rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
1,819 Commits 21 Branches 0 Tags
revamp-docs
Commit Graph

56 Commits

Author SHA1 Message Date
Alexis Mousset
92a6db9442 Update to cargo-admin 0.8.4 (#1469) 2022-11-19 17:56:18 +01:00
Sergey "Shnatsel" Davidoff
fba5b61dfc Bump rustsec-admin to 0.8.3 (#1460) 2022-11-03 22:16:21 +01:00
Sergey "Shnatsel" Davidoff
d998cb999d bump rustsec-admin to 0.8.2 in web workflow (#1392) 2022-08-28 13:42:04 +02:00
dependabot[bot]
811c7c256c Bump peter-evans/create-pull-request from 3 to 4 (#1375) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3...v4)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-18 07:55:31 -06:00
dependabot[bot]
57c8f476a1 Bump actions/checkout from 2 to 3 (#1374) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-18 07:55:18 -06:00
dependabot[bot]
b562a37254 Bump actions/cache from 1 to 3 (#1373) 
Bumps [actions/cache](https://github.com/actions/cache) from 1 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v1...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-18 07:55:03 -06:00
LingMan
f3cc4cd03e Add a dependabot config (#1371) 
Dependabot will watch the workflow files in .github/workflows and
automatically file PRs if there are updates available for any of the used
Actions.
 2022-08-18 07:44:02 -06:00
pinkforest(she/her)
d3eccc4072 Remove yanked 2 (#1364) 
* Remove yanked 2

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>

* Test cache

* Cache back on

* Bump audit cache

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>

Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>
 2022-08-16 12:38:08 +10:00
pinkforest(she/her)
fd7df6ae1c Bump rustsec-admin deprecate yanked (#1363) 
Signed-off-by: pinkforest <36498018+pinkforest@users.noreply.github.com>
 2022-08-14 18:44:13 -06:00
Sergey "Shnatsel" Davidoff
a8ebada593 bump rustsec-admin in publish-web workflow (#1335) 
Required for the changes from https://github.com/rustsec/rustsec/pull/633 to propagate
 2022-08-09 00:30:49 +02:00
Sergey "Shnatsel" Davidoff
c5864c24b5 Fix "ghost" ID assignment PRs (#1332) 2022-08-08 16:21:09 +02:00
pinkforest(she/her)
a6e020424c Remove redundant lint check from assign-ids (#1315) 2022-08-04 23:01:11 +02:00
pinkforest(she/her)
163b82246e Bump rust-admin 0.8.0 --skip-namecheck rustdecimal (#1308) 2022-08-05 04:34:27 +10:00
pinkforest
db78ca0149 Revert "Adopt rust-admin 0.8.0 --skip-namecheck rustdecimal" 2022-08-05 04:11:15 +10:00
pinkforest
63f44b37e5 Adopt rust-admin 0.8.0 --skip-namecheck rustdecimal 2022-08-05 04:10:34 +10:00
Tony Arcieri
c1d94fd681 Bump rustsec-admin to v0.7.0 (#1255) 
Release notes: https://github.com/rustsec/rustsec/pull/575
 2022-05-23 07:50:54 -06:00
Tony Arcieri
26a6973ff1 Bump rustsec-admin to v0.6.0 (#1101) 2021-11-13 11:38:33 -07:00
Tony Arcieri
5ad6e60967 Bump rustsec-admin to v0.5.3 (#1091) 2021-10-22 08:28:51 -06:00
Sergey "Shnatsel" Davidoff
6c092fecd4 Switch to rustsec-admin 0.5.2 (OSV 1.0) and branch osv (#1042) 2021-09-12 16:30:20 +02:00
Tony Arcieri
23d8630fbe Bump rustsec-admin to v0.5.1 (#949) 2021-07-03 13:02:47 -06:00
Sergey "Shnatsel" Davidoff
34e9832a80 OSV export: fix handling of advisories without an ID (#948) 
* OSV export: fix handling of advisories without an ID

* job will fail without -f flag on rm
 2021-07-02 17:48:46 +02:00
Sergey "Shnatsel" Davidoff
9f3eb562a2 Add OSV export CI job (#947) 2021-07-02 17:22:13 +02:00
Tony Arcieri
1684325bb6 Bump rustsec-admin to v0.5.0 (#944) 2021-06-30 00:01:00 +02:00
Tony Arcieri
60b9a9e9c3 Bump rustsec-admin to v0.4.3 (#919) 2021-05-22 08:02:36 -07:00
Tony Arcieri
c91631243e Bump rustsec-admin to v0.4.2 (#892) 
This includes an atom feed generator:

https://github.com/RustSec/rustsec-admin/pull/142
 2021-05-03 08:26:22 -07:00
Tony Arcieri
3dcdf93d52 Bump rustsec-admin to v0.4.1 (#881) 
This includes improvements to the web site generator:

https://github.com/RustSec/rustsec-admin/pull/133
 2021-04-30 10:28:12 -07:00
Tony Arcieri
f960a50364 Have master-to-main mirror force push (#822) 
Not sure quote what the problem is, but it's erroring:
https://github.com/RustSec/advisory-db/runs/2051631730?check_suite_focus=true
 2021-03-07 10:44:24 -08:00
Tony Arcieri
7b10b2e7a1 Fix main -> master mirroring (#821) 2021-03-07 10:39:38 -08:00
Tony Arcieri
2c43b7001e Rename master branch to main (#820) 
Per #312
 2021-03-07 10:29:41 -08:00
Tony Arcieri
ad84df90d7 Mirror 'main' branch to 'master' (#819) 
The 'master' branch has been renamed to 'main' per:

https://github.com/RustSec/advisory-db/issues/312

However older clients are still consuming the 'master' branch.

This commit adds a GitHub Actions job which mirrors the 'main' branch to
'master' to continue supporting these older clients.
 2021-03-07 10:18:34 -08:00
Ammar Askar
ae1107e479 Update rustsec-admin version to use new website generator (#810) 2021-03-06 09:39:36 -08:00
Tony Arcieri
79c2677cfa publish-web fix (#755) 
Uses the flow suggested here:

https://github.com/actions/checkout#push-a-commit-using-the-built-in-token
 2021-02-04 13:12:34 -08:00
Tony Arcieri
67b958f393 Have publish-web GH Action auto-publish changes (#754) 
Or at least, attempt to.
 2021-02-04 12:19:22 -08:00
Tony Arcieri
049df72e54 Bump rustsec-admin to v0.3.4 (#695) 2021-01-26 12:50:49 -08:00
Sergey "Shnatsel" Davidoff
c910443c13 ID assignment action: guard against race conditions (#641) 
* ID assignment action: guard against race conditions resulting in duplicate ID assignment

* Add duplicate ID guard file
 2021-01-21 15:32:36 -08:00
Tony Arcieri
8e1ad08eee Publish Web: fix YAML indenting (#559) 2021-01-13 06:06:20 -08:00
Tony Arcieri
50451dd5b8 Publish Web: fix rustsec-admin install (#558) 
We do still need to check if `rustsec-admin` is installed, as an error
is returned if it's already installed.
 2021-01-13 06:04:12 -08:00
Tony Arcieri
a3efac5977 Add "Publish Web" GitHub Action (#557) 
Automatically rebuilds the contents of the `gh-pages` branch on merge
 2021-01-13 06:00:38 -08:00
Tony Arcieri
0708242759 Bump rustsec-admin to v0.3.3 (#547) 
Should address the bug we encountered assigning an ID to the first
advisory for a given year:

https://github.com/RustSec/advisory-db/runs/1644743652
 2021-01-04 09:35:34 -08:00
Tony Arcieri
bc8e7e0bd1 Bump rustsec-admin to v0.3.2 (#493) 2020-11-23 17:57:39 -08:00
Alex Gaynor
b78fac19c0 Bumped create-pull-request github action to v3 (#457) 2020-10-30 17:12:18 -07:00
Tony Arcieri
09a8d7b23a Bump rustsec-admin to v0.3.1 (#453) 2020-10-27 12:58:50 -07:00
Tony Arcieri
0ad26bc777 Bump rustsec-admin to v0.3.0 (#452) 2020-10-26 07:29:50 -07:00
Tony Arcieri
acc73d9598 CI: bump rustsec-admin to v0.3.0-pre3 (#440) 
Trying to fix an `assign-id` bug
 2020-10-25 11:49:14 -07:00
Tony Arcieri
5751a5f4cc CI: bump rustsec-admin to v0.3.0-pre2 (#438) 
This version has the old TOML advisories fail lint, and also hopefully
fixes automatic ID assignment.
 2020-10-25 10:58:49 -07:00
Tony Arcieri
777546f938 CI: use rustsec-admin v0.3.0-pre in assign-ids step (#421) 2020-10-02 10:56:11 -07:00
Tony Arcieri
ac125ee29a Translate database into V3 advisory format (#420) 
As proposed in #240 and tracked in #414, this PR translates all
advisories into the new "V3" advisory format, which is based on Markdown
with leading TOML front matter.

This format makes it easier to see rendered Markdown syntax
descriptions, whether rendered by an IDE or GitHub. This should help
with both crafting advisories initially as well as review, and ideally
encourages more lengthy descriptions.

Support for this format shipped in `cargo-audit` v0.12.0 on
May 6th, 2020.
 2020-10-01 18:29:11 -07:00
Alex Gaynor
ca4219e11d Fixes #334 -- give the assignment PRs a useful commit message (#344) 
* Fixes #334 -- give the assignment PRs a useful commit message

* Update assign-ids.yml
 2020-07-24 14:14:12 -04:00
Tony Arcieri
1dfcb1d64a .github: lint advisories after assigning ID (#324) 2020-06-30 11:50:26 -07:00
Alex Gaynor
48c8653408 Attempt to fix failing assign-ids task (#322) 2020-06-29 15:17:17 -07:00