Skip to content

fix: RUSTSEC-2024-0370 #11977

fix: RUSTSEC-2024-0370

fix: RUSTSEC-2024-0370 #11977

Workflow file for this run

name: Rust code linters
# Cancel workflow if there is a new change to the branch.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
on:
workflow_dispatch:
merge_group:
pull_request:
branches:
- main
paths:
- '**/*.rs'
- '.github/workflows/rust-lint.yml'
push:
branches:
- main
paths:
- '**/*.rs'
- '.github/workflows/rust-lint.yml'
schedule:
- cron: "0 0 * * *"
env:
CI: 1
CARGO_INCREMENTAL: 0
CACHE_TIMEOUT_MINUTES: 5
AWS_ACCESS_KEY_ID: '${{ secrets.AWS_ACCESS_KEY_ID }}'
AWS_SECRET_ACCESS_KEY: '${{ secrets.AWS_SECRET_ACCESS_KEY }}'
RUSTC_WRAPPER: "sccache"
CC: "sccache clang"
CXX: "sccache clang++"
jobs:
lint-all:
name: All lint checks
runs-on: ubuntu-24.04
steps:
- name: Configure SCCache variables
run: |
# External PRs do not have access to 'vars' or 'secrets'.
if [[ "$AWS_ACCESS_KEY_ID" != "" ]]; then
echo "SCCACHE_ENDPOINT=${{ vars.SCCACHE_ENDPOINT}}" >> $GITHUB_ENV
echo "SCCACHE_BUCKET=${{ vars.SCCACHE_BUCKET}}" >> $GITHUB_ENV
echo "SCCACHE_REGION=${{ vars.SCCACHE_REGION}}" >> $GITHUB_ENV
fi
- name: Checkout Sources
uses: actions/checkout@v4
- name: Setup sccache
uses: mozilla-actions/[email protected]
timeout-minutes: ${{ fromJSON(env.CACHE_TIMEOUT_MINUTES) }}
continue-on-error: true
- name: Apt Dependencies
uses: nick-fields/retry@v3
with:
timeout_minutes: 5
max_attempts: 3
command: |
sudo apt-get install -y libclang-dev # required dep for cargo-spellcheck
- name: Install Lint tools
run: make install-lint-tools-ci
env:
RUSTFLAGS: "-Cstrip=symbols"
- run: make lint-all
dependencies-check:
name: Check cargo files
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: "3.0"
- name: Run dependencies checks
run: |
gem install toml-rb --no-document
ruby scripts/linters/find_unused_deps.rb