14282370e9
This makes it much easier to update the db manually and also lays the foundation for future automation bumping the advisory db. Change-Id: I1244020c8bb1af43bf4e207c55f6420eb3f57bcf Reviewed-on: https://cl.tvl.fyi/c/depot/+/3713 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: Profpatsch <mail@profpatsch.de>
24 lines
518 B
Nix
24 lines
518 B
Nix
# RustSec's advisory db for crates
|
|
#
|
|
# Update using:
|
|
#
|
|
# nix-prefetch-git --quiet --url https://github.com/RustSec/advisory-db.git > third_party/rustsec-advisory-db/pin.json
|
|
#
|
|
# TODO(Profpatsch): automatically update in regular intervals
|
|
{ pkgs, ... }:
|
|
|
|
let
|
|
pin = builtins.fromJSON (builtins.readFile ./pin.json);
|
|
|
|
date = builtins.head (builtins.split "T" pin.date);
|
|
in
|
|
|
|
pkgs.fetchFromGitHub {
|
|
name = "advisory-db-${date}";
|
|
owner = "RustSec";
|
|
repo = "advisory-db";
|
|
inherit (pin)
|
|
rev
|
|
sha256
|
|
;
|
|
}
|