Tweak docs to no longer ask for manual installation of cargo vet
.
I tested that after https://crrev.com/c/5366668 landed `//tools/crates/run_cargo_vet.py` works (using `//third_party/rust-toolchain/bin/cargo-vet`) without requiring an explicit installation step (I've verified that `locate` doesn't find any other `cargo-vet` binaries on my machine). Based on the above, this CL removes docs that ask for a separate installation step for `cargo vet`. Bug: 326234536 Change-Id: I8015fe700c5cc477d340e9205031b0bd533c1e10 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5387733 Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org> Reviewed-by: danakj <danakj@chromium.org> Auto-Submit: Łukasz Anforowicz <lukasza@chromium.org> Commit-Queue: danakj <danakj@chromium.org> Cr-Commit-Position: refs/heads/main@{#1276978}
This commit is contained in:

committed by
Chromium LUCI CQ

parent
85fa2139c5
commit
0aa1dcf440
@ -54,11 +54,6 @@ Additional notes:
|
|||||||
(e.g. Android, Fuchsia, etc.). This means that adding a new crate does not
|
(e.g. Android, Fuchsia, etc.). This means that adding a new crate does not
|
||||||
necessarily require a new audit if the crate has already been audited by
|
necessarily require a new audit if the crate has already been audited by
|
||||||
other projects.
|
other projects.
|
||||||
* Before using `tools/crates/run_cargo_vet.py` you may need to install the tool
|
|
||||||
by running:
|
|
||||||
`tools/crates/run_cargo.py install cargo-vet --locked --version=0.9.1`
|
|
||||||
- TODO(https://crbug.com/326234536): Prebuild `cargo-vet` and distribute
|
|
||||||
via/into `third_party/rust-toolchain` (i.e. together with `rustc`).
|
|
||||||
* For now we kindly ask you that audit updates in `audits.toml`
|
* For now we kindly ask you that audit updates in `audits.toml`
|
||||||
should be part of the submitted CL so that `run_cargo_vet.py check` will
|
should be part of the submitted CL so that `run_cargo_vet.py check` will
|
||||||
continue to pass after the CL lands.
|
continue to pass after the CL lands.
|
||||||
|
@ -80,10 +80,6 @@ To use a third-party crate "bar" version 3 from first party code:
|
|||||||
1. Verify if all new dependencies are already audited by running `cargo vet`
|
1. Verify if all new dependencies are already audited by running `cargo vet`
|
||||||
See [`rust-unsafe.md#cargo-vet-policy`](rust-unsafe.md#cargo-vet-policy) for
|
See [`rust-unsafe.md#cargo-vet-policy`](rust-unsafe.md#cargo-vet-policy) for
|
||||||
more details. This boils down to:
|
more details. This boils down to:
|
||||||
* Install `cargo vet` if it's not yet installed:
|
|
||||||
* `tools/crates/run_cargo.py install cargo-vet --locked --version=0.9.1`
|
|
||||||
* TODO: Pre-package `cargo-vet` into `rust-toolchain`:
|
|
||||||
https://crrev.com/c/5366668
|
|
||||||
* `./tools/crates/run_cargo_vet.py check`
|
* `./tools/crates/run_cargo_vet.py check`
|
||||||
* If `check` fails, then there are missing audits, which need to be added to
|
* If `check` fails, then there are missing audits, which need to be added to
|
||||||
`//third_party/rust/chromium_crates_io/supply-chain/audits.toml`.
|
`//third_party/rust/chromium_crates_io/supply-chain/audits.toml`.
|
||||||
|
@ -77,10 +77,6 @@ closest to `origin/main`):
|
|||||||
that the automated script has listed in the CL description (e.g. if some
|
that the automated script has listed in the CL description (e.g. if some
|
||||||
of the criteria are already covered by `audits.toml` imported from other
|
of the criteria are already covered by `audits.toml` imported from other
|
||||||
projects).
|
projects).
|
||||||
- Install `cargo vet` if it's not yet installed:
|
|
||||||
* `tools/crates/run_cargo.py install cargo-vet --locked --version=0.9.1`
|
|
||||||
* TODO: Pre-package `cargo-vet` into `rust-toolchain`:
|
|
||||||
https://crrev.com/c/5366668
|
|
||||||
1. Follow the cargo vet instructions to inspect diffs and certify the results
|
1. Follow the cargo vet instructions to inspect diffs and certify the results
|
||||||
1. `git add third_party/rust/chromium_crates_io/supply-chain`.
|
1. `git add third_party/rust/chromium_crates_io/supply-chain`.
|
||||||
`git commit -m 'cargo vet'`
|
`git commit -m 'cargo vet'`
|
||||||
|
Reference in New Issue
Block a user