diff options
| author | sterni <sternenseemann@systemli.org> | 2021-12-24T11·24+0100 |
|---|---|---|
| committer | sterni <sternenseemann@systemli.org> | 2022-02-13T18·42+0000 |
| commit | e855d140bd2d613d864bab4f3138cf931eb4f79f (patch) | |
| tree | d61f7ff42b4f64e1ec2a0a5df262e5d5f9d356d8 | |
| parent | 6c4e447587fa07b61a83734fba35e56218e4a8bb (diff) | |
chore(3p/rustsec-advisory-db): track using niv r/3819
This will make sure that the db is updated regularly (on every channel bump). This is fine, because an advisory no longer implies a build failure. Change-Id: I1dc0b335e0881b5c58015da63c3c47f1ab1e645f Reviewed-on: https://cl.tvl.fyi/c/depot/+/4554 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
| -rw-r--r-- | third_party/rustsec-advisory-db/default.nix | 24 | ||||
| -rw-r--r-- | third_party/rustsec-advisory-db/pin.json | 11 | ||||
| -rw-r--r-- | third_party/sources/sources.json | 12 |
3 files changed, 20 insertions, 27 deletions
diff --git a/third_party/rustsec-advisory-db/default.nix b/third_party/rustsec-advisory-db/default.nix index 1441ff07a7..e0ea2b080a 100644 --- a/third_party/rustsec-advisory-db/default.nix +++ b/third_party/rustsec-advisory-db/default.nix @@ -1,27 +1,19 @@ # RustSec's advisory db for crates -# -# Update using: -# -# nix-prefetch-git --quiet --url https://github.com/RustSec/advisory-db.git > third_party/rustsec-advisory-db/pin.json -# -# TODO(Profpatsch): automatically update in regular intervals -{ pkgs, ... }: +{ pkgs, depot, ... }: let - pin = builtins.fromJSON (builtins.readFile ./pin.json); - - date = builtins.head (builtins.split "T" pin.date); + inherit (depot.third_party.sources) rustsec-advisory-db; in pkgs.fetchFromGitHub { - name = "advisory-db-${date}"; - owner = "RustSec"; - repo = "advisory-db"; - inherit (pin) - rev + inherit (rustsec-advisory-db) + owner + repo sha256 + rev ; + passthru = { - inherit (pin) rev; + inherit (rustsec-advisory-db) rev; }; } diff --git a/third_party/rustsec-advisory-db/pin.json b/third_party/rustsec-advisory-db/pin.json deleted file mode 100644 index 1155625cff..0000000000 --- a/third_party/rustsec-advisory-db/pin.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "url": "https://github.com/RustSec/advisory-db.git", - "rev": "d29205a680bb8b3a22eaba6e9b2a5a6580274af0", - "date": "2021-10-08T18:17:22+02:00", - "path": "/nix/store/nm8nwgdyrs6mi9dydf6vylc833i3alnn-advisory-db", - "sha256": "0h08kfn2878k5l0qdsxikakrjbqbn6fb8f95zxpqfh5hqzn7mb6b", - "fetchLFS": false, - "fetchSubmodules": false, - "deepClone": false, - "leaveDotGit": false -} diff --git a/third_party/sources/sources.json b/third_party/sources/sources.json index 6a95c9dbd7..c7c754712c 100644 --- a/third_party/sources/sources.json +++ b/third_party/sources/sources.json @@ -34,5 +34,17 @@ "type": "tarball", "url": "https://github.com/NixOS/nixpkgs/archive/7adc9c14ec74b27358a8df9b973087e351425a79.tar.gz", "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" + }, + "rustsec-advisory-db": { + "branch": "main", + "description": "Security advisory database for Rust crates published through crates.io", + "homepage": "https://rustsec.org", + "owner": "RustSec", + "repo": "advisory-db", + "rev": "c9a98f3b3681699f59d84b4f10f14eb07ea6783b", + "sha256": "1lb6im1j2nkjp4nza8lj0wyqv6f1wjab21w8lh702pdwd1nfn3zh", + "type": "tarball", + "url": "https://github.com/RustSec/advisory-db/archive/c9a98f3b3681699f59d84b4f10f14eb07ea6783b.tar.gz", + "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" } } |