gnosis/lighthouse
1
0
Fork 0
mirror of https://github.com/sigp/lighthouse.git synced 2026-04-16 20:39:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add cargo deny on CI (#8580)

Browse Source 
Closes:

- https://github.com/sigp/lighthouse/issues/8408


  Add `cargo deny` on CI with deprecated crates (`ethers` and `ethereum-types`) banned and duplicates banned for `reqwest`.


Co-Authored-By: Michael Sproul <michael@sigmaprime.io>
This commit is contained in:
Michael Sproul
2025-12-16 20:02:34 +11:00
committed by GitHub
parent 4c268bc0d5
commit 4e35e9d587
3 changed files with 35 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/test-suite.yml vendored
View File

@@ -324,7 +324,7 @@ jobs:
channel: stable channel: stable
cache-target: release cache-target: release
components: rustfmt,clippy components: rustfmt,clippy
bins: cargo-audit bins: cargo-audit,cargo-deny
- name: Check formatting with cargo fmt - name: Check formatting with cargo fmt
run: make cargo-fmt run: make cargo-fmt
- name: Lint code for quality and style with Clippy - name: Lint code for quality and style with Clippy
@@ -337,6 +337,8 @@ jobs:
run: make arbitrary-fuzz run: make arbitrary-fuzz
- name: Run cargo audit - name: Run cargo audit
run: make audit-CI run: make audit-CI
- name: Run cargo deny
run: make deny-CI
- name: Run cargo vendor to make sure dependencies can be vendored for packaging, reproducibility and archival purpose - name: Run cargo vendor to make sure dependencies can be vendored for packaging, reproducibility and archival purpose
run: CARGO_HOME=$(readlink -f $HOME) make vendor run: CARGO_HOME=$(readlink -f $HOME) make vendor
- name: Markdown-linter - name: Markdown-linter

9
Makefile
View File

@@ -326,6 +326,15 @@ install-audit:
audit-CI: audit-CI:
cargo audit cargo audit
# Runs cargo deny (check for banned crates, duplicate versions, and source restrictions)
deny: install-deny deny-CI
install-deny:
cargo install --force cargo-deny --version 0.18.2
deny-CI:
cargo deny check bans sources --hide-inclusion-graph
# Runs `cargo vendor` to make sure dependencies can be vendored for packaging, reproducibility and archival purpose. # Runs `cargo vendor` to make sure dependencies can be vendored for packaging, reproducibility and archival purpose.
vendor: vendor:
cargo vendor cargo vendor

23
deny.toml Normal file
View File

@@ -0,0 +1,23 @@
# cargo-deny configuration for Lighthouse
# See https://embarkstudios.github.io/cargo-deny/
[bans]
# Warn when multiple versions of the same crate are detected
multiple-versions = "warn"
deny = [
# Legacy Ethereum crates that have been replaced with alloy
{ crate = "ethers", reason = "use alloy instead" },
{ crate = "ethereum-types", reason = "use alloy-primitives instead" },
# Replaced by quick-protobuf
{ crate = "protobuf", reason = "use quick-protobuf instead" },
# Prevent duplicate versions of reqwest - heavy crate with build scripts
{ crate = "reqwest", deny-multiple-versions = true, reason = "prevent duplicate versions" },
]
[sources]
unknown-registry = "deny"
unknown-git = "warn"
allow-registry = ["https://github.com/rust-lang/crates.io-index"]
[sources.allow-org]
github = ["sigp"]