Skip to content

Commit 7badeb8

Browse files
Fix rustls-webpki Dependabot alert and add cargo audit to CI (#160)
* Drop legacy AWS KMS TLS stack and gate deps with cargo audit. Disable aws-sdk-kms default rustls features to remove rustls-webpki 0.101.7, bump quinn for RUSTSEC-2026-0185, and run cargo audit on ubuntu-24.04-arm CI. Co-authored-by: Cursor <cursoragent@cursor.com> * Fix cargo audit CI step for cargo-audit 0.22 CLI. Run audit from greenfloor-engine/ because cargo-audit no longer accepts --manifest-path. Co-authored-by: Cursor <cursoragent@cursor.com> --------- Co-authored-by: Cursor <cursoragent@cursor.com>
1 parent b6f67e8 commit 7badeb8

3 files changed

Lines changed: 61 additions & 150 deletions

File tree

.github/workflows/ci.yml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -206,6 +206,17 @@ jobs:
206206
shared-key: test
207207
install-nextest: "true"
208208

209+
- name: Install cargo-audit
210+
if: matrix.os == 'ubuntu-24.04-arm'
211+
uses: taiki-e/install-action@v2
212+
with:
213+
tool: cargo-audit
214+
215+
- name: Cargo audit (greenfloor-engine)
216+
if: matrix.os == 'ubuntu-24.04-arm'
217+
working-directory: greenfloor-engine
218+
run: cargo audit
219+
209220
- name: Build and test greenfloor-engine
210221
run: cargo nextest run --manifest-path "${{ env.CARGO_MANIFEST }}" --features test-support
211222

0 commit comments

Comments
 (0)