chore(3p/rustsec-advisory-db): track using niv
This will make sure that the db is updated regularly (on every channel bump). This is fine, because an advisory no longer implies a build failure. Change-Id: I1dc0b335e0881b5c58015da63c3c47f1ab1e645f Reviewed-on: https://cl.tvl.fyi/c/depot/+/4554 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
This commit is contained in:
parent
6c4e447587
commit
e855d140bd
3 changed files with 20 additions and 27 deletions
24
third_party/rustsec-advisory-db/default.nix
vendored
24
third_party/rustsec-advisory-db/default.nix
vendored
|
@ -1,27 +1,19 @@
|
|||
# RustSec's advisory db for crates
|
||||
#
|
||||
# Update using:
|
||||
#
|
||||
# nix-prefetch-git --quiet --url https://github.com/RustSec/advisory-db.git > third_party/rustsec-advisory-db/pin.json
|
||||
#
|
||||
# TODO(Profpatsch): automatically update in regular intervals
|
||||
{ pkgs, ... }:
|
||||
{ pkgs, depot, ... }:
|
||||
|
||||
let
|
||||
pin = builtins.fromJSON (builtins.readFile ./pin.json);
|
||||
|
||||
date = builtins.head (builtins.split "T" pin.date);
|
||||
inherit (depot.third_party.sources) rustsec-advisory-db;
|
||||
in
|
||||
|
||||
pkgs.fetchFromGitHub {
|
||||
name = "advisory-db-${date}";
|
||||
owner = "RustSec";
|
||||
repo = "advisory-db";
|
||||
inherit (pin)
|
||||
rev
|
||||
inherit (rustsec-advisory-db)
|
||||
owner
|
||||
repo
|
||||
sha256
|
||||
rev
|
||||
;
|
||||
|
||||
passthru = {
|
||||
inherit (pin) rev;
|
||||
inherit (rustsec-advisory-db) rev;
|
||||
};
|
||||
}
|
||||
|
|
11
third_party/rustsec-advisory-db/pin.json
vendored
11
third_party/rustsec-advisory-db/pin.json
vendored
|
@ -1,11 +0,0 @@
|
|||
{
|
||||
"url": "https://github.com/RustSec/advisory-db.git",
|
||||
"rev": "d29205a680bb8b3a22eaba6e9b2a5a6580274af0",
|
||||
"date": "2021-10-08T18:17:22+02:00",
|
||||
"path": "/nix/store/nm8nwgdyrs6mi9dydf6vylc833i3alnn-advisory-db",
|
||||
"sha256": "0h08kfn2878k5l0qdsxikakrjbqbn6fb8f95zxpqfh5hqzn7mb6b",
|
||||
"fetchLFS": false,
|
||||
"fetchSubmodules": false,
|
||||
"deepClone": false,
|
||||
"leaveDotGit": false
|
||||
}
|
12
third_party/sources/sources.json
vendored
12
third_party/sources/sources.json
vendored
|
@ -34,5 +34,17 @@
|
|||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/7adc9c14ec74b27358a8df9b973087e351425a79.tar.gz",
|
||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||
},
|
||||
"rustsec-advisory-db": {
|
||||
"branch": "main",
|
||||
"description": "Security advisory database for Rust crates published through crates.io",
|
||||
"homepage": "https://rustsec.org",
|
||||
"owner": "RustSec",
|
||||
"repo": "advisory-db",
|
||||
"rev": "c9a98f3b3681699f59d84b4f10f14eb07ea6783b",
|
||||
"sha256": "1lb6im1j2nkjp4nza8lj0wyqv6f1wjab21w8lh702pdwd1nfn3zh",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/RustSec/advisory-db/archive/c9a98f3b3681699f59d84b4f10f14eb07ea6783b.tar.gz",
|
||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue