From 0fbefe9389708e2f76003c16ee02dcab6c83017f Mon Sep 17 00:00:00 2001 From: Josh McKinney Date: Sun, 30 Nov 2025 01:26:16 -0800 Subject: [PATCH] chore(ci): don't fail on cargo-deny advisories (#2237) Instead of failing on advisories, run the cargo-deny check, and report the failure. Uses the cargo-deny-action instead of installing this manually. https://github.com/EmbarkStudios/cargo-deny-action/tree/v2?tab=readme-ov-file#recommended-pipeline-if-using-advisories-to-avoid-sudden-breakages (bumped to use rust stable, and log level info) --- .github/workflows/ci.yml | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d8bedb46..4e7abf77 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -55,20 +55,25 @@ jobs: # Check for any disallowed dependencies in the codebase due to license / security issues. # See - dependencies: - name: Check Dependencies + cargo-deny: runs-on: ubuntu-latest + strategy: + matrix: + checks: + - advisories + - bans licenses sources + # Prevent sudden announcement of a new advisory from failing ci: + continue-on-error: ${{ matrix.checks == 'advisories' }} steps: - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: persist-credentials: false - - uses: dtolnay/rust-toolchain@0b1efabc08b657293548b77fb76cc02d26091c7e # master + - uses: EmbarkStudios/cargo-deny-action@76cd80eb775d7bbbd2d80292136d74d39e1b4918 # v2 with: - toolchain: stable - - uses: taiki-e/install-action@763e3324d4fd026c9bd284c504378585777a87d5 # v2 - with: - tool: cargo-deny - - run: cargo deny --log-level info --all-features check + rust-toolchain: stable + log-level: info + arguments: --all-features --exclude-unpublished + command: check ${{ matrix.checks }} # Check for any unused dependencies in the codebase. # See