You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
the new workspace-dependency.unused setting reports false positives when you proxy crates.io via another cargo repository.
i found this running against an internal artifactory mirror of crates.io, which for obvious reasons i can't use for a reproduction, but using a random (out of date) mirror i found on the web also reproduces it.
check out minimal repro repo above, OR add the following to .cargo/config.toml in the root of a cargo project:
[source.mirror]
registry = "https://github.com/hotg-ai/crates.io-index"
[source.crates-io]
# comment out below line (stop proxying crates.io via mirror) to fix issuereplace-with = "mirror"
Describe the bug
the new
workspace-dependency.unused
setting reports false positives when you proxy crates.io via another cargo repository.i found this running against an internal artifactory mirror of crates.io, which for obvious reasons i can't use for a reproduction, but using a random (out of date) mirror i found on the web also reproduces it.
minimal repro repo available here
To reproduce
.cargo/config.toml
in the root of a cargo project:cargo deny check bans
despite the
wiremock
workspace dependency being used inbin/foo-lib/Cargo.toml
commenting out the
replace-with
line in the config.toml resolves the issue.cargo-deny version
cargo-deny 0.16.1
What OS were you running cargo-deny on?
MacOS
Additional context
No response
The text was updated successfully, but these errors were encountered: