mirror of
https://github.com/tauri-apps/tauri.git
synced 2024-12-25 19:54:07 +03:00
fix: Only provide cargo-vet
suggestions for now (#9714)
As the workflow is failing because of a larger number of unvetted dependencies I transform this to suggestions only until we have a better vetting workflow and resources to audit available.
This commit is contained in:
parent
6f281b2e30
commit
e78bfa722e
5
.github/workflows/supply-chain.yml
vendored
5
.github/workflows/supply-chain.yml
vendored
@ -37,8 +37,9 @@ jobs:
|
|||||||
- name: Ensure that the tool cache is populated with the cargo-vet binary
|
- name: Ensure that the tool cache is populated with the cargo-vet binary
|
||||||
run: cargo install --root ${{ runner.tool_cache }}/cargo-vet --version ${{ env.CARGO_VET_VERSION }} cargo-vet
|
run: cargo install --root ${{ runner.tool_cache }}/cargo-vet --version ${{ env.CARGO_VET_VERSION }} cargo-vet
|
||||||
|
|
||||||
- name: Invoke cargo-vet
|
# Enable this again to break the workflow once we have a reasonable amount of suggestions to get to a clean base line
|
||||||
run: cargo vet --locked
|
# - name: Invoke cargo-vet
|
||||||
|
# run: cargo vet --locked
|
||||||
|
|
||||||
- name: Provide audit suggestions
|
- name: Provide audit suggestions
|
||||||
run: cargo vet --locked suggestions
|
run: cargo vet --locked suggestions
|
||||||
|
Loading…
Reference in New Issue
Block a user