Skip to content

build(nix): add deny and audit to flake checks#41

Merged
PTFOPlayer merged 1 commit into
PTFOPlayer:masterfrom
brhutchins:build/nix/add-deny-and-audit-to-flake-checks
Jun 29, 2026
Merged

build(nix): add deny and audit to flake checks#41
PTFOPlayer merged 1 commit into
PTFOPlayer:masterfrom
brhutchins:build/nix/add-deny-and-audit-to-flake-checks

Conversation

@brhutchins

Copy link
Copy Markdown
Contributor
  • Add flake check for cargo deny
  • Add flake check for cargo audit

cargo deny and audit were recently added to the CI checks. Update the nix flake to match.

- Add flake check for `cargo deny`
- Add flake check for `cargo audit`
Comment thread flake.nix
Comment on lines +14 to +17
advisory-db = {
url = "github:rustsec/advisory-db";
flake = false;
};

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since nix builds are sandboxed, audit can't fetch the advisories at runtime, so we vendor them in instead. (The vendored artifact is only used for the cargoAudit check; it doesn't get included in the build output.)

@PTFOPlayer PTFOPlayer self-requested a review June 29, 2026 06:26
@PTFOPlayer PTFOPlayer merged commit 93a5d96 into PTFOPlayer:master Jun 29, 2026
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants