-
-
Notifications
You must be signed in to change notification settings - Fork 47
/
Copy pathCargo.toml
77 lines (72 loc) · 2.11 KB
/
Cargo.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
[package]
name = "zizmor"
description = "Static analysis for GitHub Actions"
version = "1.3.1"
edition = "2021"
repository = "https://github.com/woodruffw/zizmor"
homepage = "https://github.com/woodruffw/zizmor"
documentation = "https://woodruffw.github.io/zizmor/"
authors = ["William Woodruff <[email protected]>"]
license = "MIT"
keywords = ["cli", "github-actions", "static-analysis", "security"]
categories = ["command-line-utilities"]
rust-version = "1.80.1"
[features]
# Test-only: enable online audits that make use of a GitHub token via GH_TOKEN.
gh-token-tests = []
# Test-only: enable all online audits.
online-tests = ["gh-token-tests"]
[dependencies]
annotate-snippets = "0.11.5"
anstream = "0.6.18"
anyhow = "1.0.95"
camino = { version = "1.1.9", features = ["serde1"] }
clap = { version = "4.5.27", features = ["derive", "env"] }
clap-verbosity-flag = { version = "3.0.2", features = [
"tracing",
], default-features = false }
etcetera = "0.8.0"
flate2 = "1.0.35"
github-actions-models = "0.25.0"
http-cache-reqwest = "0.15.1"
human-panic = "2.0.1"
indexmap = "2.7.1"
indicatif = "0.17.11"
itertools = "0.14.0"
line-index = "0.1.2"
owo-colors = "4.1.0"
pest = "2.7.15"
pest_derive = "2.7.15"
regex = "1.11.1"
reqwest = { version = "0.12.12", features = [
"blocking",
"json",
"rustls-tls",
], default-features = false }
reqwest-middleware = "0.4.0"
serde = { version = "1.0.217", features = ["derive"] }
serde-sarif = "0.7.0"
serde_json = "1.0.138"
serde_yaml = "0.9.34"
# TODO remove pending https://github.com/tree-sitter/tree-sitter/pull/4034
streaming-iterator = "0.1.9"
tar = "0.4.43"
terminal-link = "0.1.0"
tokio = { version = "1.43.0", features = ["rt-multi-thread"] }
tracing = "0.1.41"
tracing-indicatif = "0.3.9"
tracing-subscriber = { version = "0.3.19", features = ["env-filter"] }
tree-sitter = "0.24.7"
tree-sitter-bash = "0.23.3"
tree-sitter-powershell = "0.24.4"
yamlpath = "0.14.0"
[profile.dev.package]
insta.opt-level = 3
similar.opt-level = 3
[profile.release]
lto = true
[dev-dependencies]
assert_cmd = "2.0.16"
insta = { version = "1.42.1" }
pretty_assertions = "1.4.1"
serde_json_path = "0.7.1"