Skip to content

fix: update cargo-deny config for new advisories and licenses#1006

Merged
AlexD10S merged 1 commit intor0gue-io:mainfrom
AlexD10S:fix/cargo-deny
Feb 24, 2026
Merged

fix: update cargo-deny config for new advisories and licenses#1006
AlexD10S merged 1 commit intor0gue-io:mainfrom
AlexD10S:fix/cargo-deny

Conversation

@AlexD10S
Copy link
Member

@AlexD10S AlexD10S commented Feb 24, 2026
edited
Loading

Summary

  • Fix cargo deny check advisories and cargo deny check licenses that were currently failing
  • Also bumps git2 and git2_credentials to resolve the RUSTSEC-2024-0344 advisory.
  • Updates dependency configuration to ensure all current advisories and license checks pass successfully.

Discussion
In the ignored vulnerabilities section, replace references to individual GitHub issues with a generic explanatory message. This will allow us to close the remaining open vulnerability tracking issues: https://github.com/r0gue-io/pop-cli/issues?q=is%3Aissue%20state%3Aopen%20Vulnerability%20dependency

Closes #458 #451 #450 #438 #437 #436 #214

@AlexD10S
fix: update cargo-deny config for new advisories and licenses
5e42678 
- Clean up advisory ignore list, remove resolved entries and add new ones
- Add CDLA-Permissive-2.0 to allowed licenses
- Add OpenSSL exception for aws-lc-sys
- Bump git2 to 0.20.4 and git2_credentials to 0.15.0
@AlexD10S AlexD10S self-assigned this Feb 24, 2026
@AlexD10S
Copy link
Member Author

AlexD10S commented Feb 24, 2026

@codex

@chatgpt-codex-connector
Copy link

chatgpt-codex-connector bot commented Feb 24, 2026

Codex Review: Didn't find any major issues. Nice work!

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

@codecov
Copy link

codecov bot commented Feb 24, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 56.69%. Comparing base (1d1283e) to head (5e42678).
⚠️ Report is 1 commits behind head on main.

@@            Coverage Diff             @@
##             main    #1006      +/-   ##
==========================================
- Coverage   57.71%   56.69%   -1.03%     
==========================================
  Files         176      176              
  Lines       42783    42783              
  Branches    42783    42783              
==========================================
- Hits        24692    24255     -437     
- Misses      15778    16216     +438     
+ Partials     2313     2312       -1

see 51 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@AlexD10S AlexD10S requested a review from moliholy February 24, 2026 12:21
@AlexD10S AlexD10S merged commit b0d3671 into r0gue-io:main Feb 24, 2026
38 of 39 checks passed
This was referenced Feb 24, 2026
Closed
Closed
Closed
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@moliholy moliholy moliholy approved these changes

Assignees

@AlexD10S AlexD10S

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Vulnerability dependency frame-benchmarking-cli

2 participants

@AlexD10S @moliholy