Skip to content

cargo-allow v0.1.9

Latest
Latest

Choose a tag to compare

View all tags
@EffortlessSteven EffortlessSteven released this 16 Jun 04:04
· 17 commits to main since this release
v0.1.9
7d47f4a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

cargo-allow v0.1.9

cargo-allow v0.1.9 is a maintenance patch focused on receipt adoption quality
for gate consumers. It does not introduce new scanner features.

Default cargo-allow behavior remains the source-exception ledger:

cargo-allow audit
cargo-allow check --mode no-new
cargo-allow diff --base origin/main
cargo-allow worklist --format json

Highlights

  • Populates counts.review_due in check receipts and aligns matcher outcomes
    with list / worklist review-due posture.
  • Writes machine-readable error receipts on exit-2 validation failures so
    stale passing evidence cannot linger at a fixed --receipt path.
  • Accepts integer schema_version spellings and names ledger file paths in
    policy parse errors.
  • Records effective mode, enforcement, policy_config, and tool_version
    in check receipts for gate provenance.
  • Carries test hardening, module decomposition, and ripr 0.10.0 readiness
    work without expanding scanner claim boundaries.

Install

cargo install cargo-allow --version 0.1.9 --locked

Claim Boundary

cargo-allow scans source-tree inventory without executing repository code. This
release improves receipt fidelity and adoption ergonomics; it does not add
macro-expanded, type-aware, MIR-level, build-aware, control-flow, data-flow,
unsafe-proof, test-adequacy, or coverage-proof behavior.

More

Assets 2
Loading