cargo-report

Generate reports for integration with external software.

Features

Supported integrations:

• GitLab Dependency Scan: report vulnerable crates using the RustSec advisory database. This GitLab feature currently requires GitLab Ultimate.

GitLab CI

To use the GitLab dependency scanning feature, add the following to your .gitlab-ci.yml file. This will always use the latest released version of cargo-report. You may pin to a specific version by changing :latest to your desired version (for example, :0.2.0).

scan-dependencies:
  stage: test
  allow_failure: true
  artifacts:
    reports:
      dependency_scanning: gl-dependency-scanning.json
  image: registry.gitlab.com/cargo-report/cargo-report:latest
  script:
    - cargo-report gitlab-dependencies

Contributing

• Write commit messages using the Conventional Commits format.
• Open a merge request against the master branch.

License

This software is licensed under the terms of the MIT license or the Apache License (Version 2.0), at your option.

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be dual licensed as above, without any additional terms or conditions.