feliix42/deps.rs
1
0
Fork 0
mirror of https://github.com/deps-rs/deps.rs.git synced 2024-11-22 18:36:30 +00:00
Code Issues Projects Releases Packages Wiki Activity
183 commits 6 branches 0 tags 2.6 MiB
Commit graph

183 commits

This branch
This branch
All branches
Author SHA1 Message Date
Felix Wittwer
02a9a4a35d
Bump project to Rust 2021 (#123) 2021-10-22 19:36:39 +01:00
Eduardo Pinho
309f13ec84
Extend dependency status box to report more issues (#121) 
* Extend dependency status box to report more issues

- replace render_dev_dependency_box
  with an extended render_dependency_box
   - reports insecure dev dependencies,
     outdated main dependencies,
     and outdated dev dependencies
   - handle pluralization in dependency count message
- change methods in AnalyzeDependenciesOutcome
   - add count_outdated
   - remove any_dev_issues
- remove AnalyzedDependencies::any_dev_issues

* Format status.rs

* Simplify AnalyzeDependenciesOutcome method impls

- match ergonomics lint

* Use bullet point list

* Tweak dependency box again

- only use list items if there is more than one dependency kind

* Fix outdated dependency count

- `count_outdated` already counts only main dependencies

* Tweak dependency box to no longer assume non-zero issues

- check for when all dependency component counts are zero,
  render nothing
- always call `render_dependency_box` if it finds no security issues

Co-authored-by: Cecile Tonglet <cecile.tonglet@cecton.com>
 2021-10-18 15:55:53 +01:00
Eduardo Pinho
6cd7256ee8
Only query advisory database on latest matching version (#98) 
* Add methods to check always insecure dependencies

Unlike checks for `_insecure`,
   `always_insecure_ only accounts for
   vulnerabilities not patched in the latest version in the range

* Update status renders to show "maybe insecure"

- show always insecure dependencies as insecure,
  and remaining ones as "possibly insecure"
- show warning sign on all dependencies with possible vulnerability
- tweak security banner in case
  all insecure dependencies are "possibly insecure"

* Update badge renderer to show "maybe insecure"

- only show the red "inscure"
  if >=1 dependency is always insecure
- show "possibly insecure" if all are up to date but might be vulnerable

* Update status renderer

- more complete counts per project

* Format code

* Extend banner to explain what "maybe insecure" means
 2021-09-05 09:51:10 +02:00
Tassilo Horn
50d81a7a79
Mention SourceHut support in README.md (#120) 
This is an addendum to the now-merged PR #117 which actually implemented the
support.
 2021-09-02 10:35:56 +01:00
Tassilo Horn
c99b0df891
Add support for projects hosted on sourcehut (sr.ht) (#117) 2021-08-31 20:38:38 +01:00
Eduardo Pinho
5b3fa9b0b2
Update dependencies crates-index and rustsec (#118) 2021-08-22 22:13:01 +01:00
Eduardo Pinho
b9445f4764
Clippy fix (#119) 2021-08-22 09:50:38 +02:00
Paolo Barbolini
40a90c3869
Bump semver (#113) 2021-06-15 13:58:26 +01:00
Paolo Barbolini
a1ca0680c8
Update dependencies (#111) 2021-05-27 16:02:02 +02:00
Sosthene-Guedon
1e1ac2ad0a
Filter yanked advisories (#108) (#109) 2021-05-10 06:15:04 +01:00
Paolo Barbolini
468a86c92e
clippy: fix clippy::from_over_into warning (#107) 2021-03-26 10:17:39 +01:00
Felix Wittwer
a6b43e4e6d
feat: add 404 page (#104) 
* feat: add 404 page

* feat: cache 404 results for 5 minutes
 2021-02-23 16:22:00 +01:00
Paolo Barbolini
3f74371333
Upgrade bulma to 0.9.2 and reduce imported styles (#102) 
* Upgrade bulma to 0.7.5

* Upgrade bulma to 0.8.2

* Upgrade bulma to 0.9.2

* Reduce features

* Remove ';' from sass
 2021-02-15 08:50:28 +01:00
Paolo Barbolini
c0de9d15b6
Update cargo dependencies (#103) 2021-02-14 16:40:37 +01:00
Paolo Barbolini
c5443aaa92
Use font-awesome-as-a-crate instead of importing the entire Font Awesome library (#101) 2021-02-10 16:45:14 +01:00
Paolo Barbolini
b0243d5dac
Setup cache busting for style.css (#100) 2021-02-10 12:49:35 +01:00
Rob Ede
461dfe2fbd
trim path trailing slashes before route match (#99) 2021-02-02 10:25:29 +00:00
Felix Wittwer
7ebffe019f
Display rustsec information on page (#96) 
* chore: Bump rustsec version

* feat: display RustSec CVEs at the bottom

This closes #75.

* fix: Reduce complexity and remove duplicate advisories
 2021-02-01 19:46:26 +01:00
Paolo Barbolini
3e77c30ada
Update to tokio 1.0 (#91) 2021-01-06 12:24:06 +01:00
Rob Ede
1fc1f24480
bump all dependencies except tokio (#87) 
* bump all dependencies except tokio

* bump lib deps
 2020-12-26 15:30:17 +01:00
Rob Ede
139741362e
links direct to other deps.rs pages (#86) 
and a crates link is provided on the icon to the left
 2020-12-13 13:28:22 +00:00
Paolo Barbolini
3427054f9b
Fix dev dependencies being counted as main dependencies (#88) 2020-12-13 09:50:14 +01:00
Arnaud Rebts
7719c9c3b6 Deploy to production instead of stg 2020-12-12 14:27:33 +01:00
Paolo Barbolini
ba2c55d4a2
Update popular repositories blocklist (#85) 
* Updates the xi-editor repository url
* Adds https://github.com/996icu/996.ICU
* Updates rustlings repository url

These repositories shouldn't belong to the homepage, since they aren't really
crates and deps.rs fails to analyze them.

This gives space to:

* https://github.com/starship/starship
* https://github.com/SergioBenitez/Rocket
 2020-12-06 20:42:44 +00:00
MGlolenstine
4b227a7836
Updated README.md (#81) 
Changed the url, as `https://deps.rs/crates/<name>` resolves to 404.
 2020-11-26 15:28:55 +01:00
Arnaud Rebts
fc89990771
CD: deploy to kubernetes (#79) 
* Adds kubernetes manfiests, and deploy push

* Add production overlay

* Add a volume for crates.io-index
 2020-11-15 16:36:21 +01:00
Paolo Barbolini
84a7d5154b
Clone crates.io-index instead of querying it through GitHub's API (#69) 
* Clone crates.io-index instead of querying it through GitHub's API

* Implement refreshing the crates.io-index

* Run the initial index clone before starting the server

* Log cloning the crates.io-index

* Disambiguate name of ManagedIndex initial clone fn

* Log errors with cloning or refreshing the index
 2020-11-14 18:29:49 +01:00
Arnaud Rebts
b18c621779 Don't run as root 2020-11-14 16:33:01 +01:00
Arnaud Rebts
ec2740bbab Install ca-certificates for HTTPS requests 2020-11-14 16:32:25 +01:00
Paolo Barbolini
33afafc879
Upgrade to maud 0.22.1 and switch to stable Rust (#74) 2020-11-04 14:42:42 +01:00
Henil
0764c00422
Show number of outdated dependencies even if insecure crates are present (#73) 
* Update to show number of outdated dependencies even if insecure crates are present

* add match statement to simplify if-else statment
 2020-10-26 18:40:45 +01:00
Felix Wittwer
0a22c413b3
Remove dev-dependencies from badge (#70) 
* Remove dev-dependencies from badge
* Document behavior of functions on AnalyzedDependencies
 2020-10-26 15:49:40 +01:00
Felix Wittwer
a717c9afcc
Update the project readme (#72) 2020-10-25 03:38:49 +00:00
Cecile Tonglet
f184566d1a
Setup CD: Docker image and action to push to GH container registry (#61) 2020-10-23 19:13:25 +02:00
Paolo Barbolini
8b58821beb
Remove Mutex around Cache and move away from deprecated lru-cache (#65) 2020-10-05 12:47:24 +01:00
Cecile Tonglet
dcd2e7a421
New logo (#64) 2020-10-04 21:28:01 +02:00
Rob Ede
aa0f4777e2
improve logging (#62) 2020-10-04 16:03:52 +01:00
Jamie Brynes
fd3fbbc2f6
Initial GitHub Actions CI configuration (#49) 2020-10-04 16:12:56 +02:00
Paolo Barbolini
12bb5c609d
Downgrade semver crate to 0.10 (#60) 
Co-authored-by: Rob Ede <robjtede@icloud.com>
 2020-10-03 13:43:48 +01:00
Rob Ede
1b66eddb06
reqwest client + caching (#58) 2020-10-03 13:08:16 +01:00
Paolo Barbolini
b3fcdabeba
Add support for 2018 edition crate renaming (#59) 2020-10-02 23:09:32 +01:00
Rob Ede
66fd685062
fix clippy lints (#56) 2020-10-02 08:37:27 +02:00
Paolo Barbolini
871e9acd74
Fix url generation to git hosted Cargo.toml file (#57) 2020-10-01 21:49:11 +01:00
Rob Ede
0fa8e46425
Merge pull request #53 from deps-rs/fut03 2020-10-01 15:40:56 +01:00
Rob Ede
45f114b3f6
remove unecessary into_iter/collect 
Co-authored-by: Eduardo Pinho <enet4mikeenet@gmail.com>
 2020-10-01 15:30:19 +01:00
Rob Ede
4642560868
remove debugging print 2020-10-01 11:24:51 +01:00
Rob Ede
b7b25b7cb7
update hyper and futures ecosystem 2020-09-30 23:08:40 +01:00
Eduardo Pinho
d54d4f6a2c
Merge pull request #52 from Enet4/bug/user-agent-everywhere 
Add User-Agent to all requests
 2020-09-30 08:45:31 +01:00
Paolo Barbolini
d8f9a38296
Merge pull request #51 from paolobarbolini/hyper012 
Upgrade to hyper 0.12
 2020-09-30 01:41:17 +02:00
Eduardo Pinho
7d4c8dd74d Add User-Agent to all requests from the server 
- Required by crates.io, which will otherwise forbid the request
- Do the same thing for all other HTTP requests,
  for consistency and transparency
 2020-09-29 23:43:03 +01:00