rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,630 Commits 21 Branches 0 Tags
expect-deleted
Commit Graph

84 Commits

Author SHA1 Message Date
Dirkjan Ochtman
74f5810f75 Upgrade to latest rustsec-admin 2025-12-13 10:06:33 +01:00
dependabot[bot]
6c3549ab50 Bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.8 to 7.0.9.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](271a8d0340...84ae59a2cd)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-version: 7.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 16:51:50 +01:00
dependabot[bot]
d7e08cf6cb Bump actions/checkout from 5.0.0 to 6.0.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](08c6903cd8...1af3b93b68)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 16:46:36 +01:00
Dirkjan Ochtman
32546e97df ci: bump rustsec commit to use 2025-10-27 17:45:41 +01:00
Dirkjan Ochtman
609733e128 ci: fix typo in permissions key 2025-10-26 17:11:01 +01:00
William Woodruff
905622643e ci: fix create-pull-request permissions 
Signed-off-by: William Woodruff <william@astral.sh>
 2025-10-26 15:34:23 +01:00
William Woodruff
d43d0de229 ci: ratchet down permissions, pin all actions (#2444) 
Signed-off-by: William Woodruff <william@astral.sh>
 2025-10-26 12:38:01 +01:00
Dirkjan Ochtman
993fc2dd98 Bump admin git commit (#2425) 
* ci: reformat workflow files

* ci: bump admin git commit
 2025-10-21 12:00:44 +01:00
dependabot[bot]
cebfd04415 Bump actions/checkout from 4 to 5 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-12 07:53:19 +02:00
Dirkjan Ochtman
f91c52b97d Install rustsec from git (#2299) 2025-05-01 08:40:54 -06:00
Sergey "Shnatsel" Davidoff
368cc734e1 vec-const is gone from crates.io, update linter to fix CI (#2223) 
* vec-const is gone from crates.io, update linter to fix CI

* Update validate.yml
 2025-02-14 08:01:32 +00:00
dependabot[bot]
6dbff23161 Bump peter-evans/create-pull-request from 6 to 7 (#2077) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6 to 7.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v6...v7)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-10 16:39:19 +01:00
Alexis Mousset
8dc77464a3 Fix commit message for ID sync action (#1888) 2024-02-15 01:16:10 +00:00
Alexis Mousset
9187931116 Fix commit message for ID sync action (#1887) 2024-02-13 05:07:04 +01:00
Alex Gaynor
2792c8d270 Fixed syntax in sync-ids.yml (#1886) 2024-02-13 04:56:17 +01:00
Alex Gaynor
ff61dbc36b Add workflow_dispatch trigger to sync-ids (#1885) 2024-02-13 03:53:39 +00:00
Alexis Mousset
a16e39c6e9 Fix commit message for ID sync action (#1884) 2024-02-13 03:24:31 +00:00
Alexis Mousset
13e916a953 Add automation for advisories ID sync (#1882) 2024-02-12 01:38:51 +00:00
dependabot[bot]
6c0a974e07 Bump peter-evans/create-pull-request from 5 to 6 (#1874) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 5 to 6.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v5...v6)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-09 21:46:50 -05:00
dependabot[bot]
c88b5f38f2 Bump actions/cache from 3 to 4 (#1862) 
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-22 08:08:15 -07:00
Sergey "Shnatsel" Davidoff
8c5609f192 Bump rustsec-admin to 0.8.8 (#1791) 2023-09-25 18:00:04 +00:00
Alexis Mousset
0fcce3f7cb Bump rustsec-admin to 0.8.7 (#1772) 2023-09-08 09:30:37 -06:00
dependabot[bot]
53652d63d2 Bump actions/checkout from 3 to 4 (#1765) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-04 16:33:17 +02:00
Alexis Mousset
5ceeefcbba Bump rustsec-admin to 0.8.6 (#1728) 2023-07-08 16:04:33 +02:00
dependabot[bot]
c358dc290a Bump peter-evans/create-pull-request from 4 to 5 (#1677) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4 to 5.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v4...v5)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-10 09:47:56 -06:00
Sergey "Shnatsel" Davidoff
d6377e0188 Fix CI always using an outdated version of rustsec-admin (#1660) 
* Fix CI always using an outdated version of rustsec-admin

* Bump the cache key in tandem with version bump

* Dummy commit to make sure CI works on subsequent runs

* Check that the required version is installed, reinstall if not

* Fix shell syntax

* Dummy commit to make sure CI works on subsequent runs
 2023-03-24 14:38:59 +00:00
Alexis Mousset
4b4ba5b43b Update to rustsec-admin 0.8.5 (#1515) 2023-01-11 21:14:31 +01:00
Alex Gaynor
012643a050 update GHA syntax for deprecation (#1501) 
see https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
 2022-12-23 15:14:02 +01:00
Alexis Mousset
92a6db9442 Update to cargo-admin 0.8.4 (#1469) 2022-11-19 17:56:18 +01:00
Sergey "Shnatsel" Davidoff
fba5b61dfc Bump rustsec-admin to 0.8.3 (#1460) 2022-11-03 22:16:21 +01:00
Sergey "Shnatsel" Davidoff
d998cb999d bump rustsec-admin to 0.8.2 in web workflow (#1392) 2022-08-28 13:42:04 +02:00
dependabot[bot]
811c7c256c Bump peter-evans/create-pull-request from 3 to 4 (#1375) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3...v4)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-18 07:55:31 -06:00
dependabot[bot]
57c8f476a1 Bump actions/checkout from 2 to 3 (#1374) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-18 07:55:18 -06:00
dependabot[bot]
b562a37254 Bump actions/cache from 1 to 3 (#1373) 
Bumps [actions/cache](https://github.com/actions/cache) from 1 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v1...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-18 07:55:03 -06:00
LingMan
f3cc4cd03e Add a dependabot config (#1371) 
Dependabot will watch the workflow files in .github/workflows and
automatically file PRs if there are updates available for any of the used
Actions.
 2022-08-18 07:44:02 -06:00
pinkforest(she/her)
d3eccc4072 Remove yanked 2 (#1364) 
* Remove yanked 2

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>

* Test cache

* Cache back on

* Bump audit cache

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>
 2022-08-16 12:38:08 +10:00
pinkforest(she/her)
fd7df6ae1c Bump rustsec-admin deprecate yanked (#1363) 
Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>
 2022-08-14 18:44:13 -06:00
Sergey "Shnatsel" Davidoff
a8ebada593 bump rustsec-admin in publish-web workflow (#1335) 
Required for the changes from https://github.com/rustsec/rustsec/pull/633 to propagate
 2022-08-09 00:30:49 +02:00
Sergey "Shnatsel" Davidoff
c5864c24b5 Fix "ghost" ID assignment PRs (#1332) 2022-08-08 16:21:09 +02:00
pinkforest(she/her)
a6e020424c Remove redundant lint check from assign-ids (#1315) 2022-08-04 23:01:11 +02:00
pinkforest(she/her)
163b82246e Bump rust-admin 0.8.0 --skip-namecheck rustdecimal (#1308) 2022-08-05 04:34:27 +10:00
pinkforest
db78ca0149 Revert "Adopt rust-admin 0.8.0 --skip-namecheck rustdecimal" 2022-08-05 04:11:15 +10:00
pinkforest
63f44b37e5 Adopt rust-admin 0.8.0 --skip-namecheck rustdecimal 2022-08-05 04:10:34 +10:00
Tony Arcieri
c1d94fd681 Bump rustsec-admin to v0.7.0 (#1255) 
Release notes: https://github.com/rustsec/rustsec/pull/575
 2022-05-23 07:50:54 -06:00
Tony Arcieri
26a6973ff1 Bump rustsec-admin to v0.6.0 (#1101) 2021-11-13 11:38:33 -07:00
Tony Arcieri
5ad6e60967 Bump rustsec-admin to v0.5.3 (#1091) 2021-10-22 08:28:51 -06:00
Sergey "Shnatsel" Davidoff
6c092fecd4 Switch to rustsec-admin 0.5.2 (OSV 1.0) and branch osv (#1042) 2021-09-12 16:30:20 +02:00
Tony Arcieri
23d8630fbe Bump rustsec-admin to v0.5.1 (#949) 2021-07-03 13:02:47 -06:00
Sergey "Shnatsel" Davidoff
34e9832a80 OSV export: fix handling of advisories without an ID (#948) 
* OSV export: fix handling of advisories without an ID

* job will fail without -f flag on rm
 2021-07-02 17:48:46 +02:00
Sergey "Shnatsel" Davidoff
9f3eb562a2 Add OSV export CI job (#947) 2021-07-02 17:22:13 +02:00