about summary refs log tree commit diff
path: root/tools
diff options
context:
space:
mode:
Diffstat (limited to 'tools')
-rw-r--r--tools/rust-crates-advisory/default.nix3
-rw-r--r--tools/rust-crates-advisory/format-audit-result.jq4
2 files changed, 6 insertions, 1 deletions
diff --git a/tools/rust-crates-advisory/default.nix b/tools/rust-crates-advisory/default.nix
index ac190173627d..8382ec25435b 100644
--- a/tools/rust-crates-advisory/default.nix
+++ b/tools/rust-crates-advisory/default.nix
@@ -175,6 +175,9 @@ let
       "--arg"
       "maintainers"
       ""
+      "--argjson"
+      "checklist"
+      "false"
       "-f"
       ./format-audit-result.jq
     ]
diff --git a/tools/rust-crates-advisory/format-audit-result.jq b/tools/rust-crates-advisory/format-audit-result.jq
index 6f230df3f9b0..7c9e3cbac71b 100644
--- a/tools/rust-crates-advisory/format-audit-result.jq
+++ b/tools/rust-crates-advisory/format-audit-result.jq
@@ -9,6 +9,8 @@
 #   for the current lock file.
 # - attr: An attribute name (or otherwise unique identifier) to associate the
 #   report for the current lock file with.
+# - checklist: If true, the markdown report will use GHFM checklists for the
+#   report, allowing to tick of attributes as taken care of.
 
 # Link to human-readable advisory info for a given vulnerability
 def link:
@@ -62,7 +64,7 @@ def format_vulnerability:
 if .vulnerabilities.found | not then
   ""
 else
-  ([ "- [ ] "
+  ([ "-", if $checklist then " [ ] " else " " end
    , "`", $attr, "`: "
    , (.vulnerabilities.count | tostring)
    , " vulnerabilities in Cargo.lock"