tvl-depot

mdebray/tvl-depot

Fork 0

Commit graph

Author	SHA1	Message	Date
Profpatsch	952afb7da9	feat(tools): add rust-crates-advisory We have a bunch of crates in `third_party/rust-crates`; it would be great if we could check them for existing CVEs. This tool does that, it takes the rust security advisory database, parses the applicable CVEs, and cross-checks them against the actual crate versions we list in our package database. The dumb parser we wrote is tested against all entries in the database, so we will notice when upstream breaks their shit. Checking the semver stuff is easy enough with the semver crate. If an advisory matches, it prints the whole thing and fails the build. Change-Id: I9e912c43d37a685d9d7a4424defc467a171ea3c4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2818 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: sterni <sternenseemann@systemli.org>	2021-05-17 23:00:57 +00:00
Profpatsch	35aa79d14b	feat(users/Profpatsch/blog): add rust-string-conversions note Change-Id: I7bee585935e65660f6b25b88ed33f09775eb01a0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3088 Tested-by: BuildkiteCI Reviewed-by: Profpatsch <mail@profpatsch.de>	2021-05-03 22:22:33 +00:00
Profpatsch	713f066297	feat(users/Profpatsch/blog): implement blog engine lol My horrible blog engine v0.0.0.0.1. Don’t judge. Change-Id: I427b4e84d67aa49793cb7625e4d8ca2824f00943 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2456 Tested-by: BuildkiteCI Reviewed-by: Profpatsch <mail@profpatsch.de>	2021-04-30 21:47:42 +00:00

Author

SHA1

Message

Date

Profpatsch

952afb7da9

feat(tools): add rust-crates-advisory

We have a bunch of crates in `third_party/rust-crates`; it would be
great if we could check them for existing CVEs.

This tool does that, it takes the rust security advisory database,
parses the applicable CVEs, and cross-checks them against the actual
crate versions we list in our package database.

The dumb parser we wrote is tested against all entries in the
database, so we will notice when upstream breaks their shit.
Checking the semver stuff is easy enough with the semver crate.

If an advisory matches, it prints the whole thing and fails the build.

Change-Id: I9e912c43d37a685d9d7a4424defc467a171ea3c4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2818
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>

2021-05-17 23:00:57 +00:00

Profpatsch

35aa79d14b

feat(users/Profpatsch/blog): add rust-string-conversions note

Change-Id: I7bee585935e65660f6b25b88ed33f09775eb01a0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3088
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>

2021-05-03 22:22:33 +00:00

Profpatsch

713f066297

feat(users/Profpatsch/blog): implement blog engine lol

My horrible blog engine v0.0.0.0.1. Don’t judge.

Change-Id: I427b4e84d67aa49793cb7625e4d8ca2824f00943
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2456
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>

2021-04-30 21:47:42 +00:00

3 commits