depot - monorepo for the virus lounge

Age	Commit message (Collapse)	Author	Files	Lines
2021-11-23	r/3088 refactor(readTree): Move 'drvTargets' into readTree	Vincent Ambo	1	-1/+1
	This function is also generally useful for readTree consumers that have the concept of subtargets. Change-Id: Ic7fc03380dec6953fb288763a28e50ab3624d233
2021-10-12	r/2967 refactor(tools/rust-crates-advisory): move advisory-db to 3p	sterni	1	-7/+1
	Change-Id: Iaaed35de078292c0c99a7c83de9ca5fdf27b8135 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3711 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-09-15	r/2868 refactor(rust-crates-advisory): check type instead of blacklisting	sterni	1	-3/+2
	`our-crates` can just check if the attributes in question are derivation (i. e. have an `outPath`) instead of blacklisting the `__readTree` attribute specifically. Change-Id: I472692e89c0e9eff551372c72a73ab765b0b6599
2021-05-17	r/2595 feat(tools): add rust-crates-advisory	Profpatsch	3	-0/+167
	We have a bunch of crates in `third_party/rust-crates`; it would be great if we could check them for existing CVEs. This tool does that, it takes the rust security advisory database, parses the applicable CVEs, and cross-checks them against the actual crate versions we list in our package database. The dumb parser we wrote is tested against all entries in the database, so we will notice when upstream breaks their shit. Checking the semver stuff is easy enough with the semver crate. If an advisory matches, it prints the whole thing and fails the build. Change-Id: I9e912c43d37a685d9d7a4424defc467a171ea3c4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2818 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: sterni <sternenseemann@systemli.org>