- Upgraded from Cargo 0.69 to 0.75
- Instruct to use --locked for installation
- Upgraded from Cargo 0.67 to 0.69
- Fix panic with git dep without rev - thanks @ginger51011 [#462]
- Upgraded from Cargo 0.63 to 0.67
- Upgraded from rayon 1.5 to 1.6
- Bump lockfile
- Bump insta from 1.16 to 1.17 [#353], [#354]
- Bump regex from 0.5 to 0.6 [#348]
- Code clean-ups - thanks @jmcconnell26 [#333]
- Bump pico-args from 0.4 to 0.5 [#328]
- Upgraded from Cargo 0.62.0 to 0.63.0 [#345]
- Upgraded from Cargo 0.60.0 to 0.62.0 - thanks @jmcconnell26 [#317]
- Bump lockfile [#349]
- Add threaded scanning [#268]
- Upgraded dependencies including from Cargo 0.58.0 to 0.60.0 [#251], [#275]
- Upgraded dependencies including from Cargo 0.52.0 to 0.58.0 [#230], [#225]
- Removed a failing test case that depended on the crate version.
- Explore the dependency graph using cargo_metadata #16
- Add build without lock file to CI and upgrade the cargo dependency to 0.50. #183
- Feature: safety report in readme. #151
- Make
--quiet
take no value. #114 - Ability to generate a JSON report. #115
- Fix tree vine on dependency group line. #118
cargo-geiger-serde
, a crate with types for report serialization using serde. #121- Replace links that points to the old repository. #124
- Move report types to lib (
cargo-geiger-serde
). #125 - Add cargo tarpaulin step to CI #127
- Add code coverage badge to readme #128
- Add crates.io badges, current version, total downloads. #130
- Use GitHub Actions / actions-rs to ensure code is well-formatted. #131
- Add CONTRIBUTING.md file. #132
- Fixed small errors in Changelog. #134
- Add Dockerfile and use cargo chef to reduce docker build times locally. #148
- Create lib.rs to allow documentation tests to be written. #153
--update-readme
Writes output to README.md. Looks for a Safety Report section, replaces if found, adds if not. Throws an error if no README.md exists. #156- Refactor integration tests. #157
- Refactoring geiger lib and adding further testing. #158
- Accept Readme Path and Section Name as parameters. #159
- Update version of syn package used in geiger. #161
- Fix a bug where a report wasn't written if any warning. #162
- Add GitHub markdown formatting. #164
- Cleanup a trait only used in a unit test module. #165
- Run
cargo audit
as part of CI builds. #166 - Add new Ratio output type
--output-format=Ratio
. #167 - Clean only packages. #171
- Mark no_mangle functions as unsafe. #173
- Improved
README.md
#176 - Update graph module to use latest version of cargo_metadata. #178
- Explicitly enable serde for semver. #180
- Use DependencyKind from cargo_metadata. #182
- Add canary build without lockfile. #183
- Add cargo audit github action to run against head every day. #184
- Clean up error handling, remove unwrap() calls, logging. #188
- Update lint enforcement level based on issue. #189
- Implement Display for FoundWarningsError instead of relying on Debug. #191
- Add further testing. #192
- Fix Args::parse_args for -p option. #196
- Refactor mapping module to use traits. #197
- Fix into target kind function logic. #198
- Bump insta version. #199
- Upgrade dependencies; use cargo 1.52.0 for the new resolver. #201
- Bugfix: Avoid panic and log warnings on parse failure. #105
- Upgraded all dependencies.
- Expose the
cargo
crate feature:vendored-openssl
. #99 - Upgraded all dependencies.
- Upgraded all dependencies. #98
- Bugfix: Avoid counting the same crate multiple times. #79
- Upgraded cargo to 0.41. #85
- Upgraded all dependencies.
- Breaking change: Replaced structopt & clap with pico-args, to reduce
compile times #77. As a result the
-Z
flag now requires quotes around its list of sub arguments, other than that there should be no changes to the CLI.
- Bugfix: Count all expressions in unsafe functions and nested unsafe scopes, in geiger 0.4.1, #72 & #71.
- Bugfix: Properly account for possibly patched dependencies #70.
- Summary for each metrics column, #76.
- Now requires all entry points for a crate to declare
#[forbid(unsafe_code)]
for it to count as crate-wide. - New optional scan mode
--forbid-only
. This mode doesn't require any calls torustc
and only requires parsing the entry point.rs
files, making it much faster than the normal mode. - Updated dependencies.
- Bugfix: Fix dependency collection for mixed workspaces #66.
- Updated dependencies.
- Updated dependencies to fix #59.
- Updated all dependencies, geiger to 0.3.0.
- A tiny readme fix.
- There are now three crate scanning result variants #52:
- 🔒 No unsafe usage found and all build target entry point
.rs
source files, used by the build, declare#![forbid(unsafe_code)]
. Crates like this will be printed in green. - ❓ No unsafe usage found, but at least one build target entry point
.rs
file, used by the build, does not declare#[forbid(unsafe_code)]
. Crates like this will be printed in the default terminal foreground color. - ☢️ Unsafe usage found. Crates like this will be printed in red, same as in the previous version.
- 🔒 No unsafe usage found and all build target entry point
- Moved reusable parts, decoupled from
cargo
, to the new crate geiger. Main github issue: #30. - Some general refactoring and cleanup.
- Merge pull request #46 from alexmaco/dependency_kind_control. add options to filter dependencies by kind; defaults to Kind::Normal.
- Merge pull request #40 from jiminhsieh/rust-2018. Use Rust 2018 edition.
-
Bugfix: Merge pull request #33 from ajpaverd/windows_filepaths. Canonicalize file paths from walker.
-
Merge pull request #38 from anderejd/updated-deps. Updated deps and fixed build errors.
-
Merge pull request #28 from alexmaco/deps_upgrade. fix build on rust 1.30: upgrade petgraph to 0.4.13
-
Bugfix: Merge pull request #29 from alexmaco/invalid_utf8_source. fix handling source files with invalid utf8: lossy conversion to string
- Filters out tests by default. Tests can still be included by using
--include-tests
. The test code is filtered out by looking for the attribute#[test]
on functions and#[cfg(test)]
on modules.
- Bugfix: Some bugfixes related to cargo workspace path handling.
- Slightly better error messages in some cases.
- Intercepts
rustc
calls and reads the.d
files generated byrustc
to identify which.rs
files are used by the build. This allows a crate that contains.rs
files with unsafe code usage to pass as "green" if the unsafe code isn't used by the build. - Each metric is now printed as
x/y
, wherex
is the unsafe code used by the build andy
is the total unsafe usage found in the crate. - Removed the
--compact
output format to avoid some code complexity. A new and better compact mode can be added later if requested.
- Table based output format #9.
- Initial experimental versions.
- Mostly README.md updates.