Prepare release 1.1.11

Merge pull request #56 from mbergkvist/update-permission-example
Merge pull request #61 from actions-rust-lang/pre-commit-ci-update-config
2025-12-28 05:31:49 -05:00 · 2024-01-18 21:24:19 +01:00 · 2024-01-18 21:19:51 +01:00 · 2023-12-25 23:06:34 +01:00 · 2023-12-25 17:27:46 +00:00 · 2023-12-20 00:50:37 +01:00
5 changed files with 20 additions and 6 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
  - repo: https://github.com/psf/black
-    rev: 23.10.1
+    rev: 23.12.1
    hooks:
      - id: black
  - repo: https://github.com/pre-commit/pre-commit-hooks
@@ -14,7 +14,7 @@ repos:
      - id: end-of-file-fixer
      - id: trailing-whitespace
  - repo: https://github.com/PyCQA/isort
-    rev: 5.12.0
+    rev: 5.13.2
    # https://github.com/psf/black/blob/main/docs/guides/using_black_with_other_tools.md
    hooks:
      - id: isort
@@ -25,13 +25,13 @@ repos:
      - id: pyupgrade
        args: ["--py37-plus"]
  - repo: https://github.com/pre-commit/mirrors-mypy
-    rev: v1.6.1
+    rev: v1.8.0
    hooks:
      - id: mypy
        additional_dependencies:
          - types-requests
  - repo: https://github.com/python-jsonschema/check-jsonschema
-    rev: 0.27.0
+    rev: 0.27.3
    hooks:
      - id: check-dependabot
      - id: check-github-actions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

 ## [Unreleased]

+## [1.1.11] - 2024-01-18
+
+* Allow specifying the path to the `Cargo.lock` file, in case it is not in the root of the repository (#55)
+* Update the example in the readme, to have the correct permissions for private repositories.
+
 ## [1.1.10] - 2023-11-02

 * Fix running the action, by using the correct version of the cache action.
--- a/README.md
+++ b/README.md
@@ -26,12 +26,11 @@ on:
  # Run manually
  workflow_dispatch:

-permissions: read-all
-
 jobs:
  audit:
    runs-on: ubuntu-latest
    permissions:
+      contents: read
      issues: write
    steps:
      - uses: actions/checkout@v4
@@ -54,6 +53,7 @@ Setting `denyWarnings` to true will also enable these warnings, but each warning
 | -------------- | ------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------ |
 | `TOKEN`        | The GitHub access token to allow us to retrieve, create and update issues (automatically set).   | `github.token`                                                           |
 | `denyWarnings` | Any warnings generated will be treated as an error and fail the action.                          | false                                                                    |
+| `file`         | The path to the Cargo.lock file.                                                                 | `Cargo.lock`                                                             |
 | `ignore`       | A comma separated list of Rustsec IDs to ignore.                                                 |                                                                          |
 | `createIssues` | Create/Update issues for each found vulnerability. By default only on `main` or `master` branch. | `github.ref == 'refs/heads/master' \|\| github.ref == 'refs/heads/main'` |

--- a/action.yml
+++ b/action.yml
@@ -14,6 +14,10 @@ inputs:
    description: "Any warnings generated will be treated as an error and fail the action"
    required: false
    default: "false"
+  file:
+    description: "Cargo lockfile to inspect"
+    required: false
+    default: "Cargo.lock"
  ignore:
    description: "A comma separated list of Rustsec IDs to ignore"
    required: false
@@ -52,6 +56,7 @@ runs:
      env:
        INPUT_CREATE_ISSUES: ${{ inputs.createIssues }}
        INPUT_DENY_WARNINGS: ${{ inputs.denyWarnings }}
+        INPUT_FILE: ${{ inputs.file }}
        INPUT_IGNORE: ${{ inputs.ignore }}
        INPUT_TOKEN: ${{ inputs.TOKEN }}
        PYTHONPATH: ${{ github.action_path }}
--- a/audit.py
+++ b/audit.py
@@ -398,6 +398,10 @@ def run() -> None:
        extra_args.append("--deny")
        extra_args.append("warnings")

+    if os.environ["INPUT_FILE"] != "":
+        extra_args.append("--file")
+        extra_args.append(os.environ["INPUT_FILE"])
+
    audit_cmd = ["cargo", "audit", "--json"] + extra_args + ignore_args
    debug(f"Running command: {audit_cmd}")
    completed = subprocess.run(
Author	SHA1	Message	Date
Jonas Bushart	9c29543ade	Prepare release 1.1.11	2024-01-18 21:24:19 +01:00
Jonas Bushart	dd7ccfd1ab	Merge pull request #56 from mbergkvist/update-permission-example	2024-01-18 21:19:51 +01:00
Jonas Bushart	70c2c66eb8	Merge pull request #61 from actions-rust-lang/pre-commit-ci-update-config	2023-12-25 23:06:34 +01:00
pre-commit-ci[bot]	dfa1ce2e0a	[pre-commit.ci] pre-commit autoupdate updates: - [github.com/psf/black: 23.12.0 → 23.12.1](https://github.com/psf/black/compare/23.12.0...23.12.1) - [github.com/pre-commit/mirrors-mypy: v1.7.1 → v1.8.0](https://github.com/pre-commit/mirrors-mypy/compare/v1.7.1...v1.8.0)	2023-12-25 17:27:46 +00:00
Jonas Bushart	0c92230a3a	Merge pull request #60 from actions-rust-lang/pre-commit-ci-update-config	2023-12-20 00:50:37 +01:00
pre-commit-ci[bot]	170a3db2a9	[pre-commit.ci] pre-commit autoupdate updates: - [github.com/psf/black: 23.11.0 → 23.12.0](https://github.com/psf/black/compare/23.11.0...23.12.0) - [github.com/PyCQA/isort: 5.13.0 → 5.13.2](https://github.com/PyCQA/isort/compare/5.13.0...5.13.2)	2023-12-18 17:29:43 +00:00
Jonas Bushart	656c0afdef	Merge pull request #55 from mbergkvist/add-file-input	2023-12-15 22:15:33 +01:00
Jonas Bushart	ff8437a517	Merge pull request #59 from actions-rust-lang/pre-commit-ci-update-config [pre-commit.ci] pre-commit autoupdate	2023-12-11 18:50:23 +01:00
pre-commit-ci[bot]	8d10929ca1	[pre-commit.ci] pre-commit autoupdate updates: - [github.com/PyCQA/isort: 5.12.0 → 5.13.0](https://github.com/PyCQA/isort/compare/5.12.0...5.13.0) - [github.com/python-jsonschema/check-jsonschema: 0.27.2 → 0.27.3](https://github.com/python-jsonschema/check-jsonschema/compare/0.27.2...0.27.3)	2023-12-11 17:27:10 +00:00
Jonas Bushart	e46b8c0d76	Merge pull request #58 from actions-rust-lang/pre-commit-ci-update-config [pre-commit.ci] pre-commit autoupdate	2023-11-27 20:40:36 +01:00
pre-commit-ci[bot]	7b3777bcef	[pre-commit.ci] pre-commit autoupdate updates: - [github.com/pre-commit/mirrors-mypy: v1.7.0 → v1.7.1](https://github.com/pre-commit/mirrors-mypy/compare/v1.7.0...v1.7.1) - [github.com/python-jsonschema/check-jsonschema: 0.27.1 → 0.27.2](https://github.com/python-jsonschema/check-jsonschema/compare/0.27.1...0.27.2)	2023-11-27 17:21:20 +00:00
Jonas Bushart	2ed876b7ce	Merge pull request #57 from actions-rust-lang/pre-commit-ci-update-config [pre-commit.ci] pre-commit autoupdate	2023-11-21 20:52:28 +01:00
pre-commit-ci[bot]	69f891a4a1	[pre-commit.ci] pre-commit autoupdate updates: - [github.com/psf/black: 23.10.1 → 23.11.0](https://github.com/psf/black/compare/23.10.1...23.11.0) - [github.com/pre-commit/mirrors-mypy: v1.6.1 → v1.7.0](https://github.com/pre-commit/mirrors-mypy/compare/v1.6.1...v1.7.0)	2023-11-13 17:29:11 +00:00
Markus Bergkvist	d5ad8c50af	Update README example The write permission on issues in the job sets all other scopes to 'none', including the global 'read-all', so the action failed on code check-out. Instead, set the permission for the job, also reduce it to content since that is all what is required.	2023-11-11 13:38:56 +01:00
Markus Bergkvist	681351af46	Add optional input for Cargo lockfile	2023-11-11 13:02:39 +01:00
Jonas Bushart	d974e8cc12	Merge pull request #54 from actions-rust-lang/pre-commit-ci-update-config [pre-commit.ci] pre-commit autoupdate	2023-11-07 09:31:49 +01:00
pre-commit-ci[bot]	211345ef5d	[pre-commit.ci] pre-commit autoupdate updates: - [github.com/python-jsonschema/check-jsonschema: 0.27.0 → 0.27.1](https://github.com/python-jsonschema/check-jsonschema/compare/0.27.0...0.27.1)	2023-11-06 17:21:16 +00:00