actions-rust-lang/audit
1
0
Fork 0
mirror of https://github.com/actions-rust-lang/audit.git synced 2025-12-27 01:43:48 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #78 from actions-rust-lang/working-directory

Browse Source
This commit is contained in:
Jonas Bushart
2024-05-05 16:26:46 +03:00
committed by GitHub
parent 1010e1e336 b8800a8c21
commit 160ac8b6ed
3 changed files with 19 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
README.md
View File

@@ -49,13 +49,14 @@ cargo audit supports multiple warning types, such as unsound code or yanked crat
Configuration is only possible via the `informational_warnings` parameter in the configuration file ([#318](https://github.com/rustsec/rustsec/issues/318)).
Setting `denyWarnings` to true will also enable these warnings, but each warning is upgraded to an error.
| Name | Description | Default |
| -------------- | ------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------ |
| `TOKEN` | The GitHub access token to allow us to retrieve, create and update issues (automatically set). | `github.token` |
| `denyWarnings` | Any warnings generated will be treated as an error and fail the action. | false |
| `file` | The path to the Cargo.lock file. | |
| `ignore` | A comma separated list of Rustsec IDs to ignore. | |
| `createIssues` | Create/Update issues for each found vulnerability. By default only on `main` or `master` branch. | `github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/main'` |
| Name | Description | Default |
| ------------------ | ------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------ |
| `TOKEN` | The GitHub access token to allow us to retrieve, create and update issues (automatically set). | `github.token` |
| `denyWarnings` | Any warnings generated will be treated as an error and fail the action. | false |
| `file` | The path to the Cargo.lock file to inspect file. | |
| `ignore` | A comma separated list of Rustsec IDs to ignore. | |
| `createIssues` | Create/Update issues for each found vulnerability. By default only on `main` or `master` branch. | `github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/main'` |
| `workingDirectory` | Run `cargo audit` from the given working directory | |
## License

7
action.yml
View File

@@ -15,7 +15,7 @@ inputs:
required: false
default: "false"
file:
description: "Cargo lockfile to inspect"
description: "The path to the Cargo.lock file to inspect"
required: false
default: ""
ignore:
@@ -26,6 +26,10 @@ inputs:
description: Create/Update issues for each found vulnerability.
required: false
default: "${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' }}"
workingDirectory:
description: "Run `cargo audit` from the given working directory"
required: false
default: ""
runs:
using: composite
@@ -59,5 +63,6 @@ runs:
INPUT_FILE: ${{ inputs.file }}
INPUT_IGNORE: ${{ inputs.ignore }}
INPUT_TOKEN: ${{ inputs.TOKEN }}
INPUT_WORKING_DIRECTORY: ${{ inputs.workingDirectory }}
PYTHONPATH: ${{ github.action_path }}
REPO: ${{ github.repository }}

5
audit.py
View File

@@ -404,10 +404,15 @@ def run() -> None:
extra_args.append("--file")
extra_args.append(os.environ["INPUT_FILE"])
working_directory = None
if os.environ["INPUT_WORKING_DIRECTORY"] != "":
working_directory = os.environ["INPUT_WORKING_DIRECTORY"]
audit_cmd = ["cargo", "audit", "--json"] + extra_args + ignore_args
debug(f"Running command: {audit_cmd}")
completed = subprocess.run(
audit_cmd,
cwd=working_directory,
capture_output=True,
text=True,
check=False,