fix: Only provide cargo-vet suggestions for now (#9714)

As the workflow is failing because of a larger number of unvetted dependencies I transform this to suggestions only until we have a better vetting workflow and resources to audit available.
This commit is contained in:
Tillmann 2024-05-09 21:04:35 +09:00 committed by GitHub
parent 6f281b2e30
commit e78bfa722e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -37,8 +37,9 @@ jobs:
- name: Ensure that the tool cache is populated with the cargo-vet binary - name: Ensure that the tool cache is populated with the cargo-vet binary
run: cargo install --root ${{ runner.tool_cache }}/cargo-vet --version ${{ env.CARGO_VET_VERSION }} cargo-vet run: cargo install --root ${{ runner.tool_cache }}/cargo-vet --version ${{ env.CARGO_VET_VERSION }} cargo-vet
- name: Invoke cargo-vet # Enable this again to break the workflow once we have a reasonable amount of suggestions to get to a clean base line
run: cargo vet --locked # - name: Invoke cargo-vet
# run: cargo vet --locked
- name: Provide audit suggestions - name: Provide audit suggestions
run: cargo vet --locked suggestions run: cargo vet --locked suggestions