You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The audit-check which uses --json cannot be made to fail on warnings. See: actions-rs/audit-check#132 (audit-check requires that it is solved for the .cargo/audit.toml case.)
I have not investigated whether other relevant command line/audit.toml options are respected in json output when they should be.
I’m hitting this too, it seems like it’s not possible to have the audit-check action deny warnings currently, unfortunately. I guess I’ll stay with a hand-rolled audit action, even though it’s sad considering the work that seems to have been put into the audit-check action :)
0.14.1
Reproduction steps
Run
$cargo audit
and see the warning.Promote that warning to an error and see the error
$cargo audit --deny warnings
.Now run with and without
--deny warnings
and--json
.$ cargo audit --json
$ cargo audit --deny warnings --json
Expect
The warning to be promoted to an error in the json.
Actual
No difference is seen, it remains a warning:
Additionally, you can reproduce this with a
.cargo/audit.toml
:Consequences
The audit-check which uses
--json
cannot be made to fail on warnings. See: actions-rs/audit-check#132 (audit-check
requires that it is solved for the.cargo/audit.toml
case.)I have not investigated whether other relevant command line/
audit.toml
options are respected in json output when they should be.An MCVE is here: alan-signal/cargo-audit-action#1 with the issue as seen with
audit-check
.The text was updated successfully, but these errors were encountered: