From 8132137a0578d8f0ad29952993b6840f7b2d0500 Mon Sep 17 00:00:00 2001 From: Jake Shadle Date: Thu, 28 Nov 2024 14:21:14 +0100 Subject: [PATCH] Warn on skip without duplicates (#726) - **Update rustls and url** - **Update gix and tame-index** - **Add unnecessary-skip diagnostic** Resolves: #725 --- CHANGELOG.md | 3 + Cargo.lock | 260 +++++++++--------- Cargo.toml | 6 +- deny.toml | 1 + docs/src/checks/bans/diags.md | 4 + src/bans.rs | 62 ++++- src/bans/diags.rs | 21 ++ src/bans/graph.rs | 15 +- .../cargo_deny__diag__test__codes_unique.snap | 2 + tests/bans.rs | 27 ++ .../bans__unused_skips_generate_warnings.snap | 241 ++++++++++++++++ 11 files changed, 491 insertions(+), 151 deletions(-) create mode 100644 tests/snapshots/bans__unused_skips_generate_warnings.snap diff --git a/CHANGELOG.md b/CHANGELOG.md index 2e71b06a..cc96d7ea 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - [PR#721](https://github.com/EmbarkStudios/cargo-deny/pull/721) updated `rust-version` to 1.81.0 to accurately reflect the minimum rust version required to compile, resolving [#720](https://github.com/EmbarkStudios/cargo-deny/issues/720). - [PR#722](https://github.com/EmbarkStudios/cargo-deny/pull/722) updated the SPDX license list to 3.25.0. +### Fixed +- [PR#726](https://github.com/EmbarkStudios/cargo-deny/pull/726) resolved [#725](https://github.com/EmbarkStudios/cargo-deny/issues/725) by adding the `unnecessary-skip` diagnostic, emitted when there is a `skip` configured for a crate that only has one version in the graph. + ## [0.16.2] - 2024-11-15 ### Fixed - [PR#703](https://github.com/EmbarkStudios/cargo-deny/pull/703) resolved [#696](https://github.com/EmbarkStudios/cargo-deny/issues/696) by no longer emitting errors when failing to deserialize deprecated fields, and removed some lingering documentation that wasn't removed in [PR#611](https://github.com/EmbarkStudios/cargo-deny/pull/611). diff --git a/Cargo.lock b/Cargo.lock index f26bb538..2e06b503 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -312,9 +312,9 @@ dependencies = [ [[package]] name = "cfg-expr" -version = "0.17.0" +version = "0.17.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d0890061c4d3223e7267f3bad2ec40b997d64faac1c2815a4a9d95018e2b9e9c" +checksum = "c360837f8f19e2e4468275138f1c0dec1647d1e17bb7c0215fe3cd7530e93c25" dependencies = [ "smallvec", "target-lexicon", @@ -769,9 +769,9 @@ checksum = "07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f" [[package]] name = "gix" -version = "0.67.0" +version = "0.68.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7d3e78ddac368d3e3bfbc2862bc2aafa3d89f1b15fed898d9761e1ec6f3f17f" +checksum = "b04c66359b5e17f92395abc433861df0edf48f39f3f590818d1d7217327dd6a1" dependencies = [ "gix-actor", "gix-attributes", @@ -818,28 +818,28 @@ dependencies = [ "parking_lot", "signal-hook", "smallvec", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-actor" -version = "0.33.0" +version = "0.33.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "59226ef06661c756e664b46b1d3b2c198f6adc5407a484c086d0171108a70027" +checksum = "32b24171f514cef7bb4dfb72a0b06dacf609b33ba8ad2489d4c4559a03b7afb3" dependencies = [ "bstr", "gix-date", "gix-utils", "itoa", - "thiserror 1.0.69", + "thiserror 2.0.3", "winnow", ] [[package]] name = "gix-attributes" -version = "0.23.0" +version = "0.23.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31a102d201ef0e5a848458a82292581e7641e52f0f52e693b6cbdd05a652c029" +checksum = "ddf9bf852194c0edfe699a2d36422d2c1f28f73b7c6d446c3f0ccd3ba232cadc" dependencies = [ "bstr", "gix-glob", @@ -848,33 +848,33 @@ dependencies = [ "gix-trace", "kstring", "smallvec", - "thiserror 1.0.69", + "thiserror 2.0.3", "unicode-bom", ] [[package]] name = "gix-bitmap" -version = "0.2.12" +version = "0.2.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "10f78312288bd02052be5dbc2ecbc342c9f4eb791986d86c0a5c06b92dc72efa" +checksum = "d48b897b4bbc881aea994b4a5bbb340a04979d7be9089791304e04a9fbc66b53" dependencies = [ - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-chunk" -version = "0.4.9" +version = "0.4.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c28b58ba04f0c004722344390af9dbc85888fbb84be1981afb934da4114d4cf" +checksum = "c6ffbeb3a5c0b8b84c3fe4133a6f8c82fa962f4caefe8d0762eced025d3eb4f7" dependencies = [ - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-command" -version = "0.3.10" +version = "0.3.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c201d2b9e9cce2365a6638fd0a966f751ed92d74be5c0727ac331e6a29ef5846" +checksum = "6d7d6b8f3a64453fd7e8191eb80b351eb7ac0839b40a1237cd2c137d5079fe53" dependencies = [ "bstr", "gix-path", @@ -884,23 +884,23 @@ dependencies = [ [[package]] name = "gix-commitgraph" -version = "0.25.0" +version = "0.25.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41db900b189e62dc61575f06fdf1a3b6901d264a99be9d32b286af6b2e3984e1" +checksum = "a8da6591a7868fb2b6dabddea6b09988b0b05e0213f938dbaa11a03dd7a48d85" dependencies = [ "bstr", "gix-chunk", "gix-features", "gix-hash", "memmap2", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-config" -version = "0.41.0" +version = "0.42.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0bedd1bf1c7b994be9d57207e8e0de79016c05e2e8701d3015da906e65ac445e" +checksum = "6649b406ca1f99cb148959cf00468b231f07950f8ec438cc0903cda563606f19" dependencies = [ "bstr", "gix-config-value", @@ -912,29 +912,29 @@ dependencies = [ "memchr", "once_cell", "smallvec", - "thiserror 1.0.69", + "thiserror 2.0.3", "unicode-bom", "winnow", ] [[package]] name = "gix-config-value" -version = "0.14.9" +version = "0.14.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f3de3fdca9c75fa4b83a76583d265fa49b1de6b088ebcd210749c24ceeb74660" +checksum = "49aaeef5d98390a3bcf9dbc6440b520b793d1bf3ed99317dc407b02be995b28e" dependencies = [ "bitflags", "bstr", "gix-path", "libc", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-credentials" -version = "0.25.0" +version = "0.25.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d713bac4bf7df5801012285366dae6625d675baec4ba6e443d64e83559bec068" +checksum = "2be87bb8685fc7e6e7032ef71c45068ffff609724a0c897b8047fde10db6ae71" dependencies = [ "bstr", "gix-command", @@ -944,38 +944,38 @@ dependencies = [ "gix-sec", "gix-trace", "gix-url", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-date" -version = "0.9.1" +version = "0.9.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d10d543ac13c97292a15e8e8b7889cd006faf739777437ed95362504b8fe81a0" +checksum = "691142b1a34d18e8ed6e6114bc1a2736516c5ad60ef3aa9bd1b694886e3ca92d" dependencies = [ "bstr", "itoa", "jiff", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-diff" -version = "0.47.0" +version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c9850fd0c15af113db6f9e130d13091ba0d3754e570a2afdff9e2f3043da260e" +checksum = "a327be31a392144b60ab0b1c863362c32a1c8f7effdfa2141d5d5b6b916ef3bf" dependencies = [ "bstr", "gix-hash", "gix-object", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-discover" -version = "0.36.0" +version = "0.37.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c522e31f458f50af09dfb014e10873c5378f702f8049c96f508989aad59671f6" +checksum = "83bf6dfa4e266a4a9becb4d18fc801f92c3f7cc6c433dd86fdadbcf315ffb6ef" dependencies = [ "bstr", "dunce", @@ -984,14 +984,14 @@ dependencies = [ "gix-path", "gix-ref", "gix-sec", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-features" -version = "0.39.0" +version = "0.39.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8e0eb9efdf96c35c0bed7596d1bef2d4ce6360a1d09738001f9d3e402aa7ba3e" +checksum = "7d85d673f2e022a340dba4713bed77ef2cf4cd737d2f3e0f159d45e0935fd81f" dependencies = [ "bytes", "crc32fast", @@ -1003,15 +1003,15 @@ dependencies = [ "once_cell", "prodash", "sha1_smol", - "thiserror 1.0.69", + "thiserror 2.0.3", "walkdir", ] [[package]] name = "gix-filter" -version = "0.14.0" +version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6b37f82359a4485770ed8993ae715ced1bf674f2a63e45f5a0786d38310665ea" +checksum = "5108cc58d58b27df10ac4de7f31b2eb96d588a33e5eba23739b865f5d8db7995" dependencies = [ "bstr", "encoding_rs", @@ -1025,7 +1025,7 @@ dependencies = [ "gix-trace", "gix-utils", "smallvec", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] @@ -1041,9 +1041,9 @@ dependencies = [ [[package]] name = "gix-glob" -version = "0.17.0" +version = "0.17.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "254b5101cf7facc00d9b5ff564cf46302ca76695cca23d33bc958a707b6fc857" +checksum = "aaf69a6bec0a3581567484bf99a4003afcaf6c469fd4214352517ea355cf3435" dependencies = [ "bitflags", "bstr", @@ -1053,12 +1053,12 @@ dependencies = [ [[package]] name = "gix-hash" -version = "0.15.0" +version = "0.15.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "952c3a29f1bc1007cc901abce7479943abfa42016db089de33d0a4fa3c85bfe8" +checksum = "0b5eccc17194ed0e67d49285e4853307e4147e95407f91c1c3e4a13ba9f4e4ce" dependencies = [ "faster-hex", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] @@ -1074,9 +1074,9 @@ dependencies = [ [[package]] name = "gix-ignore" -version = "0.12.0" +version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba55a9b582dc26a639875497615959a8127ac5c37b2426dc50f037fada33a4b7" +checksum = "b6b1fb24d2a4af0aa7438e2771d60c14a80cf2c9bd55c29cf1712b841f05bb8a" dependencies = [ "bstr", "gix-glob", @@ -1087,9 +1087,9 @@ dependencies = [ [[package]] name = "gix-index" -version = "0.36.0" +version = "0.37.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "27619009ca1ea33fd885041273f5fa5a09163a5c1d22a913b28d7b985e66fe29" +checksum = "270645fd20556b64c8ffa1540d921b281e6994413a0ca068596f97e9367a257a" dependencies = [ "bitflags", "bstr", @@ -1110,7 +1110,7 @@ dependencies = [ "memmap2", "rustix", "smallvec", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] @@ -1126,9 +1126,9 @@ dependencies = [ [[package]] name = "gix-negotiate" -version = "0.16.0" +version = "0.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "414806291838c3349ea939c6d840ff854f84cd29bd3dde8f904f60b0e5b7d0bd" +checksum = "d27f830a16405386e9c83b9d5be8261fe32bbd6b3caf15bd1b284c6b2b7ef1a8" dependencies = [ "bitflags", "gix-commitgraph", @@ -1137,14 +1137,14 @@ dependencies = [ "gix-object", "gix-revwalk", "smallvec", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-object" -version = "0.45.0" +version = "0.46.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2a77b6e7753d298553d9ae8b1744924481e7a49170983938bb578dccfbc6fc1a" +checksum = "65d93e2bbfa83a307e47f45e45de7b6c04d7375a8bd5907b215f4bf45237d879" dependencies = [ "bstr", "gix-actor", @@ -1156,15 +1156,15 @@ dependencies = [ "gix-validate", "itoa", "smallvec", - "thiserror 1.0.69", + "thiserror 2.0.3", "winnow", ] [[package]] name = "gix-odb" -version = "0.64.0" +version = "0.65.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0bb86aadf7f1b2f980601b4fc94309706f9700f8008f935dc512d556c9e60f61" +checksum = "93bed6e1b577c25a6bb8e6ecbf4df525f29a671ddf5f2221821a56a8dbeec4e3" dependencies = [ "arc-swap", "gix-date", @@ -1178,14 +1178,14 @@ dependencies = [ "gix-quote", "parking_lot", "tempfile", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-pack" -version = "0.54.0" +version = "0.55.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "363e6e59a855ba243672408139db68e2478126cdcfeabb420777df4a1f20026b" +checksum = "9b91fec04d359544fecbb8e85117ec746fbaa9046ebafcefb58cb74f20dc76d4" dependencies = [ "clru", "gix-chunk", @@ -1198,51 +1198,51 @@ dependencies = [ "memmap2", "parking_lot", "smallvec", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-packetline" -version = "0.18.0" +version = "0.18.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f14a110eb16e27b4ebdae4ca8b389df3ad637d3020077e6b606b1d078745b65" +checksum = "8a720e5bebf494c3ceffa85aa89f57a5859450a0da0a29ebe89171e23543fa78" dependencies = [ "bstr", "faster-hex", "gix-trace", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-packetline-blocking" -version = "0.18.0" +version = "0.18.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "decace940e8ba8e29d29b73b843a6cbae67503887f3e5fb7e688d0f4f6ee0757" +checksum = "ce9004ce1bc00fd538b11c1ec8141a1558fb3af3d2b7ac1ac5c41881f9e42d2a" dependencies = [ "bstr", "faster-hex", "gix-trace", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-path" -version = "0.10.12" +version = "0.10.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c04e5a94fdb56b1e91eb7df2658ad16832428b8eeda24ff1a0f0288de2bce554" +checksum = "afc292ef1a51e340aeb0e720800338c805975724c1dfbd243185452efd8645b7" dependencies = [ "bstr", "gix-trace", "home", "once_cell", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-pathspec" -version = "0.8.0" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "70f02bf7625dbf15bf9fedbeace2ac1ce1c5177806bdbc24c441d664c75c00e4" +checksum = "4c472dfbe4a4e96fcf7efddcd4771c9037bb4fdea2faaabf2f4888210c75b81e" dependencies = [ "bitflags", "bstr", @@ -1250,27 +1250,27 @@ dependencies = [ "gix-config-value", "gix-glob", "gix-path", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-prompt" -version = "0.8.8" +version = "0.8.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57944bbdb87f7a9893907032276e99ff4eba3640d8db1bdfb1eba8c07edfd006" +checksum = "7a7822afc4bc9c5fbbc6ce80b00f41c129306b7685cac3248dbfa14784960594" dependencies = [ "gix-command", "gix-config-value", "parking_lot", "rustix", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-protocol" -version = "0.46.0" +version = "0.46.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ac4ebf25f20ac6055728eaa80951acf2cf83948a64af6565b98e7d42b1ab6691" +checksum = "7a7e7e51a0dea531d3448c297e2fa919b2de187111a210c324b7e9f81508b8ca" dependencies = [ "bstr", "gix-credentials", @@ -1280,26 +1280,26 @@ dependencies = [ "gix-transport", "gix-utils", "maybe-async", - "thiserror 1.0.69", + "thiserror 2.0.3", "winnow", ] [[package]] name = "gix-quote" -version = "0.4.13" +version = "0.4.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f89f9a1525dcfd9639e282ea939f5ab0d09d93cf2b90c1fc6104f1b9582a8e49" +checksum = "64a1e282216ec2ab2816cd57e6ed88f8009e634aec47562883c05ac8a7009a63" dependencies = [ "bstr", "gix-utils", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-ref" -version = "0.48.0" +version = "0.49.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a47385e71fa2d9da8c35e642ef4648808ddf0a52bc93425879088c706dfeaea2" +checksum = "1eae462723686272a58f49501015ef7c0d67c3e042c20049d8dd9c7eff92efde" dependencies = [ "gix-actor", "gix-features", @@ -1312,29 +1312,29 @@ dependencies = [ "gix-utils", "gix-validate", "memmap2", - "thiserror 1.0.69", + "thiserror 2.0.3", "winnow", ] [[package]] name = "gix-refspec" -version = "0.26.0" +version = "0.27.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0022038a09d80d9abf773be8efcbb502868d97f6972b8633bfb52ab6edaac442" +checksum = "00c056bb747868c7eb0aeb352c9f9181ab8ca3d0a2550f16470803500c6c413d" dependencies = [ "bstr", "gix-hash", "gix-revision", "gix-validate", "smallvec", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-revision" -version = "0.30.0" +version = "0.31.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4ee8eb4088fece3562af4a5d751e069f90e93345524ad730512185234c4b55f1" +checksum = "44488e0380847967bc3e3cacd8b22652e02ea1eb58afb60edd91847695cd2d8d" dependencies = [ "bstr", "gix-commitgraph", @@ -1342,14 +1342,14 @@ dependencies = [ "gix-hash", "gix-object", "gix-revwalk", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-revwalk" -version = "0.16.0" +version = "0.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e6c9a9496da98d36ff19063a8576bf09a87425583b709a56dc5594fffa9d39b2" +checksum = "510026fc32f456f8f067d8f37c34088b97a36b2229d88a6a5023ef179fcb109d" dependencies = [ "gix-commitgraph", "gix-date", @@ -1357,14 +1357,14 @@ dependencies = [ "gix-hashtable", "gix-object", "smallvec", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-sec" -version = "0.10.9" +version = "0.10.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a2007538eda296445c07949cf04f4a767307d887184d6b3e83e2d636533ddc6e" +checksum = "a8b876ef997a955397809a2ec398d6a45b7a55b4918f2446344330f778d14fd6" dependencies = [ "bitflags", "gix-path", @@ -1374,9 +1374,9 @@ dependencies = [ [[package]] name = "gix-submodule" -version = "0.15.0" +version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ed099621873cd36c580fc822176a32a7e50fef15a5c2ed81aaa087296f0497a" +checksum = "a2455f8c0fcb6ebe2a6e83c8f522d30615d763eb2ef7a23c7d929f9476e89f5c" dependencies = [ "bstr", "gix-config", @@ -1384,7 +1384,7 @@ dependencies = [ "gix-pathspec", "gix-refspec", "gix-url", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] @@ -1410,9 +1410,9 @@ checksum = "04bdde120c29f1fc23a24d3e115aeeea3d60d8e65bab92cc5f9d90d9302eb952" [[package]] name = "gix-transport" -version = "0.43.0" +version = "0.43.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c485a345f41b8c0256cb86e95ed93e0692d203fd6c769b0433f7352c13608ad" +checksum = "39a1a41357b7236c03e0c984147f823d87c3e445a8581bac7006df141577200b" dependencies = [ "base64", "bstr", @@ -1424,14 +1424,14 @@ dependencies = [ "gix-sec", "gix-url", "reqwest", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-traverse" -version = "0.42.0" +version = "0.43.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f20f1b13cc4fa6ba92b24e6aa0c2fb6a34beb4458ef88c6300212db504e818df" +checksum = "3ff2ec9f779680f795363db1c563168b32b8d6728ec58564c628e85c92d29faf" dependencies = [ "bitflags", "gix-commitgraph", @@ -1441,19 +1441,19 @@ dependencies = [ "gix-object", "gix-revwalk", "smallvec", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-url" -version = "0.28.0" +version = "0.28.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33e7c297c3265015c133a2c02199610b6e1373a09dc4be057d0c1b5285737f06" +checksum = "e09f97db3618fb8e473d7d97e77296b50aaee0ddcd6a867f07443e3e87391099" dependencies = [ "bstr", "gix-features", "gix-path", - "thiserror 1.0.69", + "thiserror 2.0.3", "url", ] @@ -1469,19 +1469,19 @@ dependencies = [ [[package]] name = "gix-validate" -version = "0.9.1" +version = "0.9.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e187b263461bc36cea17650141567753bc6207d036cedd1de6e81a52f277ff68" +checksum = "cd520d09f9f585b34b32aba1d0b36ada89ab7fefb54a8ca3fe37fc482a750937" dependencies = [ "bstr", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] name = "gix-worktree" -version = "0.37.0" +version = "0.38.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d345e5b523550fe4fa0e912bf957de752011ccfc87451968fda1b624318f29c" +checksum = "756dbbe15188fa22540d5eab941f8f9cf511a5364d5aec34c88083c09f4bea13" dependencies = [ "bstr", "gix-attributes", @@ -1498,9 +1498,9 @@ dependencies = [ [[package]] name = "gix-worktree-state" -version = "0.14.0" +version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5e72b00e02f3bd737caae9c20a98e70749f42ae18c8f0b68aac3210b42a0b8da" +checksum = "4ebd5eead61d37b334bc31810c9980aa72d659044513cae0e342a88fed2c22ba" dependencies = [ "bstr", "gix-features", @@ -1513,7 +1513,7 @@ dependencies = [ "gix-path", "gix-worktree", "io-close", - "thiserror 1.0.69", + "thiserror 2.0.3", ] [[package]] @@ -2485,9 +2485,9 @@ dependencies = [ [[package]] name = "rustls" -version = "0.23.16" +version = "0.23.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eee87ff5d9b36712a58574e12e9f0ea80f915a5b0ac518d322b24a465617925e" +checksum = "934b404430bb06b3fae2cba809eb45a1ab1aecd64491213d7c3301b88393f8d1" dependencies = [ "once_cell", "ring", @@ -2901,9 +2901,9 @@ dependencies = [ [[package]] name = "tame-index" -version = "0.15.0" +version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2e84f5c909182129ef064424ed6eeef4210db99c35b9bd2dc36c230c1544ec66" +checksum = "c0150bc4fba57808bbfc13a6f5d058f8bd83b485c909b67e4d14736f065def51" dependencies = [ "bytes", "camino", @@ -2920,7 +2920,7 @@ dependencies = [ "serde_json", "sha2", "smol_str", - "thiserror 1.0.69", + "thiserror 2.0.3", "tokio", "toml-span", "twox-hash", @@ -3218,9 +3218,9 @@ checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" [[package]] name = "url" -version = "2.5.3" +version = "2.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d157f1b96d14500ffdc1f10ba712e780825526c03d9a49b4d0324b0d9113ada" +checksum = "32f8b686cadd1473f4bd0117a5d28d36b1ade384ea9b5069a1c40aefed7fda60" dependencies = [ "form_urlencoded", "idna", diff --git a/Cargo.toml b/Cargo.toml index 3700748e..4b4ff041 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -105,7 +105,7 @@ spdx = "0.10" # Lazy strum = { version = "0.26", features = ["derive"] } # Index retrieval and querying -tame-index = { version = "0.15", default-features = false, features = [ +tame-index = { version = "0.16", default-features = false, features = [ "git", "local", "sparse", @@ -126,7 +126,7 @@ walkdir = "2.3" # We clone/fetch advisory databases [dependencies.gix] -version = "0.67" +version = "0.68" default-features = false features = [ "blocking-http-transport-reqwest", @@ -140,7 +140,7 @@ features = [ fs_extra = "1.3" # Snapshot testing insta = { version = "1.41", features = ["json"] } -tame-index = { version = "0.15", features = ["local-builder"] } +tame-index = { version = "0.16", features = ["local-builder"] } time = { version = "0.3", features = ["serde"] } toml-span = { version = "0.3", features = ["serde"] } # We use this for creating fake crate directories for crawling license files on disk diff --git a/deny.toml b/deny.toml index 931327c3..dcfb4d51 100644 --- a/deny.toml +++ b/deny.toml @@ -31,6 +31,7 @@ skip = [ ] skip-tree = [ { crate = "windows-sys@0.52.0", reason = "a foundational crate for many that bumps far too frequently to ever have a shared version" }, + { crate = "thiserror@1.0.69", reason = "gix depends on both the 1.0 and 2.0 versions" }, ] [sources] diff --git a/docs/src/checks/bans/diags.md b/docs/src/checks/bans/diags.md index 37876ae3..916cb838 100644 --- a/docs/src/checks/bans/diags.md +++ b/docs/src/checks/bans/diags.md @@ -41,6 +41,10 @@ A [`[workspace.dependencies]`](https://doc.rust-lang.org/cargo/reference/workspa A crate version in [`bans.skip`](cfg.md#the-skip-field-optional) was not encountered. +### `unnecessary-skip` + +A crate specified in [`bans.skip`](cfg.md#the-skip-field-optional) was in the graph, but that crate only had one version, making the `skip` entry useless. + ### `allowed-by-wrapper` A crate in `bans.deny` was allowed since it was directly depended on by a [`wrappers`](cfg.md#the-wrappers-field-optional) crate. diff --git a/src/bans.rs b/src/bans.rs index b3e1cfdf..f1d749f4 100644 --- a/src/bans.rs +++ b/src/bans.rs @@ -314,12 +314,16 @@ pub fn check( struct MultiDetector<'a> { name: &'a str, - dupes: smallvec::SmallVec<[usize; 2]>, + dupes: smallvec::SmallVec<[(usize, bool); 4]>, + // Keep track of the crates that actually have > 1 version, regardless of skips + // if a skip is encountered for a krate that only has 1 version, warn about it + krates_with_dupes: Vec<&'a str>, } let mut multi_detector = MultiDetector { name: &ctx.krates.krates().next().unwrap().name, dupes: smallvec::SmallVec::new(), + krates_with_dupes: Vec::new(), }; let filtered_krates = if !multiple_versions_include_dev { @@ -376,12 +380,25 @@ pub fn check( .collect(), ); - let report_duplicates = |multi_detector: &MultiDetector<'_>, sink: &mut diag::ErrorSink| { - if multi_detector.dupes.len() <= 1 { + let report_duplicates = |multi_detector: &mut MultiDetector<'_>, sink: &mut diag::ErrorSink| { + let skipped = multi_detector + .dupes + .iter() + .filter(|(_, skipped)| *skipped) + .count(); + if multi_detector.dupes.len() > 1 { + multi_detector.krates_with_dupes.push(multi_detector.name); + } + + if multi_detector.dupes.len() - skipped <= 1 { return; } - let lint_level = if multi_detector.dupes.iter().any(|kindex| { + let lint_level = if multi_detector.dupes.iter().any(|(kindex, skipped)| { + if *skipped { + return false; + } + let krate = &ctx.krates[*kindex]; dmv.matches(krate).is_some() }) { @@ -408,7 +425,11 @@ pub fn check( let mut kids = smallvec::SmallVec::<[Dupe; 2]>::new(); - for dup in multi_detector.dupes.iter().cloned() { + for dup in multi_detector + .dupes + .iter() + .filter_map(|(ind, skipped)| (!*skipped).then_some(*ind)) + { let krate = &ctx.krates[dup]; let span = &ctx.krate_spans.lock_span(&krate.id).total; @@ -850,6 +871,15 @@ pub fn check( if should_add_dupe(&krate.id) { if let Some(matches) = skipped.matches(krate) { + if multi_detector.name != krate.name { + report_duplicates(&mut multi_detector, &mut sink); + + multi_detector.name = &krate.name; + multi_detector.dupes.clear(); + } + + multi_detector.dupes.push((i, true)); + for rm in matches { pack.push(diags::Skipped { krate, @@ -863,13 +893,13 @@ pub fn check( } } else if !tree_skipper.matches(krate, &mut pack) { if multi_detector.name != krate.name { - report_duplicates(&multi_detector, &mut sink); + report_duplicates(&mut multi_detector, &mut sink); multi_detector.name = &krate.name; multi_detector.dupes.clear(); } - multi_detector.dupes.push(i); + multi_detector.dupes.push((i, false)); 'wildcards: { if wildcards != LintLevel::Allow && !krate.is_git_source() { @@ -958,7 +988,7 @@ pub fn check( } if i == last { - report_duplicates(&multi_detector, &mut sink); + report_duplicates(&mut multi_detector, &mut sink); } tx.push(i, krate, pack); @@ -1050,12 +1080,16 @@ pub fn check( let mut pack = Pack::new(Check::Bans); - for skip in skip_hit - .into_iter() - .zip(skipped.0.into_iter()) - .filter_map(|(hit, skip)| (!hit).then_some(skip)) - { - pack.push(diags::UnmatchedSkip { skip_cfg: &skip }); + for (hit, skip) in skip_hit.into_iter().zip(skipped.0.into_iter()) { + if !hit { + pack.push(diags::UnmatchedSkip { skip_cfg: &skip }); + } else if multi_detector + .krates_with_dupes + .binary_search(&skip.spec.name.value.as_str()) + .is_err() + { + pack.push(diags::UnnecessarySkip { skip_cfg: &skip }); + } } for wrapper in ban_wrappers diff --git a/src/bans/diags.rs b/src/bans/diags.rs index 984abdf0..70a3cfa7 100644 --- a/src/bans/diags.rs +++ b/src/bans/diags.rs @@ -28,6 +28,7 @@ pub enum Code { Skipped, Wildcard, UnmatchedSkip, + UnnecessarySkip, AllowedByWrapper, UnmatchedWrapper, SkippedByRoot, @@ -222,6 +223,26 @@ impl<'a> From> for Diag { } } +pub(crate) struct UnnecessarySkip<'a> { + pub(crate) skip_cfg: &'a SpecAndReason, +} + +impl<'a> From> for Diag { + fn from(us: UnnecessarySkip<'a>) -> Self { + Diagnostic::new(Severity::Warning) + .with_message(format!( + "skip '{}' applied to a crate with only one version", + us.skip_cfg.spec, + )) + .with_code(Code::UnnecessarySkip) + .with_labels( + us.skip_cfg + .to_labels(Some("unnecessary skip configuration")), + ) + .into() + } +} + pub(crate) struct UnusedWrapper { pub(crate) wrapper_cfg: CfgCoord, } diff --git a/src/bans/graph.rs b/src/bans/graph.rs index 9ada5068..4530c667 100644 --- a/src/bans/graph.rs +++ b/src/bans/graph.rs @@ -88,7 +88,7 @@ pub(crate) fn create_graph( dup_name: &str, highlight: GraphHighlight, krates: &crate::Krates, - dup_ids: &[usize], + dup_ids: &[(usize, bool)], ) -> Result { use pg::visit::{EdgeRef, NodeRef}; @@ -97,16 +97,23 @@ pub(crate) fn create_graph( let mut node_stack = Vec::with_capacity(dup_ids.len()); - let duplicates: Vec<_> = dup_ids.iter().map(|di| krates[*di].id.clone()).collect(); + let duplicates: Vec<_> = dup_ids + .iter() + .filter_map(|(di, skipped)| (!*skipped).then_some(krates[*di].id.clone())) + .collect(); - for (index, dupid) in dup_ids.iter().zip(duplicates.iter()) { + for (index, dupid) in dup_ids + .iter() + .filter_map(|(index, skipped)| (!*skipped).then_some(*index)) + .zip(duplicates.iter()) + { let dn = DupNode { kid: dupid, feature: None, }; let nid = graph.add_node(dn); node_map.insert(dn, nid); - node_stack.push((krates::NodeId::new(*index), nid)); + node_stack.push((krates::NodeId::new(index), nid)); } { diff --git a/src/snapshots/cargo_deny__diag__test__codes_unique.snap b/src/snapshots/cargo_deny__diag__test__codes_unique.snap index ec0cc7fb..9f1bf64b 100644 --- a/src/snapshots/cargo_deny__diag__test__codes_unique.snap +++ b/src/snapshots/cargo_deny__diag__test__codes_unique.snap @@ -1,6 +1,7 @@ --- source: src/diag.rs expression: unique +snapshot_kind: text --- { "accepted", @@ -52,6 +53,7 @@ expression: unique "unmatched-skip-root", "unmatched-source", "unmatched-wrapper", + "unnecessary-skip", "unresolved-workspace-dependency", "unsound", "unused-workspace-dependency", diff --git a/tests/bans.rs b/tests/bans.rs index b8d9d762..e8115bd8 100644 --- a/tests/bans.rs +++ b/tests/bans.rs @@ -327,3 +327,30 @@ unused = 'warn' insta::assert_json_snapshot!(diags); } + +/// Ensures skips generate warnings if they aren't needed +#[test] +fn unused_skips_generate_warnings() { + let diags = gather_bans( + func_name!(), + KrateGather { + name: "workspace", + no_default_features: true, + targets: &["x86_64-unknown-linux-gnu", "x86_64-pc-windows-msvc"], + ..Default::default() + }, + r#" +multiple-versions = 'deny' +skip = [ + # This actually has 3 versions, skip the two lower ones + 'spdx:<0.10.0', + # This crate, but not exact version, is in the graph + 'smallvec@1.0.0', + # This crate is in the graph, but there is only one version + 'serde_json', +] +"#, + ); + + insta::assert_json_snapshot!(diags); +} diff --git a/tests/snapshots/bans__unused_skips_generate_warnings.snap b/tests/snapshots/bans__unused_skips_generate_warnings.snap new file mode 100644 index 00000000..b9bc8a56 --- /dev/null +++ b/tests/snapshots/bans__unused_skips_generate_warnings.snap @@ -0,0 +1,241 @@ +--- +source: tests/bans.rs +expression: diags +snapshot_kind: text +--- +[ + { + "fields": { + "code": "skipped", + "graphs": [ + { + "Krate": { + "name": "serde_json", + "version": "1.0.118" + }, + "parents": [ + { + "Krate": { + "name": "cargo_metadata", + "version": "0.18.1" + }, + "parents": [ + { + "Krate": { + "name": "krates", + "version": "0.16.6" + }, + "parents": [ + { + "Krate": { + "name": "wildcards-test-allow-git", + "version": "0.1.0" + }, + "parents": [ + { + "Krate": { + "name": "member-one", + "version": "0.1.0" + }, + "parents": [ + { + "Krate": { + "kind": "build", + "name": "member-two", + "version": "0.1.0" + }, + "parents": [ + { + "Krate": { + "name": "root", + "version": "0.1.0" + } + } + ] + }, + { + "Krate": { + "name": "root", + "version": "0.1.0" + }, + "repeat": true + } + ] + }, + { + "Krate": { + "kind": "build", + "name": "member-two", + "version": "0.1.0" + }, + "repeat": true + } + ] + } + ] + } + ] + } + ] + } + ], + "labels": [ + { + "column": 6, + "line": 9, + "message": "skipped here", + "span": "serde_json" + } + ], + "message": "crate 'serde_json = 1.0.118' skipped when checking for duplicates", + "severity": "note" + }, + "type": "diagnostic" + }, + { + "fields": { + "code": "skipped", + "graphs": [ + { + "Krate": { + "name": "spdx", + "version": "0.6.0" + }, + "parents": [ + { + "Krate": { + "kind": "build", + "name": "member-one", + "version": "0.1.0" + }, + "parents": [ + { + "Krate": { + "kind": "build", + "name": "member-two", + "version": "0.1.0" + }, + "parents": [ + { + "Krate": { + "name": "root", + "version": "0.1.0" + } + } + ] + }, + { + "Krate": { + "name": "root", + "version": "0.1.0" + }, + "repeat": true + } + ] + }, + { + "Krate": { + "name": "member-two", + "version": "0.1.0" + }, + "repeat": true + } + ] + } + ], + "labels": [ + { + "column": 6, + "line": 5, + "message": "skipped here", + "span": "spdx:<0.10.0" + } + ], + "message": "crate 'spdx = 0.6.0' skipped when checking for duplicates", + "severity": "note" + }, + "type": "diagnostic" + }, + { + "fields": { + "code": "skipped", + "graphs": [ + { + "Krate": { + "name": "spdx", + "version": "0.9.0" + }, + "parents": [ + { + "Krate": { + "kind": "build", + "name": "member-two", + "version": "0.1.0" + }, + "parents": [ + { + "Krate": { + "name": "root", + "version": "0.1.0" + } + } + ] + }, + { + "Krate": { + "name": "root", + "version": "0.1.0" + }, + "repeat": true + } + ] + } + ], + "labels": [ + { + "column": 6, + "line": 5, + "message": "skipped here", + "span": "spdx:<0.10.0" + } + ], + "message": "crate 'spdx = 0.9.0' skipped when checking for duplicates", + "severity": "note" + }, + "type": "diagnostic" + }, + { + "fields": { + "code": "unmatched-skip", + "graphs": [], + "labels": [ + { + "column": 6, + "line": 7, + "message": "unmatched skip configuration", + "span": "smallvec@1.0.0" + } + ], + "message": "skipped crate 'smallvec = =1.0.0' was not encountered", + "severity": "warning" + }, + "type": "diagnostic" + }, + { + "fields": { + "code": "unnecessary-skip", + "graphs": [], + "labels": [ + { + "column": 6, + "line": 9, + "message": "unnecessary skip configuration", + "span": "serde_json" + } + ], + "message": "skip 'serde_json' applied to a crate with only one version", + "severity": "warning" + }, + "type": "diagnostic" + } +]