chore(deps): Add deny.yaml and a cargo deny CI job to check dependenc…

…ies for vulnerabilities Signed-off-by: Joshua Potts <[email protected]>
launchbadge · Jan 23, 2024 · 1ed24b5 · 1ed24b5
1 parent 5890afe
commit 1ed24b5
Show file tree

Hide file tree

Showing 6 changed files with 136 additions and 81 deletions.
diff --git a/.github/workflows/sqlx.yml b/.github/workflows/sqlx.yml
@@ -8,6 +8,13 @@ on:
       - '*-dev'
 
 jobs:
+  deny:
+    name: Cargo Deny
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: EmbarkStudios/cargo-deny-action@v1
+
   format:
     name: Format
     runs-on: ubuntu-20.04

diff --git a/.gitignore b/.gitignore
@@ -17,3 +17,6 @@ target/
 # Integration testing extension library for SQLite.
 ipaddr.dylib
 ipaddr.so
+
+# Temporary files from running the tests locally like they would be run from CI
+.sqlx
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -161,7 +161,7 @@ sqlx-sqlite = { workspace = true, optional = true }
 anyhow = "1.0.52"
 time_ = { version = "0.3.2", package = "time" }
 futures = "0.3.19"
-env_logger = "0.9.0"
+env_logger = "0.11"
 async-std = { version = "1.12.0", features = ["attributes"] }
 tokio = { version = "1.15.0", features = ["full"] }
 dotenvy = "0.15.0"
@@ -175,7 +175,7 @@ rand = "0.8.4"
 rand_xoshiro = "0.6.0"
 hex = "0.4.3"
 tempfile = "3.9.0"
-criterion = {version = "0.4", features = ["async_tokio"]}
+criterion = { version = "0.5", features = ["async_tokio"] }
 
 # Needed to test SQLCipher
 libsqlite3-sys = { version = "0.27", features = ["bundled-sqlcipher"] }