mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tvl-depot/users/sterni
History
sterni 3a2fd6e275 feat(nixpkgs-crate-holes): report vulnerable crates in cargoDeps 
nixpkgs-crate-holes can build a markdown report detailing all vulnerable
crates pinned in cargoDeps vendors in nixpkgs according to RustSec's
advisory db. This report is intended to be pasted into a GitHub issue.

The report is produced by a derivation and can be obtained like this:

    nix-build -A users.sterni.nixpkgs-crate-holes.full \
      --argstr nixpkgsPath /path/to/nixpkgs

Example output: https://gist.github.com/sternenseemann/27509eece93d6eff35cd4b8ce75423b5

Additionally, you can obtain a more verbose report for a single
attribute of nixpkgs, in HTML format since we just reuse the command
line output of cargo-audit and convert it to HTML using ansi2html:

    nix-build -A users.sterni.nixpkgs-crate-holes.single \
      --argstr nixpkgsPath /path/to/nixpkgs --argstr attr ripgrep

Change-Id: Ic1c029ab67770fc41ba521b2acb798628357f9b2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3715
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-10-12 14:15:28 +00:00
..
clhs-lookup feat(nix/buildLisp): add ecl 2021-08-24 22:00:15 +00:00
dot-time-man-pages feat(sterni/dot-time-man-pages): mdoc port of dotti.me 2021-04-02 09:14:28 +00:00
emacs feat(users/sterni/emacs): enable jq-mode 2021-10-11 13:25:56 +00:00
htmlman feat(users/sterni/htmlman): hyperlink .Xr macro in output 2021-03-11 14:31:19 +00:00
mblog feat(sterni/mblog): convert apple note mime msgs to html 2021-09-12 21:39:49 +00:00
nix feat(users/sterni/nix/string): very simple printf implementation 2021-09-12 09:25:30 +00:00
nixpkgs-crate-holes feat(nixpkgs-crate-holes): report vulnerable crates in cargoDeps 2021-10-12 14:15:28 +00:00
keys.nix feat(ops/nixos/whitby): add sterni user 2021-01-13 22:05:33 +00:00
OWNERS chore(sterni): init user folder 2021-01-11 11:43:33 +00:00