diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 7fe41cbdd9..b725dce6c3 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -16,7 +16,7 @@ jobs: - name: Install cargo deny run: cargo install --locked cargo-deny - name: Run cargo deny - run: cargo deny check advisories --hide-inclusion-graph &> .github/workflows/support-files/notifications/deny.message + run: find . -name Cargo.toml -exec cargo deny --manifest-path {} check advisories -A advisory-not-detected --hide-inclusion-graph \; | uniq &> .github/workflows/support-files/notifications/deny.message - uses: actions/upload-artifact@v3 with: name: report diff --git a/deny.toml b/deny.toml index 38d21db403..2538c60d0f 100644 --- a/deny.toml +++ b/deny.toml @@ -66,7 +66,7 @@ vulnerability = "deny" # The lint level for unmaintained crates unmaintained = "allow" # The lint level for crates that have been yanked from their source registry -yanked = "warn" +yanked = "allow" # The lint level for crates with security notices. Note that as of # 2019-12-17 there are no security notice advisories in # https://github.com/rustsec/advisory-db