Project

General

Profile

Actions

Bug #20533

closed

Architecture #20473: Update relayd dependencies

Fix relayd dependency checks after update

Added by Alexis Mousset almost 3 years ago. Updated over 2 years ago.

Status:
Released
Priority:
N/A
Category:
Relay server or API
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
Checked
Regression:

Description

[2022-01-06T16:45:48.504Z] + cargo deny check

[2022-01-06T16:46:06.638Z] error[L003]: encoding_rs = 0.8.30 is unlicensed

[2022-01-06T16:46:06.638Z]   ┌─ encoding_rs 0.8.30 (registry+https://github.com/rust-lang/crates.io-index):2:9

[2022-01-06T16:46:06.638Z]   │

[2022-01-06T16:46:06.638Z] 2 │ name = "encoding_rs" 

[2022-01-06T16:46:06.638Z]   │         ^^^^^^^^^^^ a valid license expression could not be retrieved for the crate

[2022-01-06T16:46:06.638Z] 3 │ version = "0.8.30" 

[2022-01-06T16:46:06.638Z] 4 │ license = "" 

[2022-01-06T16:46:06.638Z]   │            - license expression was not specified

[2022-01-06T16:46:06.638Z] 5 │ license-files = [

[2022-01-06T16:46:06.638Z] 6 │     { path = "COPYRIGHT", hash = 0x39f8ad31, score = 0.14 },

[2022-01-06T16:46:06.638Z]   │                                                      ---- low confidence in the license text

[2022-01-06T16:46:06.638Z]   │

[2022-01-06T16:46:06.638Z]   = encoding_rs v0.8.30

[2022-01-06T16:46:06.638Z]     └── reqwest v0.11.8

[2022-01-06T16:46:06.638Z]         └── rudder-relayd v0.0.0-dev

[2022-01-06T16:46:06.638Z] 

[2022-01-06T16:46:06.638Z] warning[A003]: serde_cbor is unmaintained

[2022-01-06T16:46:06.638Z]     ┌─ /srv/jenkins/workspace/rudder-check-dependencies_master/relay/sources/relayd/Cargo.lock:161:1

[2022-01-06T16:46:06.638Z]     │

[2022-01-06T16:46:06.638Z] 161 │ serde_cbor 0.11.2 registry+https://github.com/rust-lang/crates.io-index

[2022-01-06T16:46:06.638Z]     │ ----------------------------------------------------------------------- unmaintained advisory detected

[2022-01-06T16:46:06.638Z]     │

[2022-01-06T16:46:06.638Z]     = ID: RUSTSEC-2021-0127

[2022-01-06T16:46:06.638Z]     = Advisory: https://rustsec.org/advisories/RUSTSEC-2021-0127

[2022-01-06T16:46:06.638Z]     = The `serde_cbor` crate is unmaintained. The author has archived the github repository.

[2022-01-06T16:46:06.638Z]       

[2022-01-06T16:46:06.638Z]       Alternatives proposed by the author:

[2022-01-06T16:46:06.638Z]       

[2022-01-06T16:46:06.638Z]        * [`ciborium`](https://crates.io/crates/ciborium)

[2022-01-06T16:46:06.638Z]        * [`minicbor`](https://crates.io/crates/minicbor)

[2022-01-06T16:46:06.638Z]     = Announcement: https://github.com/pyfisch/cbor

[2022-01-06T16:46:06.638Z]     = Solution: No safe upgrade is available!

[2022-01-06T16:46:06.638Z]     = serde_cbor v0.11.2

[2022-01-06T16:46:06.638Z]       └── criterion v0.3.5

[2022-01-06T16:46:06.638Z]           └── (dev) rudder-relayd v0.0.0-dev

[2022-01-06T16:46:06.638Z] 

[2022-01-06T16:46:06.638Z] warning[A007]: advisory was not encountered

[2022-01-06T16:46:06.638Z]    ┌─ /srv/jenkins/workspace/rudder-check-dependencies_master/relay/sources/relayd/deny.toml:27:5

[2022-01-06T16:46:06.638Z]    │

[2022-01-06T16:46:06.638Z] 27 │     "RUSTSEC-2021-0124",

[2022-01-06T16:46:06.638Z]    │     ^^^^^^^^^^^^^^^^^^^ no crate matched advisory criteria

[2022-01-06T16:46:06.638Z] 

[2022-01-06T16:46:06.638Z] advisories ok, bans ok, licenses FAILED, sources ok

script returned exit code 1
Actions

Also available in: Atom PDF