From ba1de9c654c3a5442a110b470cc70fb596e6b664 Mon Sep 17 00:00:00 2001 From: Luni-4 Date: Thu, 30 Nov 2023 19:06:27 +0100 Subject: [PATCH] Ci/Schedule dependencies checks (#1014) * ci: Add audit file * ci: Schedule dependencies checks * mnist-inference-web: Remove unused dep * Run when a new release is created * Fix comment --- .github/workflows/dependencies.yml | 34 ++++++++++--------------- audit.toml | 27 ++++++++++++++++++++ examples/mnist-inference-web/Cargo.toml | 1 - 3 files changed, 41 insertions(+), 21 deletions(-) create mode 100644 audit.toml diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml index b8b9fc550..07492aafc 100644 --- a/.github/workflows/dependencies.yml +++ b/.github/workflows/dependencies.yml @@ -1,17 +1,11 @@ name: dependencies on: + schedule: + - cron: '0 21 * * TUE' # Run every Tuesday at 21:00 (UTC) push: - branches: - - main - paths: - - '**/Cargo.lock' - - '**/Cargo.toml' - pull_request: - types: [opened, synchronize] - paths: - - '**/Cargo.lock' - - '**/Cargo.toml' + tags: + - 'v*.*.*' concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -40,14 +34,14 @@ jobs: toolchain: nightly components: rustfmt - # - name: Install cargo-udeps - # env: - # UDEPS_LINK: https://github.com/est31/cargo-udeps/releases/download - # UDEPS_VERSION: v0.1.43 - # run: | - # curl -L "$UDEPS_LINK/$UDEPS_VERSION/cargo-udeps-$UDEPS_VERSION-x86_64-unknown-linux-gnu.tar.gz" | - # tar xz -C $HOME/.cargo/bin --strip-components 2 + - name: Install cargo-udeps + env: + UDEPS_LINK: https://github.com/est31/cargo-udeps/releases/download + UDEPS_VERSION: v0.1.43 + run: | + curl -L "$UDEPS_LINK/$UDEPS_VERSION/cargo-udeps-$UDEPS_VERSION-x86_64-unknown-linux-gnu.tar.gz" | + tar xz -C $HOME/.cargo/bin --strip-components 2 - # - name: Run cargo-udeps - # run: | - # cargo +nightly udeps --all-targets + - name: Run cargo-udeps + run: | + cargo +nightly udeps --all-targets diff --git a/audit.toml b/audit.toml new file mode 100644 index 000000000..e62605692 --- /dev/null +++ b/audit.toml @@ -0,0 +1,27 @@ +# Audit config file +# +# It may be located in the user home (`~/.cargo/audit.toml`) or in the project +# root (`.cargo/audit.toml`). +# +# All of the options which can be passed via CLI arguments can also be +# permanently specified in this file. + +[advisories] +ignore = [] # advisory IDs to ignore e.g. ["RUSTSEC-2019-0001", ...] +informational_warnings = ["unmaintained"] # warn for categories of informational advisories +severity_threshold = "low" # CVSS severity ("none", "low", "medium", "high", "critical") + +# Advisory Database Configuration +[database] +path = "~/.cargo/advisory-db" # Path where advisory git repo will be cloned + +# Output Configuration +[output] +deny = ["unmaintained"] # exit on error if unmaintained dependencies are found +format = "terminal" # "terminal" (human readable report) or "json" +quiet = false # Only print information on error +show_tree = true # Show inverse dependency trees along with advisories (default: true) + +[yanked] +enabled = true # Warn for yanked crates in Cargo.lock (default: true) +update_index = true # Auto-update the crates.io index (default: true) diff --git a/examples/mnist-inference-web/Cargo.toml b/examples/mnist-inference-web/Cargo.toml index b86e5f2a0..00b06e6ba 100644 --- a/examples/mnist-inference-web/Cargo.toml +++ b/examples/mnist-inference-web/Cargo.toml @@ -19,7 +19,6 @@ wgpu = ["burn/wgpu"] burn = { path = "../../burn", default-features = false } serde = { workspace = true } wasm-bindgen = { version = "0.2.88" } -wasm-bindgen-futures = "0.4" js-sys = "0.3.65" [dev-dependencies]