Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ignore unmatched-organization via configuration #620

Open
tgross35 opened this issue Feb 29, 2024 · 8 comments
Open

Ignore unmatched-organization via configuration #620

tgross35 opened this issue Feb 29, 2024 · 8 comments
Labels
enhancement New feature or request

Comments

@tgross35
Copy link

Is your feature request related to a problem? Please describe.

Some dependencies get flagged with unmatched-organization, and there doesn't seem to be a way to silence this warning with deny.toml

Describe the solution you'd like

Add a way to suppress this within deny.toml (or document it under https://embarkstudios.github.io/cargo-deny/checks/sources/diags.html if it already exists)

@tgross35 tgross35 added the enhancement New feature or request label Feb 29, 2024
@Jake-Shadle
Copy link
Member

I assume this is because you are sharing a config between multiple crates/repos/workspaces and don't want to get warnings from the ones which don't have those sources?

@tgross35
Copy link
Author

tgross35 commented Mar 1, 2024

In a way, mostly just looking to make the policy clear before any usecases actually come up. And so there isn't a need to update the deny.toml when dependencies are added/removed.

@Jake-Shadle
Copy link
Member

Is there a reason you can't use -A unmatched-organization then?

@tgross35
Copy link
Author

tgross35 commented Mar 1, 2024

That works of course, it would just be nice if running cargo deny out of the box knew the proper lint level from the configuration file.

I suppose that isn't limited to just unmatched-organization, that is just the first warning I have come across that can't be otherwise configured.

@Jake-Shadle
Copy link
Member

Lints regarding unused configurations options don't have ignore mechanisms within the configuration file itself, the whole point of them is to show users what options they have but aren't actually being used so they can have a smaller and cleaner config with only the things that matter, adding additional configuration to the same file to ignore other configuration in the same file is kind of self-defeating. It probably makes sense to add a single option to just ignore all config related lints like that instead if you don't care.

@LucasFA
Copy link

LucasFA commented Mar 5, 2024

Not exactly the case posted here, but the default deny.toml file contains in the [sources.allow-org] lines like github = [""], resulting in unmatched-organization warnings out of the box when running cargo deny check sources.

Those fields are documented inline to require 1 or more orgs, but deleting the empty org works already by itself.

@Jake-Shadle
Copy link
Member

The template it meant to show what configuration options are available, it's not meant to be committed as is.

@LucasFA
Copy link

LucasFA commented Mar 5, 2024

For reference, cargo did exactly that, followed by some modifications for the licenses. And they did just deal with the warning by deleting the apostrophes, see rust-lang/cargo@7b747de followed by rust-lang/cargo@aada2f3

Evidently the template must be modified for, at least, the licenses, but I don't see the upside to keeping the apostrophes and requiring users to modify something only to satisfy cargo-deny.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

3 participants