From c2d5b5c4dc551684dab7a604eccc910dbcc9dfdb Mon Sep 17 00:00:00 2001 From: Jake Shadle Date: Thu, 5 Jan 2023 17:45:50 +0100 Subject: [PATCH] Update deps (#489) * Update crates * Fix issue where branch=master was incorrectly categorized * Bump 1.65.0 * Ignore another cargo duplicate --- .github/workflows/ci.yaml | 2 +- Cargo.lock | 558 +++++++++++------- Cargo.toml | 12 +- deny.toml | 22 +- src/advisories/helpers.rs | 2 +- src/cargo-deny/check.rs | 4 +- src/cargo-deny/list.rs | 2 +- src/cargo-deny/main.rs | 7 +- src/cargo-deny/stats.rs | 25 +- src/diag.rs | 2 +- src/lib.rs | 53 +- src/sources.rs | 42 +- .../cargo_deny__test__cargo_deny-check.snap | 96 ++- .../cargo_deny__test__cargo_deny-fetch.snap | 32 +- .../cargo_deny__test__cargo_deny-init.snap | 24 +- .../cargo_deny__test__cargo_deny-list.snap | 75 ++- .../cargo_deny__test__cargo_deny.snap | 188 +++--- .../sources__allows_bitbucket_org.snap | 44 +- tests/snapshots/sources__allows_git.snap | 44 +- .../snapshots/sources__allows_github_org.snap | 44 +- .../snapshots/sources__allows_gitlab_org.snap | 44 +- .../snapshots/sources__fails_unknown_git.snap | 44 +- tests/sources.rs | 32 +- tests/test_data/sources/Cargo.lock | 359 ++++++----- tests/test_data/sources/Cargo.toml | 4 +- 25 files changed, 1060 insertions(+), 701 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index a096ac8a..d6e7173a 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -141,7 +141,7 @@ jobs: - uses: actions/checkout@v3 - uses: dtolnay/rust-toolchain@stable with: - toolchain: "1.60.0" + toolchain: "1.65.0" - uses: Swatinem/rust-cache@v2 - run: cargo fetch - name: cargo check diff --git a/Cargo.lock b/Cargo.lock index 69c909bc..bc657c86 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -10,27 +10,18 @@ checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" [[package]] name = "aho-corasick" -version = "0.7.19" +version = "0.7.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4f55bd91a0978cbfd91c457a164bab8b4001c833b7f323132c0a4e1922dd44e" +checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac" dependencies = [ "memchr", ] -[[package]] -name = "ansi_term" -version = "0.12.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d52a9bb7ec0cf484c551830a7ce27bd20d67eac647e1befb56b0be4ee39a55d2" -dependencies = [ - "winapi", -] - [[package]] name = "anyhow" -version = "1.0.65" +version = "1.0.68" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "98161a4e3e2184da77bb14f02184cdd111e83bbbcc9979dfee3c44b9a85f5602" +checksum = "2cb2f989d18dd141ab8ae82f64d1a8cdd37e0840f73a406896cf5e99502fab61" [[package]] name = "arrayvec" @@ -63,7 +54,7 @@ version = "0.2.14" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" dependencies = [ - "hermit-abi", + "hermit-abi 0.1.19", "libc", "winapi", ] @@ -112,6 +103,16 @@ dependencies = [ "regex-automata", ] +[[package]] +name = "bstr" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b45ea9b00a7b3f2988e9a65ad3917e62123c38dba709b666506207be96d1790b" +dependencies = [ + "memchr", + "serde", +] + [[package]] name = "byteorder" version = "1.4.3" @@ -120,9 +121,9 @@ checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" [[package]] name = "bytes" -version = "1.2.1" +version = "1.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec8a7b6a70fde80372154c65702f00a0f56f3e1c36abbc6c440484be248856db" +checksum = "dfb24e866b15a1af2a1b663f10c6b6b8f397a84aadb828f12e5b289ec23a3a3c" [[package]] name = "bytesize" @@ -141,9 +142,9 @@ dependencies = [ [[package]] name = "cargo" -version = "0.65.0" +version = "0.67.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "988ba7aa82c0944fd91d119ee24a5c1f865eb2797e0edd90f6c08c7252857ca5" +checksum = "42890ec1f3578e60096342fb58b9949f925445841dbfc8a36230131815ae984e" dependencies = [ "anyhow", "atty", @@ -152,7 +153,6 @@ dependencies = [ "cargo-util", "clap", "crates-io", - "crossbeam-utils", "curl", "curl-sys", "env_logger", @@ -176,7 +176,6 @@ dependencies = [ "libgit2-sys", "log", "memchr", - "num_cpus", "opener", "openssl", "os_info", @@ -186,6 +185,7 @@ dependencies = [ "rustfix", "semver", "serde", + "serde-value", "serde_ignored", "serde_json", "shell-escape", @@ -205,7 +205,6 @@ dependencies = [ name = "cargo-deny" version = "0.13.5" dependencies = [ - "ansi_term", "anyhow", "askalono", "atty", @@ -222,6 +221,7 @@ dependencies = [ "insta", "krates", "log", + "nu-ansi-term", "rayon", "rustsec", "semver", @@ -239,9 +239,9 @@ dependencies = [ [[package]] name = "cargo-lock" -version = "8.0.2" +version = "8.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c4c54d47a4532db3494ef7332c257ab57b02750daae3250d49e01ee55201ce8" +checksum = "031718ddb8f78aa5def78a09e90defe30151d1f6c672f937af4dd916429ed996" dependencies = [ "semver", "serde", @@ -260,9 +260,9 @@ dependencies = [ [[package]] name = "cargo-util" -version = "0.2.1" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb66f33d96c58d1eef3a4744556ce0fae012b01165a3f171169a15cb4efc9633" +checksum = "b75f6bfca7b85d6e8c6a42405e9b4ecadd2e63f75f94aabfb524378b57a557a4" dependencies = [ "anyhow", "core-foundation", @@ -282,31 +282,32 @@ dependencies = [ [[package]] name = "cargo_metadata" -version = "0.15.0" +version = "0.15.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3abb7553d5b9b8421c6de7cb02606ff15e0c6eea7d8eadd75ef013fd636bec36" +checksum = "982a0cf6a99c350d7246035613882e376d58cebe571785abc5da4f648d53ac0a" dependencies = [ "camino", "cargo-platform", "semver", "serde", "serde_json", + "thiserror", ] [[package]] name = "cc" -version = "1.0.73" +version = "1.0.78" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" +checksum = "a20104e2335ce8a659d6dd92a51a767a0c062599c73b343fd152cb401e828c3d" dependencies = [ "jobserver", ] [[package]] name = "cfg-expr" -version = "0.11.0" +version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b0357a6402b295ca3a86bc148e84df46c02e41f41fef186bda662557ef6328aa" +checksum = "0bbc13bf6290a6b202cc3efb36f7ec2b739a80634215630c8053a313edf6abef" dependencies = [ "smallvec", "target-lexicon", @@ -320,26 +321,24 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "clap" -version = "3.2.22" +version = "4.0.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86447ad904c7fb335a790c9d7fe3d0d971dc523b8ccd1561a520de9a85302750" +checksum = "a7db700bc935f9e43e88d00b0850dae18a63773cfbec6d8e070fccf7fef89a39" dependencies = [ - "atty", "bitflags", "clap_derive", "clap_lex", - "indexmap", + "is-terminal", "once_cell", "strsim", "termcolor", - "textwrap", ] [[package]] name = "clap_derive" -version = "3.2.18" +version = "4.0.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ea0c8bce528c4be4da13ea6fead8965e95b6073585a2f05204bd8f4119f82a65" +checksum = "0177313f9f02afc995627906bbd8967e2be069f5261954222dac78290c2b9014" dependencies = [ "heck", "proc-macro-error", @@ -350,9 +349,9 @@ dependencies = [ [[package]] name = "clap_lex" -version = "0.2.4" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2850f2f5a82cbf437dd5af4d49848fbdfc27c157c3d010345776f952765261c5" +checksum = "0d4198f73e42b4936b35b5bb248d81d2b595ecb170da0bac7655c54eedfa8da8" dependencies = [ "os_str_bytes", ] @@ -406,15 +405,14 @@ dependencies = [ [[package]] name = "console" -version = "0.15.2" +version = "0.15.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c050367d967ced717c04b65d8c619d863ef9292ce0c5760028655a2fb298718c" +checksum = "c9b6515d269224923b26b5febea2ed42b2d5f2ce37284a4dd670fedd6cb8347a" dependencies = [ "encode_unicode", "lazy_static", "libc", - "terminal_size", - "winapi", + "windows-sys 0.42.0", ] [[package]] @@ -435,9 +433,9 @@ checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" [[package]] name = "crates-index" -version = "0.18.10" +version = "0.18.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3447ec855b0c44cad8eedb3d32b53837f233894d5f4584a2648a7ebc5d3feef4" +checksum = "599f67b56f40863598cb30450427049935d05de2e36c61d33c050f04d7ec8cf2" dependencies = [ "git2", "hex 0.4.3", @@ -451,6 +449,7 @@ dependencies = [ "serde_derive", "serde_json", "smartstring", + "toml", ] [[package]] @@ -513,9 +512,9 @@ dependencies = [ [[package]] name = "crossbeam-epoch" -version = "0.9.11" +version = "0.9.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f916dfc5d356b0ed9dae65f1db9fc9770aa2851d2662b988ccf4fe3516e86348" +checksum = "01a9af1f4c2ef74bb8aa1f7e19706bc72d03598c8a570bb5de72243c7a9d9d5a" dependencies = [ "autocfg", "cfg-if", @@ -526,9 +525,9 @@ dependencies = [ [[package]] name = "crossbeam-queue" -version = "0.3.6" +version = "0.3.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1cd42583b04998a5363558e5f9291ee5a5ff6b49944332103f251e7479a82aa7" +checksum = "d1cfb3ea8a53f37c40dea2c7bedcbd88bdfae54f5e2175d6ecaff1c988353add" dependencies = [ "cfg-if", "crossbeam-utils", @@ -536,9 +535,9 @@ dependencies = [ [[package]] name = "crossbeam-utils" -version = "0.8.12" +version = "0.8.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "edbafec5fa1f196ca66527c1b12c2ec4745ca14b50f1ad8f9f6f720b55d11fac" +checksum = "4fb766fa798726286dbbb842f174001dab8abc7b627a1dd86e0b7222a95d929f" dependencies = [ "cfg-if", ] @@ -572,9 +571,9 @@ dependencies = [ [[package]] name = "curl-sys" -version = "0.4.56+curl-7.83.1" +version = "0.4.59+curl-7.86.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6093e169dd4de29e468fa649fbae11cdcd5551c81fe5bf1b0677adad7ef3d26f" +checksum = "6cfce34829f448b08f55b7db6d0009e23e2e86a34e8c2b366269bf5799b4a407" dependencies = [ "cc", "libc", @@ -609,9 +608,9 @@ checksum = "a357d28ed41a50f9c765dbfe56cbc04a64e53e5fc58ba79fbc34c10ef3df831f" [[package]] name = "env_logger" -version = "0.9.1" +version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c90bf5f19754d10198ccb95b70664fc925bd1fc090a0fd9a6ebc54acc8cd6272" +checksum = "a12e6657c4c97ebab115a42dcee77225f7f482cdd841cf7088c657a42e9e00e7" dependencies = [ "atty", "humantime", @@ -620,6 +619,27 @@ dependencies = [ "termcolor", ] +[[package]] +name = "errno" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f639046355ee4f37944e44f60642c6f3a7efa3cf6b78c78a0d989a8ce6c396a1" +dependencies = [ + "errno-dragonfly", + "libc", + "winapi", +] + +[[package]] +name = "errno-dragonfly" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" +dependencies = [ + "cc", + "libc", +] + [[package]] name = "fastrand" version = "1.8.0" @@ -640,14 +660,14 @@ dependencies = [ [[package]] name = "filetime" -version = "0.2.17" +version = "0.2.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e94a7bbaa59354bc20dd75b67f23e2797b4490e9d6928203fb105c79e448c86c" +checksum = "4e884668cd0c7480504233e951174ddc3b382f7c2666e3b7310b5c4e7b0c37f9" dependencies = [ "cfg-if", "libc", "redox_syscall", - "windows-sys", + "windows-sys 0.42.0", ] [[package]] @@ -658,9 +678,9 @@ checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80" [[package]] name = "flate2" -version = "1.0.24" +version = "1.0.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f82b0f4c27ad9f8bfd1f3208d882da2b09c301bc1c828fd3a00d0216d2fbbff6" +checksum = "a8a2db397cb1c8772f31494cb8917e48cd1e64f0fa7efac59fbd741a0a8ce841" dependencies = [ "crc32fast", "libz-sys", @@ -699,9 +719,9 @@ dependencies = [ [[package]] name = "fs-err" -version = "2.8.1" +version = "2.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64db3e262960f0662f43a6366788d5f10f7f244b8f7d7d987f560baf5ded5c50" +checksum = "0845fa252299212f0389d64ba26f34fa32cfe41588355f21ed507c59a0f64541" [[package]] name = "funty" @@ -721,9 +741,9 @@ dependencies = [ [[package]] name = "git2" -version = "0.14.4" +version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d0155506aab710a86160ddb504a480d2964d7ab5b9e62419be69e0032bc5931c" +checksum = "2994bee4a3a6a51eb90c218523be382fd7ea09b16380b9312e9dbe955ff7c7d1" dependencies = [ "bitflags", "libc", @@ -736,9 +756,9 @@ dependencies = [ [[package]] name = "git2-curl" -version = "0.15.0" +version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1ee51709364c341fbb6fe2a385a290fb9196753bdde2fc45447d27cd31b11b13" +checksum = "ed817a00721e2f8037ba722e60358d4956dae9cca10315fc982f967907d3b0cd" dependencies = [ "curl", "git2", @@ -754,12 +774,12 @@ checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" [[package]] name = "globset" -version = "0.4.9" +version = "0.4.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a1e17342619edbc21a964c2afbeb6c820c6a2560032872f397bb97ea127bd0a" +checksum = "029d74589adefde59de1a0c4f4732695c32805624aec7b68d91503d4dba79afc" dependencies = [ "aho-corasick", - "bstr", + "bstr 1.1.0", "fnv", "log", "regex", @@ -786,6 +806,15 @@ dependencies = [ "libc", ] +[[package]] +name = "hermit-abi" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee512640fe35acbfb4bb779db6f0d80704c2cacfa2e39b601ef3e3f47d1ae4c7" +dependencies = [ + "libc", +] + [[package]] name = "hex" version = "0.3.2" @@ -803,9 +832,9 @@ dependencies = [ [[package]] name = "home" -version = "0.5.3" +version = "0.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2456aef2e6b6a9784192ae780c0f15bc57df0e918585282325e8c8ac27737654" +checksum = "747309b4b440c06d57b0b25f2aee03ee9b5e5397d288c60e21fc709bb98a7408" dependencies = [ "winapi", ] @@ -828,11 +857,10 @@ dependencies = [ [[package]] name = "ignore" -version = "0.4.18" +version = "0.4.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "713f1b139373f96a2e0ce3ac931cd01ee973c3c5dd7c40c0c2efe96ad2b6751d" +checksum = "a05705bc64e0b66a806c3740bd6578ea66051b157ec42dc219c785cbf185aef3" dependencies = [ - "crossbeam-utils", "globset", "lazy_static", "log", @@ -860,9 +888,9 @@ dependencies = [ [[package]] name = "indexmap" -version = "1.9.1" +version = "1.9.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "10a35a97730320ffe8e2d410b5d3b69279b98d2c14bdb8b70ea89ecf7888d41e" +checksum = "1885e79c1fc4b10f0e172c475f458b7f7b93061064d98c3293e98c5ba0c8b399" dependencies = [ "autocfg", "hashbrown", @@ -870,9 +898,9 @@ dependencies = [ [[package]] name = "insta" -version = "1.21.0" +version = "1.24.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "581d4e3314cae4536e5d22ffd23189d4a374696c5ef733eadafae0ed273fd303" +checksum = "eb5686bd8e9239eabe90bb30a0c341bffd6fdc177fb556708f2cb792bf00352d" dependencies = [ "console", "lazy_static", @@ -891,6 +919,28 @@ dependencies = [ "cfg-if", ] +[[package]] +name = "io-lifetimes" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46112a93252b123d31a119a8d1a1ac19deac4fac6e0e8b0df58f0d4e5870e63c" +dependencies = [ + "libc", + "windows-sys 0.42.0", +] + +[[package]] +name = "is-terminal" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28dfb6c8100ccc63462345b67d1bbc3679177c75ee4bf59bf29c8b1d110b8189" +dependencies = [ + "hermit-abi 0.2.6", + "io-lifetimes", + "rustix", + "windows-sys 0.42.0", +] + [[package]] name = "itertools" version = "0.10.5" @@ -902,9 +952,9 @@ dependencies = [ [[package]] name = "itoa" -version = "1.0.4" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4217ad341ebadf8d8e724e264f13e593e0648f5b3e94b3896a5df283be015ecc" +checksum = "fad582f4b9e86b6caa621cabeb0963332d92eea04729ab12892c2533951e6440" [[package]] name = "jobserver" @@ -917,9 +967,9 @@ dependencies = [ [[package]] name = "krates" -version = "0.12.5" +version = "0.12.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "072b097584be92c157a60013cc3f50e7f1f2b4adee37ad36030aa06a20c6d1dc" +checksum = "942c43a6cba1c201dfe81a943c89fa5c9140b34993e0c027f542c80b92e319a7" dependencies = [ "cargo_metadata", "cfg-expr", @@ -951,15 +1001,15 @@ checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" [[package]] name = "libc" -version = "0.2.134" +version = "0.2.139" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "329c933548736bc49fd575ee68c89e8be4d260064184389a5b77517cddd99ffb" +checksum = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" [[package]] name = "libgit2-sys" -version = "0.13.4+1.4.2" +version = "0.14.0+1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d0fa6563431ede25f5cc7f6d803c6afbc1c5d3ad3d4925d12c882bf2b526f5d1" +checksum = "47a00859c70c8a4f7218e6d1cc32875c4b55f6799445b842b0d8ed5e4c3d959b" dependencies = [ "cc", "libc", @@ -1011,6 +1061,12 @@ version = "0.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" +[[package]] +name = "linux-raw-sys" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f051f77a7c8e6957c0696eac88f26b0117e54f52d3fc682ab19397a8812846a4" + [[package]] name = "log" version = "0.4.17" @@ -1028,18 +1084,18 @@ checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" [[package]] name = "memoffset" -version = "0.6.5" +version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aa361d4faea93603064a027415f07bd8e1d5c88c9fbf68bf56a285428fd79ce" +checksum = "5de893c32cde5f383baa4c04c5d6dbdd735cfd4a794b0debdb2bb1b421da5ff4" dependencies = [ "autocfg", ] [[package]] name = "miniz_oxide" -version = "0.5.4" +version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "96590ba8f175222643a85693f33d26e9c8a015f599c216509b1a6894af675d34" +checksum = "b275950c28b37e794e8c55d88aeb5e139d0ce23fdbbeda68f8d7174abdf9e8fa" dependencies = [ "adler", ] @@ -1054,38 +1110,39 @@ dependencies = [ ] [[package]] -name = "num-traits" -version = "0.2.15" +name = "nu-ansi-term" +version = "0.46.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" +checksum = "77a8165726e8236064dbb45459242600304b42a5ea24ee2948e18e023bf7ba84" dependencies = [ - "autocfg", + "overload", + "winapi", ] [[package]] -name = "num_cpus" -version = "1.13.1" +name = "num-traits" +version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19e64526ebdee182341572e50e9ad03965aa510cd94427a4549448f285e957a1" +checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" dependencies = [ - "hermit-abi", - "libc", + "autocfg", ] [[package]] -name = "num_threads" -version = "0.1.6" +name = "num_cpus" +version = "1.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44" +checksum = "0fac9e2da13b5eb447a6ce3d392f23a29d8694bff781bf03a16cd9ac8697593b" dependencies = [ + "hermit-abi 0.2.6", "libc", ] [[package]] name = "once_cell" -version = "1.15.0" +version = "1.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1" +checksum = "6f61fba1741ea2b3d6a1e3178721804bb716a68a6aeba1149b5d52e3d464ea66" [[package]] name = "opener" @@ -1093,15 +1150,15 @@ version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4ea3ebcd72a54701f56345f16785a6d3ac2df7e986d273eb4395c0b01db17952" dependencies = [ - "bstr", + "bstr 0.2.17", "winapi", ] [[package]] name = "openssl" -version = "0.10.42" +version = "0.10.45" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12fc0523e3bd51a692c8850d075d74dc062ccf251c0110668cbd921917118a13" +checksum = "b102428fd03bc5edf97f62620f7298614c45cedf287c271e7ed450bbaf83f2e1" dependencies = [ "bitflags", "cfg-if", @@ -1131,18 +1188,18 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "openssl-src" -version = "111.22.0+1.1.1q" +version = "111.24.0+1.1.1s" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f31f0d509d1c1ae9cada2f9539ff8f37933831fd5098879e482aa687d659853" +checksum = "3498f259dab01178c6228c6b00dcef0ed2a2d5e20d648c017861227773ea4abd" dependencies = [ "cc", ] [[package]] name = "openssl-sys" -version = "0.9.76" +version = "0.9.80" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5230151e44c0f05157effb743e8d517472843121cf9243e8b81393edb5acd9ce" +checksum = "23bbbf7854cd45b83958ebe919f0e8e516793727652e27fda10a8384cfc790b7" dependencies = [ "autocfg", "cc", @@ -1152,6 +1209,15 @@ dependencies = [ "vcpkg", ] +[[package]] +name = "ordered-float" +version = "2.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7940cf2ca942593318d07fcf2596cdca60a85c9e7fab408a5e21a4f9dcd40d87" +dependencies = [ + "num-traits", +] + [[package]] name = "os_info" version = "3.5.1" @@ -1165,15 +1231,21 @@ dependencies = [ [[package]] name = "os_str_bytes" -version = "6.3.0" +version = "6.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ff7415e9ae3fff1225851df9e0d9e4e5479f947619774677a63572e55e80eff" +checksum = "9b7820b9daea5457c9f21c69448905d723fbd21136ccf521748f23fd49e723ee" + +[[package]] +name = "overload" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39" [[package]] name = "paste" -version = "1.0.9" +version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1de2e551fb905ac83f73f7aedf2f0cb4a0da7e35efa24a202a936269f1f18e1" +checksum = "d01a5bd0424d00070b0098dd17ebca6f961a959dead1dbcbbbc1d1cd8d3deeba" [[package]] name = "pathdiff" @@ -1199,15 +1271,15 @@ dependencies = [ [[package]] name = "pkg-config" -version = "0.3.25" +version = "0.3.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1df8c4ec4b0627e53bdf214615ad287367e482558cf84b109250b37464dc03ae" +checksum = "6ac9a59f73473f1b8d852421e59e64809f025994837ef743615c6d0c5b305160" [[package]] name = "platforms" -version = "3.0.1" +version = "3.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d8ec293fd25f7fcfeb7c70129241419a62c6200a26a725f680aff07c91d0ed05" +checksum = "e3d7ddaed09e0eb771a79ab0fd64609ba0afb0a8366421957936ad14cbd13630" dependencies = [ "serde", ] @@ -1238,18 +1310,18 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.46" +version = "1.0.49" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94e2ef8dbfc347b10c094890f778ee2e36ca9bb4262e86dc99cd217e35f3470b" +checksum = "57a8eca9f9c4ffde41714334dee777596264c7825420f521abc92b5b5deb63a5" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.21" +version = "1.0.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbe448f377a7d6961e30f5955f9b8d106c3f5e449d493ee1b125c1d43c2b5179" +checksum = "8856d8364d252a14d474036ea1358d63c9e6965c8e5c1885c18f73d70bff9c7b" dependencies = [ "proc-macro2", ] @@ -1277,21 +1349,19 @@ dependencies = [ [[package]] name = "rayon" -version = "1.5.3" +version = "1.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bd99e5772ead8baa5215278c9b15bf92087709e9c1b2d1f97cdb5a183c933a7d" +checksum = "6db3a213adf02b3bcfd2d3846bb41cb22857d131789e01df434fb7e7bc0759b7" dependencies = [ - "autocfg", - "crossbeam-deque", "either", "rayon-core", ] [[package]] name = "rayon-core" -version = "1.9.3" +version = "1.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "258bcdb5ac6dad48491bb2992db6b7cf74878b0384908af124823d118c99683f" +checksum = "cac410af5d00ab6884528b4ab69d1e8e146e8d471201800fa1b4524126de6ad3" dependencies = [ "crossbeam-channel", "crossbeam-deque", @@ -1310,9 +1380,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.6.0" +version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c4eb3267174b8c6c2f654116623910a0fef09c4753f8dd83db29c48a0df988b" +checksum = "e076559ef8e241f2ae3479e36f97bd5741c0330689e217ad51ce2c76808b868a" dependencies = [ "aho-corasick", "memchr", @@ -1327,9 +1397,9 @@ checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132" [[package]] name = "regex-syntax" -version = "0.6.27" +version = "0.6.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a3f87b73ce11b1619a3c6332f45341e0047173771e8b8b73f87bfeefb7b56244" +checksum = "456c603be3e8d448b072f410900c09faf164fbce2d480456f50eea6e25f9c848" [[package]] name = "remove_dir_all" @@ -1386,11 +1456,25 @@ dependencies = [ "serde_json", ] +[[package]] +name = "rustix" +version = "0.36.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4feacf7db682c6c329c4ede12649cd36ecab0f3be5b7d74e6a20304725db4549" +dependencies = [ + "bitflags", + "errno", + "io-lifetimes", + "libc", + "linux-raw-sys", + "windows-sys 0.42.0", +] + [[package]] name = "rustsec" -version = "0.26.2" +version = "0.26.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3fe23a21f33f0e9da3d16adad19eec876b7c358b8dd6270dc22eb51c75f15bf3" +checksum = "ebed6b0e2e926d0d083b6efce3a92ec4cea58e70c4eb954474ca8bbfcf82d970" dependencies = [ "cargo-lock", "cvss", @@ -1405,15 +1489,15 @@ dependencies = [ [[package]] name = "rustversion" -version = "1.0.9" +version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97477e48b4cf8603ad5f7aaf897467cf42ab4218a38ef76fb14c2d6773a6d6a8" +checksum = "5583e89e108996506031660fe09baa5011b9dd0341b89029313006d1fb508d70" [[package]] name = "ryu" -version = "1.0.11" +version = "1.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4501abdff3ae82a1c1b477a17252eb69cee9e66eb915c1abaa4f44d873df9f09" +checksum = "7b4b9743ed687d4b4bcedf9ff5eaa7398495ae14e61cba0a295704edbc7decde" [[package]] name = "same-file" @@ -1431,7 +1515,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "88d6731146462ea25d9244b2ed5fd1d716d25c52e4d54aa4fb0f3c4e9854dbe2" dependencies = [ "lazy_static", - "windows-sys", + "windows-sys 0.36.1", ] [[package]] @@ -1442,27 +1526,37 @@ checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" [[package]] name = "semver" -version = "1.0.14" +version = "1.0.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e25dfac463d778e353db5be2449d1cce89bd6fd23c9f1ea21310ce6e5a1b29c4" +checksum = "58bc9567378fc7690d6b2addae4e60ac2eeea07becb2c64b9f218b53865cba2a" dependencies = [ "serde", ] [[package]] name = "serde" -version = "1.0.145" +version = "1.0.152" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "728eb6351430bccb993660dfffc5a72f91ccc1295abaa8ce19b27ebe4f75568b" +checksum = "bb7d1f0d3021d347a83e556fc4683dea2ea09d87bccdf88ff5c12545d89d5efb" dependencies = [ "serde_derive", ] +[[package]] +name = "serde-value" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f3a1a3341211875ef120e117ea7fd5228530ae7e7036a779fdc9117be6b3282c" +dependencies = [ + "ordered-float", + "serde", +] + [[package]] name = "serde_derive" -version = "1.0.145" +version = "1.0.152" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81fa1584d3d1bcacd84c277a0dfe21f5b0f6accf4a23d04d4c6d61f1af522b4c" +checksum = "af487d118eecd09402d70a5d72551860e788df87b464af30e5ea6a38c75c541e" dependencies = [ "proc-macro2", "quote", @@ -1471,18 +1565,18 @@ dependencies = [ [[package]] name = "serde_ignored" -version = "0.1.5" +version = "0.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "82b3da7eedd967647a866f67829d1c79d184d7c4521126e9cc2c46a9585c6d21" +checksum = "94eb4a4087ba8bdf14a9208ac44fddbf55c01a6195f7edfc511ddaff6cae45a6" dependencies = [ "serde", ] [[package]] name = "serde_json" -version = "1.0.85" +version = "1.0.91" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e55a28e3aaef9d5ce0506d0a14dbba8054ddc7e499ef522dd8b26859ec9d4a44" +checksum = "877c235533714907a8c2464236f5c4b2a17262ef1bd71f38f35ea592c8da6883" dependencies = [ "itoa", "ryu", @@ -1497,9 +1591,9 @@ checksum = "45bb67a18fa91266cc7807181f62f9178a6873bfad7dc788c42e6430db40184f" [[package]] name = "similar" -version = "2.2.0" +version = "2.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62ac7f900db32bf3fd12e0117dd3dc4da74bc52ebaac97f39668446d89694803" +checksum = "420acb44afdae038210c99e69aae24109f32f15500aa708e81d46c9f29d55fcf" [[package]] name = "sized-chunks" @@ -1541,9 +1635,9 @@ dependencies = [ [[package]] name = "spdx" -version = "0.9.0" +version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a346909b3fd07776f9b96b98d4a58e3666f831c9a672c279b10f795a34c36425" +checksum = "52dd48832ddda0d79ca6062064d530680e24c5ee85ba1d9fae41f102b2d9f34f" dependencies = [ "smallvec", ] @@ -1593,9 +1687,9 @@ dependencies = [ [[package]] name = "syn" -version = "1.0.102" +version = "1.0.107" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3fcd952facd492f9be3ef0d0b7032a6e442ee9b361d4acc2b1d0c4aaa5f613a1" +checksum = "1f4064b5b16e03ae50984a5a8ed5d4f8803e6bc1fd170a3cda91a1be4b18e3f5" dependencies = [ "proc-macro2", "quote", @@ -1620,9 +1714,9 @@ dependencies = [ [[package]] name = "target-lexicon" -version = "0.12.4" +version = "0.12.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c02424087780c9b71cc96799eaeddff35af2bc513278cda5c99fc1f5d026d3c1" +checksum = "9410d0f6853b1d94f0e519fb95df60f29d2c1eff2d921ffdf01a4c8a3b54f12d" [[package]] name = "tempfile" @@ -1647,36 +1741,20 @@ dependencies = [ "winapi-util", ] -[[package]] -name = "terminal_size" -version = "0.1.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "633c1a546cee861a1a6d0dc69ebeca693bf4296661ba7852b9d21d159e0506df" -dependencies = [ - "libc", - "winapi", -] - -[[package]] -name = "textwrap" -version = "0.15.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b7b3e525a49ec206798b40326a44121291b530c963cfb01018f63e135bac543d" - [[package]] name = "thiserror" -version = "1.0.37" +version = "1.0.38" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "10deb33631e3c9018b9baf9dcbbc4f737320d2b576bac10f6aefa048fa407e3e" +checksum = "6a9cd18aa97d5c45c6603caea1da6628790b37f7a34b6ca89522331c5180fed0" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.37" +version = "1.0.38" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "982d17546b47146b28f7c22e3d08465f6b8903d0ea13c1660d9d84a6e7adcdbb" +checksum = "1fb327af4685e4d03fa8cbcf1716380da910eeb2bb8be417e7f9fd3fb164f36f" dependencies = [ "proc-macro2", "quote", @@ -1694,21 +1772,30 @@ dependencies = [ [[package]] name = "time" -version = "0.3.15" +version = "0.3.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d634a985c4d4238ec39cacaed2e7ae552fbd3c476b552c1deac3021b7d7eaf0c" +checksum = "a561bf4617eebd33bca6434b988f39ed798e527f51a1e797d0ee4f61c0a38376" dependencies = [ "itoa", - "libc", - "num_threads", + "serde", + "time-core", "time-macros", ] +[[package]] +name = "time-core" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e153e1f1acaef8acc537e68b44906d2db6436e2b35ac2c6b42640fff91f00fd" + [[package]] name = "time-macros" -version = "0.2.4" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42657b1a6f4d817cda8e7a0ace261fe0cc946cf3a80314390b22cc61ae080792" +checksum = "d967f99f534ca7e495c575c62638eebc2898a8c84c119b89e250477bc4ba16b2" +dependencies = [ + "time-core", +] [[package]] name = "tinyvec" @@ -1727,24 +1814,34 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" [[package]] name = "toml" -version = "0.5.9" +version = "0.5.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1333c76748e868a4d9d1017b5ab53171dfd095f70c712fdb4653a406547f598f" +dependencies = [ + "serde", +] + +[[package]] +name = "toml_datetime" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d82e1a7758622a465f8cee077614c73484dac5b836c02ff6a40d5d1010324d7" +checksum = "808b51e57d0ef8f71115d8f3a01e7d3750d01c79cac4b3eda910f4389fdf92fd" dependencies = [ "serde", ] [[package]] name = "toml_edit" -version = "0.14.4" +version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5376256e44f2443f8896ac012507c19a012df0fe8758b55246ae51a2279db51f" +checksum = "b1541ba70885967e662f69d31ab3aeca7b1aaecfcd58679590b893e9239c3646" dependencies = [ "combine", "indexmap", "itertools", "kstring", "serde", + "toml_datetime", ] [[package]] @@ -1759,9 +1856,9 @@ dependencies = [ [[package]] name = "typenum" -version = "1.15.0" +version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987" +checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" [[package]] name = "unicode-bidi" @@ -1771,9 +1868,9 @@ checksum = "099b7128301d285f79ddd55b9a83d5e6b9e97c92e0ea0daebee7263e932de992" [[package]] name = "unicode-ident" -version = "1.0.4" +version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcc811dc4066ac62f84f11307873c4850cb653bfa9b1719cee2bd2204a4bc5dd" +checksum = "84a22b9f218b40614adcb3f4ff08b703773ad44fa9423e4e0d346d5db86e4ebc" [[package]] name = "unicode-normalization" @@ -1895,48 +1992,105 @@ version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2" dependencies = [ - "windows_aarch64_msvc", - "windows_i686_gnu", - "windows_i686_msvc", - "windows_x86_64_gnu", - "windows_x86_64_msvc", + "windows_aarch64_msvc 0.36.1", + "windows_i686_gnu 0.36.1", + "windows_i686_msvc 0.36.1", + "windows_x86_64_gnu 0.36.1", + "windows_x86_64_msvc 0.36.1", +] + +[[package]] +name = "windows-sys" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a3e1820f08b8513f676f7ab6c1f99ff312fb97b553d30ff4dd86f9f15728aa7" +dependencies = [ + "windows_aarch64_gnullvm", + "windows_aarch64_msvc 0.42.0", + "windows_i686_gnu 0.42.0", + "windows_i686_msvc 0.42.0", + "windows_x86_64_gnu 0.42.0", + "windows_x86_64_gnullvm", + "windows_x86_64_msvc 0.42.0", ] +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41d2aa71f6f0cbe00ae5167d90ef3cfe66527d6f613ca78ac8024c3ccab9a19e" + [[package]] name = "windows_aarch64_msvc" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47" +[[package]] +name = "windows_aarch64_msvc" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dd0f252f5a35cac83d6311b2e795981f5ee6e67eb1f9a7f64eb4500fbc4dcdb4" + [[package]] name = "windows_i686_gnu" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6" +[[package]] +name = "windows_i686_gnu" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fbeae19f6716841636c28d695375df17562ca208b2b7d0dc47635a50ae6c5de7" + [[package]] name = "windows_i686_msvc" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024" +[[package]] +name = "windows_i686_msvc" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "84c12f65daa39dd2babe6e442988fc329d6243fdce47d7d2d155b8d874862246" + [[package]] name = "windows_x86_64_gnu" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1" +[[package]] +name = "windows_x86_64_gnu" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf7b1b21b5362cbc318f686150e5bcea75ecedc74dd157d874d754a2ca44b0ed" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09d525d2ba30eeb3297665bd434a54297e4170c7f1a44cad4ef58095b4cd2028" + [[package]] name = "windows_x86_64_msvc" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" +[[package]] +name = "windows_x86_64_msvc" +version = "0.42.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f40009d85759725a34da6d89a94e63d7bdc50a862acf0dbc7c8e488f1edcb6f5" + [[package]] name = "wyz" -version = "0.5.0" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "30b31594f29d27036c383b53b59ed3476874d518f0efb151b27a4c275141390e" +checksum = "05f360fc0b24296329c78fda852a1e9ae82de9cf7b27dae4b7f62f118f77b9ed" dependencies = [ "tap", ] @@ -1971,9 +2125,9 @@ dependencies = [ [[package]] name = "zstd-sys" -version = "2.0.1+zstd.1.5.2" +version = "2.0.4+zstd.1.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9fd07cbbc53846d9145dbffdf6dd09a7a0aa52be46741825f5c97bdd4f73f12b" +checksum = "4fa202f2ef00074143e219d15b62ffc317d17cc33909feac471c044087cad7b0" dependencies = [ "cc", "libc", diff --git a/Cargo.toml b/Cargo.toml index 15662c5b..8b54c2f8 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,7 +15,7 @@ homepage = "https://github.com/EmbarkStudios/cargo-deny" categories = ["development-tools::cargo-plugins"] keywords = ["cargo", "license", "spdx", "ci", "advisories"] exclude = ["examples/", ".github/", "tests"] -rust-version = "1.60.0" +rust-version = "1.65.0" [badges] maintenance = { status = "actively-developed" } @@ -40,7 +40,7 @@ standalone = ["cargo"] [dependencies] # Output coloring -ansi_term = "0.12" +nu-ansi-term = "0.46" # Easy errors anyhow = "1.0" # Used for detecting the license type of a file @@ -50,9 +50,9 @@ atty = "0.2" # Used to track various things during check runs bitvec = { version = "1.0", features = ["alloc"] } # Allows us to do eg cargo metadata operations without relying on an external cargo -cargo = { version = "0.65", optional = true } +cargo = { version = "0.67", optional = true } # Argument parsing, kept aligned with cargo -clap = { version = "3.2", features = ["derive", "env"] } +clap = { version = "4.0", features = ["derive", "env"] } # Used for diagnostic reporting codespan = "0.11" codespan-reporting = "0.11" @@ -65,7 +65,7 @@ crossbeam = "0.8" # Logging utilities fern = "0.6" # We directly interact with git when doing index operations eg during fix -git2 = "0.14" +git2 = "0.15" # We need to figure out HOME/CARGO_HOME in some cases home = "0.5" # Provides graphs on top of cargo_metadata @@ -84,7 +84,7 @@ serde_json = "1.0" # Avoid some heap allocations when we likely won't need them smallvec = "1.9" # Used for parsing and checking SPDX license expressions -spdx = "0.9" +spdx = "0.10" # Lazy strum = { version = "0.24", features = ["derive"] } # Timestamp emission diff --git a/deny.toml b/deny.toml index 3bdde741..d094cc79 100644 --- a/deny.toml +++ b/deny.toml @@ -14,9 +14,6 @@ unmaintained = "deny" notice = "deny" unsound = "deny" ignore = [ - # ansi_term is unmaintained, but it does exactly what it needs to and no more - # so no reason to change just for the sake of it - "RUSTSEC-2021-0139", # potential unaligned pointer read on windows. Doesn't happen in practice, don't # care "RUSTSEC-2021-0145", @@ -26,8 +23,13 @@ ignore = [ multiple-versions = "deny" deny = [] skip = [ - # cargo dependes on two versions + # cargo depends on two versions of these crates { name = "hex", version = "=0.3.2" }, + { name = "bstr", version = "=0.2.17" }, +] +skip-tree = [ + # windows-sys minor version bumps are still incredibly tedious + { name = "windows-sys", version = "=0.36.1" }, ] [sources] @@ -46,14 +48,6 @@ confidence-threshold = 0.93 allow = ["Apache-2.0", "Apache-2.0 WITH LLVM-exception", "MIT", "MPL-2.0"] exceptions = [ - { allow = [ - "Zlib", - ], name = "tinyvec" }, - { allow = [ - "Apache-2.0", - "BSD-2-Clause", - ], name = "crossbeam-queue" }, - { allow = [ - "Unicode-DFS-2016", - ], name = "unicode-ident" }, + { allow = ["Zlib"], name = "tinyvec" }, + { allow = ["Unicode-DFS-2016"], name = "unicode-ident" }, ] diff --git a/src/advisories/helpers.rs b/src/advisories/helpers.rs index 4761cbd0..81056143 100644 --- a/src/advisories/helpers.rs +++ b/src/advisories/helpers.rs @@ -650,7 +650,7 @@ pub(crate) fn krate_for_pkg<'a>( .find(|(_, krate)| { pkg.version == krate.version && match (&pkg.source, &krate.source) { - (Some(psrc), Some(ksrc)) => psrc == ksrc, + (Some(psrc), Some(ksrc)) => ksrc == psrc, (None, None) => true, _ => false, } diff --git a/src/cargo-deny/check.rs b/src/cargo-deny/check.rs index 22aeda55..b39d0d64 100644 --- a/src/cargo-deny/check.rs +++ b/src/cargo-deny/check.rs @@ -40,7 +40,7 @@ impl From for Severity { } } -#[derive(Debug, PartialEq, Eq)] +#[derive(Clone, Copy, Debug, PartialEq, Eq)] pub enum CodeOrLevel { Code(DiagnosticCode), Level(Level), @@ -104,7 +104,7 @@ pub struct Args { #[clap(flatten)] pub lint_levels: LintLevels, /// Specifies the depth at which feature edges are added in inclusion graphs - #[clap(long, conflicts_with = "hide-inclusion-graph")] + #[clap(long, conflicts_with = "hide_inclusion_graph")] pub feature_depth: Option, /// The check(s) to perform #[clap(value_enum, action)] diff --git a/src/cargo-deny/list.rs b/src/cargo-deny/list.rs index 3371ae43..e4df26dc 100644 --- a/src/cargo-deny/list.rs +++ b/src/cargo-deny/list.rs @@ -1,6 +1,6 @@ -use ansi_term::Color; use anyhow::{Context, Error}; use cargo_deny::{diag::Files, licenses, Kid}; +use nu_ansi_term::Color; use serde::Serialize; use std::path::PathBuf; diff --git a/src/cargo-deny/main.rs b/src/cargo-deny/main.rs index 70ecf6bd..623bb6ae 100644 --- a/src/cargo-deny/main.rs +++ b/src/cargo-deny/main.rs @@ -136,8 +136,8 @@ fn setup_logger( format: Format, color: bool, ) -> Result<(), fern::InitError> { - use ansi_term::Color::{Blue, Green, Purple, Red, Yellow}; use log::Level::{Debug, Error, Info, Trace, Warn}; + use nu_ansi_term::Color::{Blue, Green, Purple, Red, Yellow}; let now = time::OffsetDateTime::now_utc(); @@ -340,9 +340,8 @@ mod test { use clap::ColorChoice; use clap::Command; - fn snapshot_test_cli_command(app: Command<'_>, cmd_name: String) { + fn snapshot_test_cli_command(app: Command, cmd_name: String) { let mut app = app - .clone() // we do not want ASCII colors in our snapshot test output .color(ColorChoice::Never) // override versions to not have to update test when changing versions @@ -356,7 +355,7 @@ mod test { let id = a.get_id(); if id != "version" && id != "help" { - Some(id) + Some(id.clone()) } else { None } diff --git a/src/cargo-deny/stats.rs b/src/cargo-deny/stats.rs index b65f1dae..0a6e932a 100644 --- a/src/cargo-deny/stats.rs +++ b/src/cargo-deny/stats.rs @@ -1,4 +1,5 @@ -use crate::{Color, Format}; +use crate::Format; +use nu_ansi_term::Color; use serde::Serialize; #[derive(Default, Serialize)] @@ -35,7 +36,7 @@ pub(crate) fn print_stats( show_stats: bool, log_level: log::LevelFilter, format: Format, - color: Color, + color: crate::Color, ) { // In the case of human, we print to stdout, to distinguish it from the rest // of the output, but for JSON we still go to stderr since presumably computers @@ -45,9 +46,9 @@ pub(crate) fn print_stats( let mut summary = String::new(); let color = match color { - Color::Auto => atty::is(atty::Stream::Stdout), - Color::Always => true, - Color::Never => false, + crate::Color::Auto => atty::is(atty::Stream::Stdout), + crate::Color::Always => true, + crate::Color::Never => false, }; // If we're using the default or higher log level, just emit @@ -91,9 +92,9 @@ fn write_min_stats(mut summary: &mut String, stats: &AllStats, color: bool) { &mut summary, "{}, ", if stats.errors > 0 { - ansi_term::Color::Red.paint("FAILED") + Color::Red.paint("FAILED") } else { - ansi_term::Color::Green.paint("ok") + Color::Green.paint("ok") } ) .unwrap(); @@ -157,14 +158,14 @@ fn write_full_stats(summary: &mut String, stats: &AllStats, color: bool) { "{} {}", check, if stats.errors > 0 { - ansi_term::Color::Red.paint("FAILED") + Color::Red.paint("FAILED") } else { - ansi_term::Color::Green.paint("ok") + Color::Green.paint("ok") } ), - ansi_term::Color::Red.paint(format!("{}", stats.errors)), - ansi_term::Color::Yellow.paint(format!("{}", stats.warnings)), - ansi_term::Color::Blue.paint(format!("{}", stats.notes + stats.helps)), + Color::Red.paint(format!("{}", stats.errors)), + Color::Yellow.paint(format!("{}", stats.warnings)), + Color::Blue.paint(format!("{}", stats.notes + stats.helps)), column = column, ) .unwrap(); diff --git a/src/diag.rs b/src/diag.rs index 65f65f67..392560d1 100644 --- a/src/diag.rs +++ b/src/diag.rs @@ -183,7 +183,7 @@ impl KrateSpans { for krate in krates { let span_start = sl.len(); match &krate.source { - Some(src) => writeln!(sl, "{} {} {}", krate.name, krate.version, src) + Some(src) => writeln!(sl, "{} {} {}", krate.name, krate.version, src.source_id) .expect("unable to synthesize lockfile"), None => writeln!( sl, diff --git a/src/lib.rs b/src/lib.rs index 73206c6e..965e7a00 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -52,12 +52,29 @@ const fn lint_deny() -> LintLevel { LintLevel::Deny } +/// Wrapper around the original source url +#[derive(Debug)] +pub struct Source { + /// The original url obtained via cargo + pub url: url::Url, + /// The rustsec id, this is used to match crates in our graph with the one + /// that rustsec uses + pub source_id: SourceId, +} + +impl PartialEq for Source { + #[inline] + fn eq(&self, o: &SourceId) -> bool { + &self.source_id == o + } +} + #[derive(Debug)] pub struct Krate { pub name: String, pub id: Kid, pub version: Version, - pub source: Option, + pub source: Option, pub authors: Vec, pub repository: Option, pub description: Option, @@ -133,16 +150,28 @@ impl From for Krate { authors: pkg.authors, repository: pkg.repository, source: { - // rustsec's SourceId has better introspection pkg.source.and_then(|src| { - let url = format!("{}", src); - SourceId::from_url(&url).map_or_else( - |e| { - log::warn!("unable to parse source url '{}': {}", url, e); + let url = src.to_string(); + + match url.parse() { + Ok(source_id) => { + // Strip the leading + from the url + let url = if let Some(ind) = url.find('+') { + url[ind + 1..].to_owned() + } else { + url + }; + + Some(Source { + url: url.parse().unwrap(), + source_id, + }) + } + Err(err) => { + log::warn!("unable to parse source url '{url}': {err}"); None - }, - Some, - ) + } + } }) }, targets: pkg.targets, @@ -186,7 +215,7 @@ impl Krate { /// Returns the normalized source URL pub(crate) fn normalized_source_url(&self) -> Option { self.source.as_ref().map(|source| { - let mut url = source.url().clone(); + let mut url = source.url.clone(); url.set_query(None); url.set_fragment(None); crate::sources::normalize_url(&mut url); @@ -196,7 +225,9 @@ impl Krate { #[inline] pub(crate) fn is_git_source(&self) -> bool { - self.source.as_ref().map_or(false, |src| src.is_git()) + self.source + .as_ref() + .map_or(false, |src| src.source_id.is_git()) } } diff --git a/src/sources.rs b/src/sources.rs index 5f0f7dd9..5ae13f8c 100644 --- a/src/sources.rs +++ b/src/sources.rs @@ -47,13 +47,8 @@ pub fn check(ctx: crate::CheckCtx<'_, ValidConfig>, sink: impl Into) // get URL without git revision (query & fragment) // example URL in Cargo.lock: https://github.com/RustSec/rustsec-crate.git?rev=aaba369#aaba369bebc4fcfb9133b1379bcf430b707188a2 // where we only want: https://github.com/RustSec/rustsec-crate.git - let source_url = { - let mut url = source.url().clone(); - url.set_query(None); - url.set_fragment(None); - normalize_url(&mut url); - url - }; + // Unwrap is ok since we already know we have a source + let source_url = krate.normalized_source_url().unwrap(); let mut pack = Pack::with_kid(Check::Sources, krate.id.clone()); @@ -69,30 +64,21 @@ pub fn check(ctx: crate::CheckCtx<'_, ValidConfig>, sink: impl Into) }; // get allowed list of sources to check - let (lint_level, type_name) = if source.is_registry() { + let (lint_level, type_name) = if source.source_id.is_registry() { (ctx.cfg.unknown_registry, "registry") - } else if source.is_git() { + } else if source.source_id.is_git() { // Ensure the git source has at least the minimum specification if let Some((min, cfg_coord)) = &min_git_spec { - pub use rustsec::package::GitReference; - - let spec = source - .git_reference() - .map(|gr| match gr { - GitReference::Branch(name) => { - // TODO: Workaround logic hardcoded in the rustsec crate, - // that crate can be changed to support the new v3 lock format - // whenever it is stabilized https://github.com/rust-lang/cargo/pull/8522 - if name == "master" { - GitSpec::Any - } else { - GitSpec::Branch - } - } - GitReference::Tag(_) => GitSpec::Tag, - GitReference::Rev(_) => GitSpec::Rev, - }) - .unwrap_or_default(); + let mut spec = GitSpec::Any; + + for (k, _v) in source.url.query_pairs() { + spec = match k.as_ref() { + "branch" | "ref" => GitSpec::Branch, + "tag" => GitSpec::Tag, + "rev" => GitSpec::Rev, + _ => continue, + }; + } if spec < *min { pack.push(diags::BelowMinimumRequiredSpec { diff --git a/tests/snapshots/cargo_deny__test__cargo_deny-check.snap b/tests/snapshots/cargo_deny__test__cargo_deny-check.snap index 88d89bc3..b46697c8 100644 --- a/tests/snapshots/cargo_deny__test__cargo_deny-check.snap +++ b/tests/snapshots/cargo_deny__test__cargo_deny-check.snap @@ -2,74 +2,60 @@ source: src/cargo-deny/main.rs expression: help_text --- -check 0.0.0 Checks a project's crate graph -USAGE: - check [OPTIONS] [WHICH]... +Usage: check [OPTIONS] [WHICH]... -ARGS: - ... - The check(s) to perform - - [possible values: advisories, ban, bans, license, licenses, sources, - all] +Arguments: + [WHICH]... + The check(s) to perform + + [possible values: advisories, ban, bans, license, licenses, sources, all] -OPTIONS: - -A, --allow - Set lint allowed +Options: + -c, --config + Path to the config to use + + Defaults to /deny.toml if not specified - --audit-compatible-output - To ease transition from cargo-audit to cargo-deny, this flag will - tell cargo-deny to output the exact same output as cargo-audit - would, to `stdout` instead of `stderr`, just as with cargo-audit. - - Note that this flag only applies when the output format is JSON, and - note that since cargo-deny supports multiple advisory databases, - instead of a single JSON object, there will be 1 for each unique - advisory database. + -g, --graph + Path to graph_output root directory + + If set, a dotviz graph will be created for whenever multiple versions of the same crate are detected. + + Each file will be created at /graph_output/.dot. /graph_output/* is deleted and recreated each run. - -c, --config - Path to the config to use - - Defaults to /deny.toml if not specified + --hide-inclusion-graph + Hides the inclusion graph when printing out info for a crate - -d, --disable-fetch - Disable fetching of the advisory database - - When running the `advisories` check, the configured advisory - database will be fetched and opened. If this flag is passed, the - database won't be fetched, but an error will occur if it doesn't - already exist locally. + -d, --disable-fetch + Disable fetching of the advisory database + + When running the `advisories` check, the configured advisory database will be fetched and opened. If this flag is passed, the database won't be fetched, but an error will occur if it doesn't already exist locally. - -D, --deny - Set lint denied + --audit-compatible-output + To ease transition from cargo-audit to cargo-deny, this flag will tell cargo-deny to output the exact same output as cargo-audit would, to `stdout` instead of `stderr`, just as with cargo-audit. + + Note that this flag only applies when the output format is JSON, and note that since cargo-deny supports multiple advisory databases, instead of a single JSON object, there will be 1 for each unique advisory database. - --feature-depth - Specifies the depth at which feature edges are added in inclusion - graphs + -s, --show-stats + Show stats for all the checks, regardless of the log-level - -g, --graph - Path to graph_output root directory - - If set, a dotviz graph will be created for whenever multiple - versions of the same crate are detected. - - Each file will be created at /graph_output/.dot. - /graph_output/* is deleted and recreated each run. + -W, --warn + Set lint warnings - -h, --help - Print help information + -A, --allow + Set lint allowed - --hide-inclusion-graph - Hides the inclusion graph when printing out info for a crate + -D, --deny + Set lint denied - -s, --show-stats - Show stats for all the checks, regardless of the log-level + --feature-depth + Specifies the depth at which feature edges are added in inclusion graphs - -V, --version - Print version information + -h, --help + Print help information (use `-h` for a summary) - -W, --warn - Set lint warnings + -V, --version + Print version information diff --git a/tests/snapshots/cargo_deny__test__cargo_deny-fetch.snap b/tests/snapshots/cargo_deny__test__cargo_deny-fetch.snap index 22204c4b..b34cb215 100644 --- a/tests/snapshots/cargo_deny__test__cargo_deny-fetch.snap +++ b/tests/snapshots/cargo_deny__test__cargo_deny-fetch.snap @@ -2,27 +2,25 @@ source: src/cargo-deny/main.rs expression: help_text --- -fetch 0.0.0 Fetches remote data -USAGE: - fetch [OPTIONS] [SOURCES]... +Usage: fetch [OPTIONS] [SOURCES]... -ARGS: - ... - The sources to fetch - - [possible values: db, index, all] +Arguments: + [SOURCES]... + The sources to fetch + + [possible values: db, index, all] -OPTIONS: - -c, --config - Path to the config to use - - Defaults to /deny.toml if not specified +Options: + -c, --config + Path to the config to use + + Defaults to /deny.toml if not specified - -h, --help - Print help information + -h, --help + Print help information (use `-h` for a summary) - -V, --version - Print version information + -V, --version + Print version information diff --git a/tests/snapshots/cargo_deny__test__cargo_deny-init.snap b/tests/snapshots/cargo_deny__test__cargo_deny-init.snap index 6866882b..1b81ed43 100644 --- a/tests/snapshots/cargo_deny__test__cargo_deny-init.snap +++ b/tests/snapshots/cargo_deny__test__cargo_deny-init.snap @@ -2,22 +2,20 @@ source: src/cargo-deny/main.rs expression: help_text --- -init 0.0.0 Creates a cargo-deny config from a template -USAGE: - init [CONFIG] +Usage: init [CONFIG] -ARGS: - - The path to create - - Defaults to /deny.toml +Arguments: + [CONFIG] + The path to create + + Defaults to /deny.toml -OPTIONS: - -h, --help - Print help information +Options: + -h, --help + Print help information (use `-h` for a summary) - -V, --version - Print version information + -V, --version + Print version information diff --git a/tests/snapshots/cargo_deny__test__cargo_deny-list.snap b/tests/snapshots/cargo_deny__test__cargo_deny-list.snap index 719338c2..ec2514dd 100644 --- a/tests/snapshots/cargo_deny__test__cargo_deny-list.snap +++ b/tests/snapshots/cargo_deny__test__cargo_deny-list.snap @@ -2,47 +2,40 @@ source: src/cargo-deny/main.rs expression: help_text --- -list 0.0.0 Outputs a listing of all licenses and the crates that use them -USAGE: - list [OPTIONS] - -OPTIONS: - -c, --config - Path to the config to use - - Defaults to a deny.toml in the same folder as the manifest path, or - a deny.toml in a parent directory. - - -f, --format - The format of the output - - [default: human] - [possible values: human, json, tsv] - - -h, --help - Print help information - - -l, --layout - The layout for the output, does not apply to TSV - - [default: license] - [possible values: crate, license] - - -t, --threshold - Minimum confidence threshold for license text - - When determining the license from file contents, a confidence score - is assigned according to how close the contents are to the canonical - license text. If the confidence score is below this threshold, they - license text will ignored, which might mean the crate is treated as - unlicensed. - - [possible values: 0.0 - 1.0] - - [default: 0.8] - - -V, --version - Print version information +Usage: list [OPTIONS] + +Options: + -c, --config + Path to the config to use + + Defaults to a deny.toml in the same folder as the manifest path, or a deny.toml in a parent directory. + + -t, --threshold + Minimum confidence threshold for license text + + When determining the license from file contents, a confidence score is assigned according to how close the contents are to the canonical license text. If the confidence score is below this threshold, they license text will ignored, which might mean the crate is treated as unlicensed. + + [possible values: 0.0 - 1.0] + + [default: 0.8] + + -f, --format + The format of the output + + [default: human] + [possible values: human, json, tsv] + + -l, --layout + The layout for the output, does not apply to TSV + + [default: license] + [possible values: crate, license] + + -h, --help + Print help information (use `-h` for a summary) + + -V, --version + Print version information diff --git a/tests/snapshots/cargo_deny__test__cargo_deny.snap b/tests/snapshots/cargo_deny__test__cargo_deny.snap index ebbdfb41..29a14e1c 100644 --- a/tests/snapshots/cargo_deny__test__cargo_deny.snap +++ b/tests/snapshots/cargo_deny__test__cargo_deny.snap @@ -2,107 +2,93 @@ source: src/cargo-deny/main.rs expression: help_text --- -cargo_deny 0.0.0 -Embark , Jake Shadle - Cargo plugin to help you manage large dependency graphs -USAGE: - cargo_deny [OPTIONS] - -OPTIONS: - --all-features - Activate all available features - - -c, --color - [env: CARGO_TERM_COLOR] - [default: auto] - [possible values: auto, always, never] - - --exclude - One or more crates to exclude from the crate graph that is used. - - NOTE: Unlike cargo, this does not have to be used with the - `--workspace` flag. - - -f, --format - Specify the format of cargo-deny's output - - [default: human] - [possible values: human, json] - - --features - Space or comma separated list of features to activate - - --frozen - Require Cargo.lock and cache are up to date - - -h, --help - Print help information - - -L, --log-level - The log level for messages - - Only log messages at or above the level will be emitted. - - Possible values: - * off - * error - * warn - * info - * debug - * trace - - - [default: warn] - - --locked - Require Cargo.lock is up to date - - --manifest-path - The path of a Cargo.toml to use as the context for the operation. - - By default, the Cargo.toml in the current working directory is used. - - --no-default-features - Do not activate the `default` feature - - --offline - Run without accessing the network. If used with the `check` - subcommand, this also disables advisory database fetching - - -t, --target - One or more platforms to filter crates by - - If a dependency is target specific, it will be ignored if it does - not match 1 or more of the specified targets. This option overrides - the top-level `targets = []` configuration value. - - -V, --version - Print version information - - --workspace - If passed, all workspace packages are used as roots for the crate - graph. - - Automatically assumed if the manifest path points to a virtual - manifest. - - Normally, if you specify a manifest path that is a member of a - workspace, that crate will be the sole root of the crate graph, - meaning only other workspace members that are dependencies of that - workspace crate will be included in the graph. This overrides that - behavior to include all workspace members. - -SUBCOMMANDS: - check - Checks a project's crate graph - fetch - Fetches remote data - help - Print this message or the help of the given subcommand(s) - init - Creates a cargo-deny config from a template - list - Outputs a listing of all licenses and the crates that use them +Usage: cargo_deny [OPTIONS] + +Commands: + check + Checks a project's crate graph + fetch + Fetches remote data + init + Creates a cargo-deny config from a template + list + Outputs a listing of all licenses and the crates that use them + help + Print this message or the help of the given subcommand(s) + +Options: + -L, --log-level + The log level for messages + + Only log messages at or above the level will be emitted. + + Possible values: + * off + * error + * warn + * info + * debug + * trace + + + [default: warn] + + -f, --format + Specify the format of cargo-deny's output + + [default: human] + [possible values: human, json] + + -c, --color + [env: CARGO_TERM_COLOR] + [default: auto] + [possible values: auto, always, never] + + --manifest-path + The path of a Cargo.toml to use as the context for the operation. + + By default, the Cargo.toml in the current working directory is used. + + --workspace + If passed, all workspace packages are used as roots for the crate graph. + + Automatically assumed if the manifest path points to a virtual manifest. + + Normally, if you specify a manifest path that is a member of a workspace, that crate will be the sole root of the crate graph, meaning only other workspace members that are dependencies of that workspace crate will be included in the graph. This overrides that behavior to include all workspace members. + + --exclude + One or more crates to exclude from the crate graph that is used. + + NOTE: Unlike cargo, this does not have to be used with the `--workspace` flag. + + -t, --target + One or more platforms to filter crates by + + If a dependency is target specific, it will be ignored if it does not match 1 or more of the specified targets. This option overrides the top-level `targets = []` configuration value. + + --all-features + Activate all available features + + --no-default-features + Do not activate the `default` feature + + --features + Space or comma separated list of features to activate + + --frozen + Require Cargo.lock and cache are up to date + + --locked + Require Cargo.lock is up to date + + --offline + Run without accessing the network. If used with the `check` subcommand, this also disables advisory database fetching + + -h, --help + Print help information (use `-h` for a summary) + + -V, --version + Print version information diff --git a/tests/snapshots/sources__allows_bitbucket_org.snap b/tests/snapshots/sources__allows_bitbucket_org.snap index 101b68fd..da656468 100644 --- a/tests/snapshots/sources__allows_bitbucket_org.snap +++ b/tests/snapshots/sources__allows_bitbucket_org.snap @@ -77,6 +77,38 @@ expression: diags }, "type": "diagnostic" }, + { + "fields": { + "code": "source-not-allowed", + "graphs": [ + { + "Krate": { + "name": "anyhow", + "version": "1.0.68" + }, + "parents": [ + { + "Krate": { + "name": "sources", + "version": "0.1.0" + } + } + ] + } + ], + "labels": [ + { + "column": 15, + "line": 9, + "message": "source", + "span": "git+https://github.com/dtolnay/anyhow#0a45d7665c32ba61788e09273bb17912ed402332" + } + ], + "message": "detected 'git' source not explicitly allowed", + "severity": "error" + }, + "type": "diagnostic" + }, { "fields": { "code": "source-not-allowed", @@ -84,7 +116,7 @@ expression: diags { "Krate": { "name": "krates", - "version": "0.4.1" + "version": "0.12.6" }, "parents": [ { @@ -98,10 +130,10 @@ expression: diags ], "labels": [ { - "column": 14, - "line": 38, + "column": 15, + "line": 45, "message": "source", - "span": "git+https://github.com/EmbarkStudios/krates?branch=main#3c1eab0f2322bbb16d1d26e82953f702b965e2e5" + "span": "git+https://github.com/EmbarkStudios/krates?branch=main#6aa02ee69d69444c910f0ca04ccebb949d76e738" } ], "message": "detected 'git' source not explicitly allowed", @@ -132,7 +164,7 @@ expression: diags "labels": [ { "column": 17, - "line": 42, + "line": 49, "message": "source", "span": "git+https://bitbucket.org/marshallpierce/line-wrap-rs#41e42b9d95684d41615dd3d0aeeb1cfc4cc47225" }, @@ -171,7 +203,7 @@ expression: diags "labels": [ { "column": 12, - "line": 88, + "line": 94, "message": "source", "span": "git+https://github.com/EmbarkStudios/spdx?tag=0.3.4#ba8dc9f0b164619771892b865f00236ebbd4cd39" } diff --git a/tests/snapshots/sources__allows_git.snap b/tests/snapshots/sources__allows_git.snap index f7a52467..6cd866fd 100644 --- a/tests/snapshots/sources__allows_git.snap +++ b/tests/snapshots/sources__allows_git.snap @@ -89,6 +89,38 @@ expression: diags }, "type": "diagnostic" }, + { + "fields": { + "code": "source-not-allowed", + "graphs": [ + { + "Krate": { + "name": "anyhow", + "version": "1.0.68" + }, + "parents": [ + { + "Krate": { + "name": "sources", + "version": "0.1.0" + } + } + ] + } + ], + "labels": [ + { + "column": 15, + "line": 9, + "message": "source", + "span": "git+https://github.com/dtolnay/anyhow#0a45d7665c32ba61788e09273bb17912ed402332" + } + ], + "message": "detected 'git' source not explicitly allowed", + "severity": "error" + }, + "type": "diagnostic" + }, { "fields": { "code": "allowed-source", @@ -96,7 +128,7 @@ expression: diags { "Krate": { "name": "krates", - "version": "0.4.1" + "version": "0.12.6" }, "parents": [ { @@ -110,10 +142,10 @@ expression: diags ], "labels": [ { - "column": 14, - "line": 38, + "column": 15, + "line": 45, "message": "source", - "span": "git+https://github.com/EmbarkStudios/krates?branch=main#3c1eab0f2322bbb16d1d26e82953f702b965e2e5" + "span": "git+https://github.com/EmbarkStudios/krates?branch=main#6aa02ee69d69444c910f0ca04ccebb949d76e738" }, { "column": 9, @@ -150,7 +182,7 @@ expression: diags "labels": [ { "column": 17, - "line": 42, + "line": 49, "message": "source", "span": "git+https://bitbucket.org/marshallpierce/line-wrap-rs#41e42b9d95684d41615dd3d0aeeb1cfc4cc47225" }, @@ -189,7 +221,7 @@ expression: diags "labels": [ { "column": 12, - "line": 88, + "line": 94, "message": "source", "span": "git+https://github.com/EmbarkStudios/spdx?tag=0.3.4#ba8dc9f0b164619771892b865f00236ebbd4cd39" } diff --git a/tests/snapshots/sources__allows_github_org.snap b/tests/snapshots/sources__allows_github_org.snap index a4094792..d349e955 100644 --- a/tests/snapshots/sources__allows_github_org.snap +++ b/tests/snapshots/sources__allows_github_org.snap @@ -77,6 +77,38 @@ expression: diags }, "type": "diagnostic" }, + { + "fields": { + "code": "source-not-allowed", + "graphs": [ + { + "Krate": { + "name": "anyhow", + "version": "1.0.68" + }, + "parents": [ + { + "Krate": { + "name": "sources", + "version": "0.1.0" + } + } + ] + } + ], + "labels": [ + { + "column": 15, + "line": 9, + "message": "source", + "span": "git+https://github.com/dtolnay/anyhow#0a45d7665c32ba61788e09273bb17912ed402332" + } + ], + "message": "detected 'git' source not explicitly allowed", + "severity": "error" + }, + "type": "diagnostic" + }, { "fields": { "code": "allowed-by-organization", @@ -84,7 +116,7 @@ expression: diags { "Krate": { "name": "krates", - "version": "0.4.1" + "version": "0.12.6" }, "parents": [ { @@ -98,10 +130,10 @@ expression: diags ], "labels": [ { - "column": 14, - "line": 38, + "column": 15, + "line": 45, "message": "source", - "span": "git+https://github.com/EmbarkStudios/krates?branch=main#3c1eab0f2322bbb16d1d26e82953f702b965e2e5" + "span": "git+https://github.com/EmbarkStudios/krates?branch=main#6aa02ee69d69444c910f0ca04ccebb949d76e738" }, { "column": 15, @@ -138,7 +170,7 @@ expression: diags "labels": [ { "column": 17, - "line": 42, + "line": 49, "message": "source", "span": "git+https://bitbucket.org/marshallpierce/line-wrap-rs#41e42b9d95684d41615dd3d0aeeb1cfc4cc47225" } @@ -171,7 +203,7 @@ expression: diags "labels": [ { "column": 12, - "line": 88, + "line": 94, "message": "source", "span": "git+https://github.com/EmbarkStudios/spdx?tag=0.3.4#ba8dc9f0b164619771892b865f00236ebbd4cd39" }, diff --git a/tests/snapshots/sources__allows_gitlab_org.snap b/tests/snapshots/sources__allows_gitlab_org.snap index a5f635f1..5250dfc4 100644 --- a/tests/snapshots/sources__allows_gitlab_org.snap +++ b/tests/snapshots/sources__allows_gitlab_org.snap @@ -89,6 +89,38 @@ expression: diags }, "type": "diagnostic" }, + { + "fields": { + "code": "source-not-allowed", + "graphs": [ + { + "Krate": { + "name": "anyhow", + "version": "1.0.68" + }, + "parents": [ + { + "Krate": { + "name": "sources", + "version": "0.1.0" + } + } + ] + } + ], + "labels": [ + { + "column": 15, + "line": 9, + "message": "source", + "span": "git+https://github.com/dtolnay/anyhow#0a45d7665c32ba61788e09273bb17912ed402332" + } + ], + "message": "detected 'git' source not explicitly allowed", + "severity": "error" + }, + "type": "diagnostic" + }, { "fields": { "code": "source-not-allowed", @@ -96,7 +128,7 @@ expression: diags { "Krate": { "name": "krates", - "version": "0.4.1" + "version": "0.12.6" }, "parents": [ { @@ -110,10 +142,10 @@ expression: diags ], "labels": [ { - "column": 14, - "line": 38, + "column": 15, + "line": 45, "message": "source", - "span": "git+https://github.com/EmbarkStudios/krates?branch=main#3c1eab0f2322bbb16d1d26e82953f702b965e2e5" + "span": "git+https://github.com/EmbarkStudios/krates?branch=main#6aa02ee69d69444c910f0ca04ccebb949d76e738" } ], "message": "detected 'git' source not explicitly allowed", @@ -144,7 +176,7 @@ expression: diags "labels": [ { "column": 17, - "line": 42, + "line": 49, "message": "source", "span": "git+https://bitbucket.org/marshallpierce/line-wrap-rs#41e42b9d95684d41615dd3d0aeeb1cfc4cc47225" } @@ -177,7 +209,7 @@ expression: diags "labels": [ { "column": 12, - "line": 88, + "line": 94, "message": "source", "span": "git+https://github.com/EmbarkStudios/spdx?tag=0.3.4#ba8dc9f0b164619771892b865f00236ebbd4cd39" } diff --git a/tests/snapshots/sources__fails_unknown_git.snap b/tests/snapshots/sources__fails_unknown_git.snap index f05dc1fd..04e1688d 100644 --- a/tests/snapshots/sources__fails_unknown_git.snap +++ b/tests/snapshots/sources__fails_unknown_git.snap @@ -77,6 +77,38 @@ expression: diags }, "type": "diagnostic" }, + { + "fields": { + "code": "source-not-allowed", + "graphs": [ + { + "Krate": { + "name": "anyhow", + "version": "1.0.68" + }, + "parents": [ + { + "Krate": { + "name": "sources", + "version": "0.1.0" + } + } + ] + } + ], + "labels": [ + { + "column": 15, + "line": 9, + "message": "source", + "span": "git+https://github.com/dtolnay/anyhow#0a45d7665c32ba61788e09273bb17912ed402332" + } + ], + "message": "detected 'git' source not explicitly allowed", + "severity": "error" + }, + "type": "diagnostic" + }, { "fields": { "code": "source-not-allowed", @@ -84,7 +116,7 @@ expression: diags { "Krate": { "name": "krates", - "version": "0.4.1" + "version": "0.12.6" }, "parents": [ { @@ -98,10 +130,10 @@ expression: diags ], "labels": [ { - "column": 14, - "line": 38, + "column": 15, + "line": 45, "message": "source", - "span": "git+https://github.com/EmbarkStudios/krates?branch=main#3c1eab0f2322bbb16d1d26e82953f702b965e2e5" + "span": "git+https://github.com/EmbarkStudios/krates?branch=main#6aa02ee69d69444c910f0ca04ccebb949d76e738" } ], "message": "detected 'git' source not explicitly allowed", @@ -132,7 +164,7 @@ expression: diags "labels": [ { "column": 17, - "line": 42, + "line": 49, "message": "source", "span": "git+https://bitbucket.org/marshallpierce/line-wrap-rs#41e42b9d95684d41615dd3d0aeeb1cfc4cc47225" } @@ -165,7 +197,7 @@ expression: diags "labels": [ { "column": 12, - "line": 88, + "line": 94, "message": "source", "span": "git+https://github.com/EmbarkStudios/spdx?tag=0.3.4#ba8dc9f0b164619771892b865f00236ebbd4cd39" } diff --git a/tests/sources.rs b/tests/sources.rs index 2cb5711a..7256b4e9 100644 --- a/tests/sources.rs +++ b/tests/sources.rs @@ -84,21 +84,29 @@ fn validates_git_source_specs() { assert!(GitSpec::Tag > GitSpec::Branch); assert!(GitSpec::Branch > GitSpec::Any); - let levels = [ - (GitSpec::Rev, "https://gitlab.com/amethyst-engine/amethyst"), - (GitSpec::Tag, "https://github.com/EmbarkStudios/spdx"), - (GitSpec::Branch, "https://github.com/EmbarkStudios/krates"), - ( + let levels: &[&[(_, _)]] = &[ + [(GitSpec::Rev, "https://gitlab.com/amethyst-engine/amethyst")].as_ref(), + [(GitSpec::Tag, "https://github.com/EmbarkStudios/spdx")].as_ref(), + [ + (GitSpec::Branch, "https://github.com/EmbarkStudios/krates"), + (GitSpec::Branch, "https://github.com/dtolnay/anyhow"), + ] + .as_ref(), + [( GitSpec::Any, "https://bitbucket.org/marshallpierce/line-wrap-rs", - ), + )] + .as_ref(), ]; - for (i, (spec, _url)) in levels.iter().enumerate() { + for (i, (spec, _url)) in levels + .iter() + .enumerate() + .flat_map(|(i, lvl)| lvl.iter().map(move |l| (i, l))) + { let cfg = format!( "unknown-git = 'allow' - required-git-spec = '{}'", - spec + required-git-spec = '{spec}'" ); let mut diags = src_check(func_name!(), KrateGather::new("sources"), cfg); @@ -111,7 +119,11 @@ fn validates_git_source_specs() { .starts_with("'git' source is underspecified, expected") }); - for (j, (_, url)) in levels.iter().enumerate() { + for (j, (_, url)) in levels + .iter() + .enumerate() + .flat_map(|(i, lvl)| lvl.iter().map(move |l| (i, l))) + { let severities: Vec<_> = diags .iter() .filter_map(|d| { diff --git a/tests/test_data/sources/Cargo.lock b/tests/test_data/sources/Cargo.lock index 0b5e145d..3d1b5d11 100644 --- a/tests/test_data/sources/Cargo.lock +++ b/tests/test_data/sources/Cargo.lock @@ -1,19 +1,21 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. +version = 3 + [[package]] name = "addr2line" -version = "0.13.0" +version = "0.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b6a2d3371669ab3ca9797670853d61402b03d0b4b9ebf33d677dfa720203072" +checksum = "a76fd60b23679b7d19bd066031410fb7e458ccc5e958eb5c325888ce4baedc97" dependencies = [ "gimli", ] [[package]] name = "adler" -version = "0.2.3" +version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ee2a4ec343196209d6594e19543ae87a39f96d5534d7174822a3ad825dd6ed7e" +checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" [[package]] name = "ahash" @@ -23,9 +25,9 @@ checksum = "e8fd72866655d1904d6b0997d0b07ba561047d070fbe29de039031c641b61217" [[package]] name = "aho-corasick" -version = "0.7.13" +version = "0.7.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "043164d8ba5c4c3035fec9bbee8647c0261d788f3474306f93bb65901cae0e86" +checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac" dependencies = [ "memchr", ] @@ -84,6 +86,11 @@ dependencies = [ "backtrace", ] +[[package]] +name = "anyhow" +version = "1.0.68" +source = "git+https://github.com/dtolnay/anyhow?branch=master#0a45d7665c32ba61788e09273bb17912ed402332" + [[package]] name = "approx" version = "0.3.2" @@ -95,52 +102,80 @@ dependencies = [ [[package]] name = "arrayvec" -version = "0.5.1" +version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cff77d8686867eceff3105329d4698d96c2391c176d5d03adc90c7389162b5b8" +checksum = "23b62fc65de8e4e7f52534fb52b0f3ed04746ae267519eef2a83941e8085068b" [[package]] name = "atom" -version = "0.3.5" +version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c86699c3f02778ec07158376991c8f783dd1f2f95c579ffaf0738dc984b2fe2" +checksum = "c9ff149ed9780025acfdb36862d35b28856bb693ceb451259a7164442f22fdc3" [[package]] name = "autocfg" -version = "1.0.0" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8aac770f1885fd7e387acedd76065302551364496e46b3dd00860b2f8359b9d" +checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" [[package]] name = "backtrace" -version = "0.3.50" +version = "0.3.67" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46254cf2fdcdf1badb5934448c1bcbe046a56537b3987d96c51a7afc5d03f293" +checksum = "233d376d6d185f2a3093e58f283f60f880315b6c60075b01f36b3b85154564ca" dependencies = [ "addr2line", - "cfg-if", + "cc", + "cfg-if 1.0.0", "libc", "miniz_oxide", "object", "rustc-demangle", ] +[[package]] +name = "camino" +version = "1.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "88ad0e1e3e88dd237a156ab9f571021b8a158caa0ae44b1968a241efb5144c1e" +dependencies = [ + "serde", +] + +[[package]] +name = "cargo-platform" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cbdb825da8a5df079a43676dbe042702f1707b1109f713a01420fbb4cc71fa27" +dependencies = [ + "serde", +] + [[package]] name = "cargo_metadata" -version = "0.11.1" +version = "0.15.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89fec17b16f1ac67908af82e47d0a90a7afd0e1827b181cd77504323d3263d35" +checksum = "982a0cf6a99c350d7246035613882e376d58cebe571785abc5da4f648d53ac0a" dependencies = [ + "camino", + "cargo-platform", "semver", "serde", "serde_json", + "thiserror", ] +[[package]] +name = "cc" +version = "1.0.78" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a20104e2335ce8a659d6dd92a51a767a0c062599c73b343fd152cb401e828c3d" + [[package]] name = "cfg-expr" -version = "0.4.1" +version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c2be76f06820200669a77ae59a8328c6b8fe4496e8fb7fed02f2806a442c5ff" +checksum = "0bbc13bf6290a6b202cc3efb36f7ec2b739a80634215630c8053a313edf6abef" dependencies = [ "smallvec", ] @@ -151,28 +186,42 @@ version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "crossbeam-channel" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2dd04ddaf88237dc3b8d8f9a3c1004b506b54b3313403944054d23c0870c521" +dependencies = [ + "cfg-if 1.0.0", + "crossbeam-utils 0.8.14", +] + [[package]] name = "crossbeam-deque" -version = "0.7.3" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f02af974daeee82218205558e51ec8768b48cf524bd01d550abe5573a608285" +checksum = "715e8152b692bba2d374b53d4875445368fdf21a94751410af607a5ac677d1fc" dependencies = [ + "cfg-if 1.0.0", "crossbeam-epoch", - "crossbeam-utils", - "maybe-uninit", + "crossbeam-utils 0.8.14", ] [[package]] name = "crossbeam-epoch" -version = "0.8.2" +version = "0.9.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "058ed274caafc1f60c4997b5fc07bf7dc7cca454af7c6e81edffe5f33f70dace" +checksum = "01a9af1f4c2ef74bb8aa1f7e19706bc72d03598c8a570bb5de72243c7a9d9d5a" dependencies = [ "autocfg", - "cfg-if", - "crossbeam-utils", - "lazy_static", - "maybe-uninit", + "cfg-if 1.0.0", + "crossbeam-utils 0.8.14", "memoffset", "scopeguard", ] @@ -183,8 +232,8 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "774ba60a54c213d409d5353bda12d49cd68d14e45036a285234c8d6f91f92570" dependencies = [ - "cfg-if", - "crossbeam-utils", + "cfg-if 0.1.10", + "crossbeam-utils 0.7.2", "maybe-uninit", ] @@ -195,15 +244,24 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c3c7c73a2d1e9fc0886a08b93e98eb643461230d5f1925e4036204d5f2e261a8" dependencies = [ "autocfg", - "cfg-if", + "cfg-if 0.1.10", "lazy_static", ] +[[package]] +name = "crossbeam-utils" +version = "0.8.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4fb766fa798726286dbbb842f174001dab8abc7b627a1dd86e0b7222a95d929f" +dependencies = [ + "cfg-if 1.0.0", +] + [[package]] name = "derivative" -version = "2.1.1" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb582b60359da160a9477ee80f15c8d784c477e69c217ef2cdd4169c24ea380f" +checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" dependencies = [ "proc-macro2", "quote", @@ -212,9 +270,9 @@ dependencies = [ [[package]] name = "derive-new" -version = "0.5.8" +version = "0.5.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "71f31892cd5c62e414316f2963c5689242c43d8e7bbcaaeca97e5e28c95d91d9" +checksum = "3418329ca0ad70234b9735dc4ceed10af4df60eff9c8e7b06cb5e520d92c3535" dependencies = [ "proc-macro2", "quote", @@ -229,9 +287,9 @@ checksum = "bbbaaaf38131deb9ca518a274a45bfdb8771f139517b073b16c2d3d32ae5037b" [[package]] name = "either" -version = "1.5.3" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb1f6b1ce1c140482ea30ddd3335fc0024ac7ee112895426e0a629a6c20adfe3" +checksum = "90e5c1c8368803113bf0c9584fc495a58b86dc8a29edbf8fe877d21d9507e797" [[package]] name = "env_logger" @@ -245,9 +303,9 @@ dependencies = [ [[package]] name = "fixedbitset" -version = "0.2.0" +version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37ab347416e802de484e4d03c7316c48f1ecb56574dfd4a46a80f173ce1de04d" +checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80" [[package]] name = "fnv" @@ -257,20 +315,20 @@ checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" [[package]] name = "generic-array" -version = "0.13.2" +version = "0.13.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0ed1e761351b56f54eb9dcd0cfaca9fd0daecf93918e1cfc01c8a3d26ee7adcd" +checksum = "f797e67af32588215eaaab8327027ee8e71b9dd0b2b26996aedf20c030fce309" dependencies = [ "typenum", ] [[package]] name = "getrandom" -version = "0.1.14" +version = "0.1.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7abc8dd8451921606d809ba32e95b6111925cd2906060d2dcc29c070220503eb" +checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "libc", "wasi", ] @@ -288,9 +346,9 @@ dependencies = [ [[package]] name = "gimli" -version = "0.22.0" +version = "0.27.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aaf91faf136cb47367fa430cd46e37a788775e7fa104f8b4bcb3861dc389b724" +checksum = "dec7af912d60cdbd3677c1af9352ebae6fb8394d165568a2234df0fa00f87793" [[package]] name = "hashbrown" @@ -304,18 +362,15 @@ dependencies = [ [[package]] name = "hashbrown" -version = "0.8.1" +version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34f595585f103464d8d2f6e9864682d74c1601fed5e07d62b1c9058dba8246fb" -dependencies = [ - "autocfg", -] +checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" [[package]] name = "hermit-abi" -version = "0.1.15" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3deed196b6e7f9e44a2ae8d94225d80302d81208b1bb673fd21fe634645c85a9" +checksum = "ee512640fe35acbfb4bb779db6f0d80704c2cacfa2e39b601ef3e3f47d1ae4c7" dependencies = [ "libc", ] @@ -332,24 +387,24 @@ dependencies = [ [[package]] name = "indexmap" -version = "1.5.0" +version = "1.9.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b88cd59ee5f71fea89a62248fc8f387d44400cefe05ef548466d61ced9029a7" +checksum = "1885e79c1fc4b10f0e172c475f458b7f7b93061064d98c3293e98c5ba0c8b399" dependencies = [ "autocfg", - "hashbrown 0.8.1", + "hashbrown 0.12.3", ] [[package]] name = "itoa" -version = "0.4.6" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc6f3ad7b9d11a0c00842ff8de1b60ee58661048eb8049ed33c73594f359d7e6" +checksum = "fad582f4b9e86b6caa621cabeb0963332d92eea04729ab12892c2533951e6440" [[package]] name = "krates" -version = "0.4.1" -source = "git+https://github.com/EmbarkStudios/krates?branch=main#3c1eab0f2322bbb16d1d26e82953f702b965e2e5" +version = "0.12.6" +source = "git+https://github.com/EmbarkStudios/krates?branch=main#6aa02ee69d69444c910f0ca04ccebb949d76e738" dependencies = [ "cargo_metadata", "cfg-expr", @@ -365,15 +420,15 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.74" +version = "0.2.139" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a2f02823cf78b754822df5f7f268fb59822e7296276d3e069d8e8cb26a14bd10" +checksum = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" [[package]] name = "libm" -version = "0.2.1" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7d73b3f436185384286bd8098d17ec07c9a7d2388a6599f824d8502b529702a" +checksum = "348108ab3fba42ec82ff6e9564fc4ca0247bdccdc68dd8af9764bbc79c3c8ffb" [[package]] name = "line-wrap" @@ -385,18 +440,18 @@ dependencies = [ [[package]] name = "log" -version = "0.4.11" +version = "0.4.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4fabed175da42fed1fa0746b0ea71f412aa9d35e76e95e59b192c64b9dc2bf8b" +checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", ] [[package]] name = "matrixmultiply" -version = "0.2.3" +version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4f7ec66360130972f34830bfad9ef05c6610a43938a467bcc9ab9369ab3478f" +checksum = "916806ba0031cd542105d916a97c8572e1fa6dd79c9c51e7eb43a09ec2dd84c1" dependencies = [ "rawpointer", ] @@ -409,33 +464,33 @@ checksum = "60302e4db3a61da70c0cb7991976248362f30319e88850c487b9b95bbf059e00" [[package]] name = "memchr" -version = "2.3.3" +version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400" +checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" [[package]] name = "memoffset" -version = "0.5.5" +version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c198b026e1bbf08a937e94c6c60f9ec4a2267f5b0d2eec9c1b21b061ce2be55f" +checksum = "5de893c32cde5f383baa4c04c5d6dbdd735cfd4a794b0debdb2bb1b421da5ff4" dependencies = [ "autocfg", ] [[package]] name = "miniz_oxide" -version = "0.4.0" +version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be0f75932c1f6cfae3c04000e40114adf955636e19040f9c0a2c380702aa1c7f" +checksum = "b275950c28b37e794e8c55d88aeb5e139d0ce23fdbbeda68f8d7174abdf9e8fa" dependencies = [ "adler", ] [[package]] name = "mint" -version = "0.5.5" +version = "0.5.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d42e54f364a39ad5238e3072db2e8747785b37655368da756987d3b09ada91e0" +checksum = "e53debba6bda7a793e5f99b8dacf19e626084f525f7829104ba9898f367d85ff" [[package]] name = "mopa" @@ -487,9 +542,9 @@ dependencies = [ [[package]] name = "num-integer" -version = "0.1.43" +version = "0.1.45" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d59457e662d541ba17869cf51cf177c0b5f0cbf476c66bdc90bf1edac4f875b" +checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" dependencies = [ "autocfg", "num-traits", @@ -508,9 +563,9 @@ dependencies = [ [[package]] name = "num-traits" -version = "0.2.12" +version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ac267bcc07f48ee5f8935ab0d24f316fb722d7a1292e2913f0cc196b29ffd611" +checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" dependencies = [ "autocfg", "libm", @@ -518,9 +573,9 @@ dependencies = [ [[package]] name = "num_cpus" -version = "1.13.0" +version = "1.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05499f3756671c15885fee9034446956fff3f243d6077b91e5767df161f766b3" +checksum = "0fac9e2da13b5eb447a6ce3d392f23a29d8694bff781bf03a16cd9ac8697593b" dependencies = [ "hermit-abi", "libc", @@ -528,15 +583,18 @@ dependencies = [ [[package]] name = "object" -version = "0.20.0" +version = "0.30.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1ab52be62400ca80aa00285d25253d7f7c437b7375c4de678f5405d3afe82ca5" +checksum = "8d864c91689fdc196779b98dba0aceac6118594c2df6ee5d943eb6a8df4d107a" +dependencies = [ + "memchr", +] [[package]] name = "petgraph" -version = "0.5.1" +version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "467d164a6de56270bd7c4d070df81d07beace25012d5103ced4e9ff08d6afdb7" +checksum = "e6d5014253a1331579ce62aa67443b4a658c5e7dd03d4bc6d302b94474888143" dependencies = [ "fixedbitset", "indexmap", @@ -544,17 +602,17 @@ dependencies = [ [[package]] name = "ppv-lite86" -version = "0.2.8" +version = "0.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "237a5ed80e274dbc66f86bd59c1e25edc039660be53194b5fe0a482e0f2612ea" +checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" [[package]] name = "proc-macro2" -version = "1.0.19" +version = "1.0.49" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "04f5f085b5d71e2188cb8271e5da0161ad52c3f227a661a3c135fdf28e258b12" +checksum = "57a8eca9f9c4ffde41714334dee777596264c7825420f521abc92b5b5deb63a5" dependencies = [ - "unicode-xid", + "unicode-ident", ] [[package]] @@ -571,9 +629,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.7" +version = "1.0.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa563d17ecb180e500da1cfd2b028310ac758de548efdd203e18f283af693f37" +checksum = "8856d8364d252a14d474036ea1358d63c9e6965c8e5c1885c18f73d70bff9c7b" dependencies = [ "proc-macro2", ] @@ -636,58 +694,54 @@ checksum = "60a357793950651c4ed0f3f52338f53b2f809f32d83a07f72909fa13e4c6c1e3" [[package]] name = "rayon" -version = "1.3.1" +version = "1.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62f02856753d04e03e26929f820d0a0a337ebe71f849801eea335d464b349080" +checksum = "6db3a213adf02b3bcfd2d3846bb41cb22857d131789e01df434fb7e7bc0759b7" dependencies = [ - "autocfg", - "crossbeam-deque", "either", "rayon-core", ] [[package]] name = "rayon-core" -version = "1.7.1" +version = "1.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e92e15d89083484e11353891f1af602cc661426deb9564c298b270c726973280" +checksum = "cac410af5d00ab6884528b4ab69d1e8e146e8d471201800fa1b4524126de6ad3" dependencies = [ + "crossbeam-channel", "crossbeam-deque", - "crossbeam-queue", - "crossbeam-utils", - "lazy_static", + "crossbeam-utils 0.8.14", "num_cpus", ] [[package]] name = "regex" -version = "1.3.9" +version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c3780fcf44b193bc4d09f36d2a3c87b251da4a046c87795a0d35f4f927ad8e6" +checksum = "e076559ef8e241f2ae3479e36f97bd5741c0330689e217ad51ce2c76808b868a" dependencies = [ "aho-corasick", "memchr", "regex-syntax", - "thread_local", ] [[package]] name = "regex-syntax" -version = "0.6.18" +version = "0.6.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26412eb97c6b088a6997e05f69403a802a92d520de2f8e63c2b65f9e0f47c4e8" +checksum = "456c603be3e8d448b072f410900c09faf164fbce2d480456f50eea6e25f9c848" [[package]] name = "rustc-demangle" -version = "0.1.16" +version = "0.1.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c691c0e608126e00913e33f0ccf3727d5fc84573623b8d65b2df340b5201783" +checksum = "7ef03e0a2b150c7a90d01faf6254c9c48a41e95fb2a8c2ac1c6f0d2b9aefc342" [[package]] name = "ryu" -version = "1.0.5" +version = "1.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "71d301d4193d031abdd79ff7e3dd721168a9572ef3fe51a1517aba235bd8f86e" +checksum = "7b4b9743ed687d4b4bcedf9ff5eaa7398495ae14e61cba0a295704edbc7decde" [[package]] name = "safemem" @@ -703,34 +757,27 @@ checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" [[package]] name = "semver" -version = "0.10.0" +version = "1.0.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "394cec28fa623e00903caf7ba4fa6fb9a0e260280bb8cdbbba029611108a0190" +checksum = "58bc9567378fc7690d6b2addae4e60ac2eeea07becb2c64b9f218b53865cba2a" dependencies = [ - "semver-parser", "serde", ] -[[package]] -name = "semver-parser" -version = "0.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" - [[package]] name = "serde" -version = "1.0.114" +version = "1.0.152" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5317f7588f0a5078ee60ef675ef96735a1442132dc645eb1d12c018620ed8cd3" +checksum = "bb7d1f0d3021d347a83e556fc4683dea2ea09d87bccdf88ff5c12545d89d5efb" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.114" +version = "1.0.152" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2a0be94b04690fbaed37cddffc5c134bf537c8e3329d53e982fe04c374978f8e" +checksum = "af487d118eecd09402d70a5d72551860e788df87b464af30e5ea6a38c75c541e" dependencies = [ "proc-macro2", "quote", @@ -739,9 +786,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.57" +version = "1.0.91" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "164eacbdb13512ec2745fb09d51fd5b22b0d65ed294a1dcf7285a360c80a675c" +checksum = "877c235533714907a8c2464236f5c4b2a17262ef1bd71f38f35ea592c8da6883" dependencies = [ "itoa", "ryu", @@ -765,9 +812,9 @@ dependencies = [ [[package]] name = "shred-derive" -version = "0.6.2" +version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1f37080f2751fbf091dbdebaa95bd6cf9dbf74ad1d50396b1908518a1747fdf" +checksum = "d5404c36bd155e41a54276ab6aafedad2fb627e5e5849d36ec439c9ddc044a2f" dependencies = [ "proc-macro2", "quote", @@ -776,21 +823,22 @@ dependencies = [ [[package]] name = "shrev" -version = "1.1.1" +version = "1.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5752e017e03af9d735b4b069f53b7a7fd90fefafa04d8bd0c25581b0bff437f" +checksum = "a5ea33232fdcf1bf691ca33450e5a94dde13e1a8cbb8caabc5e4f9d761e10b1a" [[package]] name = "smallvec" -version = "1.4.1" +version = "1.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3757cb9d89161a2f24e1cf78efa0c1fcff485d18e3f55e0aa3480824ddaa0f3f" +checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" [[package]] name = "sources" version = "0.1.0" dependencies = [ "amethyst_core", + "anyhow", "krates", "line-wrap", "spdx", @@ -847,22 +895,33 @@ dependencies = [ [[package]] name = "syn" -version = "1.0.38" +version = "1.0.107" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e69abc24912995b3038597a7a593be5053eb0fb44f3cc5beec0deb421790c1f4" +checksum = "1f4064b5b16e03ae50984a5a8ed5d4f8803e6bc1fd170a3cda91a1be4b18e3f5" dependencies = [ "proc-macro2", "quote", - "unicode-xid", + "unicode-ident", ] [[package]] -name = "thread_local" -version = "1.0.1" +name = "thiserror" +version = "1.0.38" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d40c6d1b69745a6ec6fb1ca717914848da4b44ae29d9b3080cbee91d72a69b14" +checksum = "6a9cd18aa97d5c45c6603caea1da6628790b37f7a34b6ca89522331c5180fed0" dependencies = [ - "lazy_static", + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.38" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fb327af4685e4d03fa8cbcf1716380da910eeb2bb8be417e7f9fd3fb164f36f" +dependencies = [ + "proc-macro2", + "quote", + "syn", ] [[package]] @@ -873,30 +932,30 @@ checksum = "44834418e2c5b16f47bedf35c28e148db099187dd5feee6367fb2525863af4f1" [[package]] name = "tynm" -version = "0.1.4" +version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "367fb781963961b4a90a3362c54b1871caaecb081f011005778242230f39d34e" +checksum = "a4df2caa2dc9c3d1f7641ba981f4cd40ab229775aa7aeb834c9ab2850d50623d" dependencies = [ "nom", ] [[package]] name = "typenum" -version = "1.12.0" +version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "373c8a200f9e67a0c95e62a4f52fbf80c23b4381c05a17845531982fa99e6b33" +checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" [[package]] -name = "unicode-xid" -version = "0.2.1" +name = "unicode-ident" +version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564" +checksum = "84a22b9f218b40614adcb3f4ff08b703773ad44fa9423e4e0d346d5db86e4ebc" [[package]] name = "version_check" -version = "0.9.2" +version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5a972e5669d67ba988ce3dc826706fb0a8b01471c088cb0b6110b805cc36aed" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" [[package]] name = "wasi" diff --git a/tests/test_data/sources/Cargo.toml b/tests/test_data/sources/Cargo.toml index e1fb89d8..88b27622 100644 --- a/tests/test_data/sources/Cargo.toml +++ b/tests/test_data/sources/Cargo.toml @@ -5,7 +5,8 @@ authors = ["Jake Shadle "] edition = "2018" [dependencies] -krates = "0.4.1" +anyhow = "1.0" +krates = "0.12" [dev-dependencies] spdx = "0.3.4" @@ -20,6 +21,7 @@ line-wrap = "0.1.1" # custom = { version = "0.10.0", registry = "fancy-pants" } [patch.crates-io] +anyhow = { git = "https://github.com/dtolnay/anyhow", branch = "master" } amethyst_core = { git = "https://gitlab.com/amethyst-engine/amethyst", rev = "0c2da617" } krates = { git = "https://github.com/EmbarkStudios/krates", branch = "main" } line-wrap = { git = "https://bitbucket.org/marshallpierce/line-wrap-rs" }