You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently you can only specify one target os or arch for filtering vulnerabilities. This choice seems odd to me, because supporting a fixed number of platforms should be pretty popular use-case. If someone wants to check for vulnerabilities only for windows and linux, then the only option is to run cargo audit twice, each time passing different argument to --target-os. And if one wants to configure cargo audit with audit.toml, then this is impossible, since there is no way to change path to config file.
I propose that target os and target arch keys could be specified multiple times, both on CLI and in config file. Then when filtering vulnerabilities cargo audit should look at the union of all passed targets.
The text was updated successfully, but these errors were encountered:
When it comes to the config file, backwards compatibility is important, but luckily it is also very easy to do. Serde's untagged enum can dispatch between old and new config values.
Currently you can only specify one target os or arch for filtering vulnerabilities. This choice seems odd to me, because supporting a fixed number of platforms should be pretty popular use-case. If someone wants to check for vulnerabilities only for
windows
andlinux
, then the only option is to runcargo audit
twice, each time passing different argument to--target-os
. And if one wants to configurecargo audit
withaudit.toml
, then this is impossible, since there is no way to change path to config file.I propose that target os and target arch keys could be specified multiple times, both on CLI and in config file. Then when filtering vulnerabilities
cargo audit
should look at the union of all passed targets.The text was updated successfully, but these errors were encountered: