Skip to content

Move to using latest cargo login and upgrade cargo-audit to latest version #14

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ebourgeois merged 1 commit into from
Dec 23, 2025
Merged

Move to using latest cargo login and upgrade cargo-audit to latest version #14

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion rust/package-crate/action.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,5 +70,11 @@ runs:
if [ -d "target/package" ]; then
echo ""
echo "Packaged crate(s):"
ls -lh target/package/*.crate 2>/dev/null || echo "No .crate files found in target/package"
if compgen -G "target/package/*.crate" > /dev/null 2>&1; then
for file in target/package/*.crate; do
ls -lh "$file"
done
else
echo "No .crate files found in target/package"
fi
fi
14 changes: 12 additions & 2 deletions rust/publish-crate/action.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,13 +38,23 @@ runs:
with:
require-cargo: true

- name: Login to crates.io
shell: bash
env:
CARGO_REGISTRY_TOKEN: ${{ inputs.token }}
run: |
# Use cargo login with token from environment variable
# This is the recommended approach instead of --token flag
cargo login

- name: Publish crate
shell: bash
run: |
set -e

# Build cargo command
CMD="cargo publish --token ${{ inputs.token }}"
# Note: Authentication is handled by cargo login step above
CMD="cargo publish"

# Add package flag for workspace crates
if [ "${{ inputs.workspace }}" = "true" ] && [ -n "${{ inputs.package }}" ]; then
Expand Down Expand Up @@ -73,7 +83,7 @@ runs:
CMD="$CMD ${{ inputs.cargo-args }}"
fi

echo "Running: cargo publish [token hidden] ..."
echo "Running: $CMD"
$CMD

if [ "${{ inputs.dry-run }}" = "true" ]; then
Expand Down
4 changes: 2 additions & 2 deletions rust/security-scan/action.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ inputs:
cargo-audit-version:
description: 'Version of cargo-audit to install'
required: false
default: '0.21.0'
default: '0.22.0'
upload-artifact-name:
description: 'Name for the audit report artifact'
required: false
Expand Down Expand Up @@ -50,7 +50,7 @@ runs:
- name: Install cargo-audit
if: steps.cache-cargo-audit.outputs.cache-hit != 'true'
shell: bash
run: cargo install cargo-audit --version ${{ inputs.cargo-audit-version }} --locked
run: cargo install cargo-audit --version ${{ inputs.cargo-audit-version }} --locked --force

- name: Run cargo audit (JSON output for reporting)
id: audit_json
Expand Down
Loading