Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Filter to ignore specific advisory IDs #212

Closed
jpgoldberg opened this issue Dec 31, 2019 · 3 comments
Closed

Filter to ignore specific advisory IDs #212

jpgoldberg opened this issue Dec 31, 2019 · 3 comments

Comments

@jpgoldberg
Copy link

We would like to use cargo audit --deny-warnings as part of our continuous integration, but there are occasionally advisories which we would like to( temporarily) give a pass on. (In the current case, that is RUSTSEC-2019-0031).

Having a mechanism by which we could filter out, say, RUSTSEC-2019-0031 so that cargo audit would return a success would be extremely helpful.

See rust-lang-nursery/lazy-static.rs#163 for more on the case that is motiving this feature request.
@jpgoldberg
Copy link
Author

Oops. The feature I requested already exists through --ignore.

Note that that flag does not appear when running cargo audit --help. So there still is a documentation problem, but that should be a separate issue.

@tarcieri
Copy link
Member

You're not seeing it in the help? I see it on my side:

Screen Shot 2019-12-30 at 8 10 41 PM

Note that it can also be configured in ~/.cargo/audit.toml. Here's an example:

https://github.com/RustSec/cargo-audit/blob/master/audit.toml.example#L6

@jpgoldberg
Copy link
Author

It seems I was running an old version of cargo-audit on my laptop.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tarcieri @jpgoldberg