02e804e920
## Summary This provides the scaffolding (CLI and initial `uv-audit` crate) for a `uv audit` subcommand. Closes #9189. Tracking: - [x] Core CLI scaffolding (this PR) - [x] #18185 - [x] Audit core (probably a new `uv-audit` crate): #18124 - [ ] Bulk dependency audits with OSV - [ ] Result presentation - [ ] #18193 Things that also need to be done with the MVP: - [ ] We should not audit workspace members by default (by definition, they don't exist on indices and therefore don't have meaningful results from vulnerability services). - [ ] I need to ensure groups/etc. are being filtered by correctly, right now we audit every single package in the lockfile unconditionally. ## Test Plan Unit and integration tests commensurate with the new functionality. --------- Signed-off-by: William Woodruff <william@astral.sh>
91 lines
2.1 KiB
TOML
91 lines
2.1 KiB
TOML
doc-valid-idents = [
|
|
"PyPI",
|
|
"PubGrub",
|
|
"PyPy",
|
|
"CPython",
|
|
"GraalPy",
|
|
"ReFS",
|
|
"PyTorch",
|
|
"ROCm",
|
|
"XPU",
|
|
"PowerShell",
|
|
"CycloneDX",
|
|
"SemVer",
|
|
"UV_DEV",
|
|
"UV_FROZEN",
|
|
"UV_ISOLATED",
|
|
"UV_LOCKED",
|
|
"UV_MANAGED_PYTHON",
|
|
"UV_NATIVE_TLS",
|
|
"UV_NO_DEV",
|
|
"UV_NO_EDITABLE",
|
|
"UV_NO_ENV_FILE",
|
|
"UV_NO_INSTALLER_METADATA",
|
|
"UV_NO_MANAGED_PYTHON",
|
|
"UV_NO_PROGRESS",
|
|
"UV_NO_SYNC",
|
|
"UV_OFFLINE",
|
|
"UV_PREVIEW",
|
|
"UV_SHOW_RESOLUTION",
|
|
"UV_VENV_CLEAR",
|
|
"UV_VENV_SEED",
|
|
"..", # Include the defaults
|
|
]
|
|
|
|
disallowed-types = [
|
|
"std::fs::DirEntry",
|
|
"std::fs::File",
|
|
"std::fs::OpenOptions",
|
|
"std::fs::ReadDir",
|
|
"tokio::fs::DirBuilder",
|
|
"tokio::fs::DirEntry",
|
|
"tokio::fs::File",
|
|
"tokio::fs::OpenOptions",
|
|
"tokio::fs::ReadDir",
|
|
]
|
|
|
|
disallowed-methods = [
|
|
"std::fs::canonicalize",
|
|
"std::fs::copy",
|
|
"std::fs::create_dir",
|
|
"std::fs::create_dir_all",
|
|
"std::fs::hard_link",
|
|
"std::fs::metadata",
|
|
"std::fs::read",
|
|
"std::fs::read_dir",
|
|
"std::fs::read_link",
|
|
"std::fs::read_to_string",
|
|
"std::fs::remove_dir",
|
|
"std::fs::remove_dir_all",
|
|
"std::fs::remove_file",
|
|
"std::fs::rename",
|
|
"std::fs::set_permissions",
|
|
"std::fs::soft_link",
|
|
"std::fs::symlink_metadata",
|
|
"std::fs::write",
|
|
"tokio::fs::canonicalize",
|
|
"tokio::fs::copy",
|
|
"tokio::fs::create_dir",
|
|
"tokio::fs::create_dir_all",
|
|
"tokio::fs::hard_link",
|
|
"tokio::fs::metadata",
|
|
"tokio::fs::read",
|
|
"tokio::fs::read_dir",
|
|
"tokio::fs::read_link",
|
|
"tokio::fs::read_to_string",
|
|
"tokio::fs::remove_dir",
|
|
"tokio::fs::remove_dir_all",
|
|
"tokio::fs::remove_file",
|
|
"tokio::fs::rename",
|
|
"tokio::fs::set_permissions",
|
|
"tokio::fs::symlink_metadata",
|
|
"tokio::fs::try_exists",
|
|
"tokio::fs::write",
|
|
{ path = "std::os::unix::fs::symlink", allow-invalid = true },
|
|
{ path = "std::os::windows::fs::symlink_dir", allow-invalid = true },
|
|
{ path = "std::os::windows::fs::symlink_file", allow-invalid = true },
|
|
{ path = "tokio::fs::symlink", allow-invalid = true },
|
|
{ path = "tokio::fs::symlink_dir", allow-invalid = true },
|
|
{ path = "tokio::fs::symlink_file", allow-invalid = true },
|
|
]
|