/platform/platforms.rs
2022-11-08 22:14:30.000000000 +0100
@@ -48,9 +48,12 @@
ARM_UNKNOWN_LINUX_MUSLEABI,
ARM_UNKNOWN_LINUX_MUSLEABIHF,
ARM64_32_APPLE_WATCHOS,
+ ARMEB_UNKNOWN_LINUX_GNUEABI,
ARMEBV7R_NONE_EABI,
ARMEBV7R_NONE_EABIHF,
+ ARMV4T_NONE_EABI,
ARMV4T_UNKNOWN_LINUX_GNUEABI,
+ ARMV5TE_NONE_EABI,
ARMV5TE_UNKNOWN_LINUX_GNUEABI,
ARMV5TE_UNKNOWN_LINUX_MUSLEABI,
ARMV5TE_UNKNOWN_LINUX_UCLIBCEABI,
@@ -109,6 +112,7 @@
MIPS64EL_UNKNOWN_LINUX_GNUABI64,
MIPS64EL_UNKNOWN_LINUX_MUSLABI64,
MIPSEL_SONY_PSP,
+ MIPSEL_SONY_PSX,
MIPSEL_UNKNOWN_LINUX_GNU,
MIPSEL_UNKNOWN_LINUX_MUSL,
MIPSEL_UNKNOWN_LINUX_UCLIBC,
@@ -130,6 +134,7 @@
POWERPC64_UNKNOWN_FREEBSD,
POWERPC64_UNKNOWN_LINUX_GNU,
POWERPC64_UNKNOWN_LINUX_MUSL,
+ POWERPC64_UNKNOWN_OPENBSD,
POWERPC64_WRS_VXWORKS,
POWERPC64LE_UNKNOWN_FREEBSD,
POWERPC64LE_UNKNOWN_LINUX_GNU,
@@ -146,6 +151,7 @@
RISCV64GC_UNKNOWN_LINUX_GNU,
RISCV64GC_UNKNOWN_LINUX_MUSL,
RISCV64GC_UNKNOWN_NONE_ELF,
+ RISCV64GC_UNKNOWN_OPENBSD,
RISCV64IMAC_UNKNOWN_NONE_ELF,
S390X_UNKNOWN_LINUX_GNU,
S390X_UNKNOWN_LINUX_MUSL,
@@ -155,6 +161,7 @@
SPARC64_UNKNOWN_OPENBSD,
SPARCV9_SUN_SOLARIS,
THUMBV4T_NONE_EABI,
+ THUMBV5TE_NONE_EABI,
THUMBV6M_NONE_EABI,
THUMBV7A_PC_WINDOWS_MSVC,
THUMBV7A_UWP_WINDOWS_MSVC,
@@ -357,7 +364,7 @@
tier: Tier::Three,
};
-/// ARM64 Linux (kernel 4.2, glibc 2.17+) [^missing-stack-probes]
+/// ARM64 Linux (kernel 4.1, glibc 2.17+) [^missing-stack-probes]
pub(crate) const AARCH64_UNKNOWN_LINUX_GNU: Platform = Platform {
target_triple: "aarch64-unknown-linux-gnu",
target_arch: Arch::AArch64,
@@ -563,6 +570,17 @@
tier: Tier::Three,
};
+/// ARM BE8 the default ARM big-endian architecture since
[ARMv6](https://developer.arm.com/documentation/101754/0616/armlink-Reference/armlink-Command-line-Options/--be8?lang=en).
+pub(crate) const ARMEB_UNKNOWN_LINUX_GNUEABI: Platform = Platform {
+ target_triple: "armeb-unknown-linux-gnueabi",
+ target_arch: Arch::Arm,
+ target_os: OS::Linux,
+ target_env: Env::Gnu,
+ target_endian: Endian::Big,
+ target_pointer_width: PointerWidth::U32,
+ tier: Tier::Three,
+};
+
/// Bare ARMv7-R, Big Endian
pub(crate) const ARMEBV7R_NONE_EABI: Platform = Platform {
target_triple: "armebv7r-none-eabi",
@@ -585,6 +603,17 @@
tier: Tier::Two,
};
+/// ARMv4T A32
+pub(crate) const ARMV4T_NONE_EABI: Platform = Platform {
+ target_triple: "armv4t-none-eabi",
+ target_arch: Arch::Arm,
+ target_os: OS::None,
+ target_env: Env::None,
+ target_endian: Endian::Little,
+ target_pointer_width: PointerWidth::U32,
+ tier: Tier::Three,
+};
+
pub(crate) const ARMV4T_UNKNOWN_LINUX_GNUEABI: Platform = Platform {
target_triple: "armv4t-unknown-linux-gnueabi",
target_arch: Arch::Arm,
@@ -595,6 +624,17 @@
tier: Tier::Three,
};
+/// ARMv5TE A32
+pub(crate) const ARMV5TE_NONE_EABI: Platform = Platform {
+ target_triple: "armv5te-none-eabi",
+ target_arch: Arch::Arm,
+ target_os: OS::None,
+ target_env: Env::None,
+ target_endian: Endian::Little,
+ target_pointer_width: PointerWidth::U32,
+ tier: Tier::Three,
+};
+
/// ARMv5TE Linux (kernel 4.4, glibc 2.23)
pub(crate) const ARMV5TE_UNKNOWN_LINUX_GNUEABI: Platform = Platform {
target_triple: "armv5te-unknown-linux-gnueabi",
@@ -942,7 +982,7 @@
tier: Tier::Two,
};
-/// 32-bit Linux w/o SSE (kernel 4.4, glibc 2.23)
+/// 32-bit Linux w/o SSE (kernel 3.2, glibc 2.17)
pub(crate) const I586_UNKNOWN_LINUX_GNU: Platform = Platform {
target_triple: "i586-unknown-linux-gnu",
target_arch: Arch::X86,
@@ -1030,7 +1070,7 @@
tier: Tier::Three,
};
-/// 32-bit Linux (kernel 2.6.32+, glibc 2.11+)
+/// 32-bit Linux (kernel 3.2+, glibc 2.17+)
pub(crate) const I686_UNKNOWN_LINUX_GNU: Platform = Platform {
target_triple: "i686-unknown-linux-gnu",
target_arch: Arch::X86,
@@ -1225,6 +1265,17 @@
tier: Tier::Three,
};
+/// MIPS (LE) Sony PlayStation 1 (PSX)
+pub(crate) const MIPSEL_SONY_PSX: Platform = Platform {
+ target_triple: "mipsel-sony-psx",
+ target_arch: Arch::Mips,
+ target_os: OS::None,
+ target_env: Env::Psx,
+ target_endian: Endian::Little,
+ target_pointer_width: PointerWidth::U32,
+ tier: Tier::Three,
+};
+
/// MIPS (LE) Linux (kernel 4.4, glibc 2.23)
pub(crate) const MIPSEL_UNKNOWN_LINUX_GNU: Platform = Platform {
target_triple: "mipsel-unknown-linux-gnu",
@@ -1342,7 +1393,7 @@
tier: Tier::Three,
};
-/// PowerPC Linux (kernel 2.6.32, glibc 2.11)
+/// PowerPC Linux (kernel 3.2, glibc 2.17)
pub(crate) const POWERPC_UNKNOWN_LINUX_GNU: Platform = Platform {
target_triple: "powerpc-unknown-linux-gnu",
target_arch: Arch::PowerPc,
@@ -1425,7 +1476,7 @@
tier: Tier::Three,
};
-/// PPC64 Linux (kernel 2.6.32, glibc 2.11)
+/// PPC64 Linux (kernel 3.2, glibc 2.17)
pub(crate) const POWERPC64_UNKNOWN_LINUX_GNU: Platform = Platform {
target_triple: "powerpc64-unknown-linux-gnu",
target_arch: Arch::PowerPc64,
@@ -1446,6 +1497,17 @@
tier: Tier::Three,
};
+/// OpenBSD/powerpc64
+pub(crate) const POWERPC64_UNKNOWN_OPENBSD: Platform = Platform {
+ target_triple: "powerpc64-unknown-openbsd",
+ target_arch: Arch::PowerPc64,
+ target_os: OS::OpenBSD,
+ target_env: Env::None,
+ target_endian: Endian::Big,
+ target_pointer_width: PointerWidth::U64,
+ tier: Tier::Three,
+};
+
pub(crate) const POWERPC64_WRS_VXWORKS: Platform = Platform {
target_triple: "powerpc64-wrs-vxworks",
target_arch: Arch::PowerPc64,
@@ -1620,6 +1682,17 @@
tier: Tier::Two,
};
+/// OpenBSD/riscv64
+pub(crate) const RISCV64GC_UNKNOWN_OPENBSD: Platform = Platform {
+ target_triple: "riscv64gc-unknown-openbsd",
+ target_arch: Arch::Riscv64,
+ target_os: OS::OpenBSD,
+ target_env: Env::None,
+ target_endian: Endian::Little,
+ target_pointer_width: PointerWidth::U64,
+ tier: Tier::Three,
+};
+
/// Bare RISC-V (RV64IMAC ISA)
pub(crate) const RISCV64IMAC_UNKNOWN_NONE_ELF: Platform = Platform {
target_triple: "riscv64imac-unknown-none-elf",
@@ -1631,7 +1704,7 @@
tier: Tier::Two,
};
-/// S390x Linux (kernel 2.6.32, glibc 2.12)
+/// S390x Linux (kernel 3.2, glibc 2.17)
pub(crate) const S390X_UNKNOWN_LINUX_GNU: Platform = Platform {
target_triple: "s390x-unknown-linux-gnu",
target_arch: Arch::S390X,
@@ -1642,7 +1715,7 @@
tier: Tier::Two,
};
-/// S390x Linux (kernel 2.6.32, MUSL)
+/// S390x Linux (kernel 3.2, MUSL)
pub(crate) const S390X_UNKNOWN_LINUX_MUSL: Platform = Platform {
target_triple: "s390x-unknown-linux-musl",
target_arch: Arch::S390X,
@@ -1719,6 +1792,17 @@
tier: Tier::Three,
};
+/// ARMv5TE T32
+pub(crate) const THUMBV5TE_NONE_EABI: Platform = Platform {
+ target_triple: "thumbv5te-none-eabi",
+ target_arch: Arch::Arm,
+ target_os: OS::None,
+ target_env: Env::None,
+ target_endian: Endian::Little,
+ target_pointer_width: PointerWidth::U32,
+ tier: Tier::Three,
+};
+
/// Bare Cortex-M0, M0+, M1
pub(crate) const THUMBV6M_NONE_EABI: Platform = Platform {
target_triple: "thumbv6m-none-eabi",
@@ -2100,7 +2184,7 @@
tier: Tier::Three,
};
-/// 64-bit Linux (kernel 2.6.32+, glibc 2.11+)
+/// 64-bit Linux (kernel 3.2+, glibc 2.17+)
pub(crate) const X86_64_UNKNOWN_LINUX_GNU: Platform = Platform {
target_triple: "x86_64-unknown-linux-gnu",
target_arch: Arch::X86_64,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/rustsec-0.17.3~git0.fdb9752/platforms/src/target/env.rs
new/rustsec-0.17.4~git0.0b05e18/platforms/src/target/env.rs
--- old/rustsec-0.17.3~git0.fdb9752/platforms/src/target/env.rs 2022-11-01
19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/platforms/src/target/env.rs 2022-11-08
22:14:30.000000000 +0100
@@ -35,6 +35,9 @@
/// `newlib`
Newlib,
+ /// `psx`
+ Psx,
+
/// `relibc`
Relibc,
@@ -56,6 +59,7 @@
Env::Msvc => "msvc",
Env::Musl => "musl",
Env::Newlib => "newlib",
+ Env::Psx => "psx",
Env::Relibc => "relibc",
Env::Sgx => "sgx",
Env::UClibc => "uclibc",
@@ -76,6 +80,7 @@
"msvc" => Env::Msvc,
"musl" => Env::Musl,
"newlib" => Env::Newlib,
+ "psx" => Env::Psx,
"relibc" => Env::Relibc,
"sgx" => Env::Sgx,
"uclibc" => Env::UClibc,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/rustsec-0.17.3~git0.fdb9752/rustsec/CODE_OF_CONDUCT.md
new/rustsec-0.17.4~git0.0b05e18/rustsec/CODE_OF_CONDUCT.md
--- old/rustsec-0.17.3~git0.fdb9752/rustsec/CODE_OF_CONDUCT.md 2022-11-01
19:18:25.000000000 +0100
+++ new/rustsec-0.17.4~git0.0b05e18/rustsec/CODE_OF_CONDUCT.md 1970-01-01
01:00:00.000000000 +0100
@@ -1,74 +0,0 @@
-# Contributor Covenant Code of Conduct
-
-## Our Pledge
-
-In the interest of fostering an open and welcoming environment, we as
-contributors and maintainers pledge to making participation in our project and
-our community a harassment-free experience for everyone, regardless of age,
body
-size, disability, ethnicity, gender identity and expression, level of
experience,
-nationality, personal appearance, race, religion, or sexual identity and
-orientation.
-
-## Our Standards
-
-Examples of behavior that contributes to creating a positive environment
-include:
-
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
-
-Examples of unacceptable behavior by participants include:
-
-* The use of sexualized language or imagery and unwelcome sexual attention or
-advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
- address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
- professional setting
-
-## Our Responsibilities
-
-Project maintainers are responsible for clarifying the standards of acceptable
-behavior and are expected to take appropriate and fair corrective action in
-response to any instances of unacceptable behavior.
-
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
-
-## Scope
-
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
-address, posting via an official social media account, or acting as an
appointed
-representative at an online or offline event. Representation of a project may
be
-further defined and clarified by project maintainers.
-
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at basc...@gmail.com. All
-complaints will be reviewed and investigated and will result in a response that
-is deemed necessary and appropriate to the circumstances. The project team is
-obligated to maintain confidentiality with regard to the reporter of an
incident.
-Further details of specific enforcement policies may be posted separately.
-
-Project maintainers who do not follow or enforce the Code of Conduct in good
-faith may face temporary or permanent repercussions as determined by other
-members of the project's leadership.
-
-## Attribution
-
-This Code of Conduct is adapted from the [Contributor Covenant][homepage],
version 1.4,
-available at [http://contributor-covenant.org/version/1/4][version]
-
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/4/
++++++ vendor.tar.xz ++++++
/work/SRC/openSUSE:Factory/cargo-audit/vendor.tar.xz
/work/SRC/openSUSE:Factory/.cargo-audit.new.1597/vendor.tar.xz differ: char 27,
line 1
![https://raw.githubusercontent.com/RustSec/cargo-audit/c857beb/img/screenshot-fix.png"](https://raw.githubusercontent.com/RustSec/cargo-audit/c857beb/img/screenshot-fix.png"){kind=link}
![https://github.com/rustsec/rustsec/raw/46eeb09cef411bbe926a82c8a0d678a3e43299a1/.img/screenshot-bin.png"](https://github.com/rustsec/rustsec/raw/46eeb09cef411bbe926a82c8a0d678a3e43299a1/.img/screenshot-bin.png"){kind=link}