Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unexpected #33

Open
CramBL opened this issue Jan 6, 2025 · 7 comments
Open

Unexpected #33

CramBL opened this issue Jan 6, 2025 · 7 comments

Comments

@CramBL
Copy link

CramBL commented Jan 6, 2025

Just added this action here luftkode/plotinator3000#148 but it fails with: Error: Unexpected token '2025-0"... is not valid JSON

I cannot see in the logs which version of cargo-audit runs which I think would be nice(!). But running it locally with the latest version 0.21.0 gives this output:

cargo audit
    Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 724 security advisories (from /home/marc/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (538 crate dependencies)
Crate:     proc-macro-error
Version:   1.0.4
Warning:   unmaintained
Title:     proc-macro-error is unmaintained
Date:      2024-09-01
ID:        RUSTSEC-2024-0370
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0370
Dependency tree:
proc-macro-error 1.0.4
└── hdf5-metno-derive 0.9.1
    └── hdf5-metno 0.9.2
        └── skytem_hdf 0.1.0
            └── plotinator3000 1.3.5

It runs fine but warns on an unmaintained dependency
@tarcieri
Copy link
Member

tarcieri commented Jan 6, 2025

It looks like debug logging is enabled and it's printing a large number of debug loglines, which is confusing audit-check

@CramBL
Copy link
Author

CramBL commented Jan 7, 2025

Interesting, thanks for the quick response. Is it something you intend to fix?

@tarcieri
Copy link
Member

tarcieri commented Jan 7, 2025

It seems like something in your workflow is triggering the debug output. Are you setting RUST_LOG=debug anywhere? This seems like something unusual with your environment.

This project is in very much in maintenance mode and I'm maintainer of last resort. The main way things get fixed is by people opening PRs to fix them. Perhaps it's consuming both stdout and stderr here when it should only be consuming stdout? I don't know and I don't have time to look.

@CramBL
Copy link
Author

CramBL commented Jan 7, 2025

Yes I am, at the top of the workflow I have this:

env:
  CARGO_TERM_COLOR: always
  RUSTFLAGS: -D warnings
  RUSTDOCFLAGS: -D warnings
  RUST_BACKTRACE: 1
  RUST_LOG: debug

That's very unfortunate if that's all it takes to break this action.

@tarcieri
Copy link
Member

tarcieri commented Jan 7, 2025

Removing that line should fix the problem

@CramBL
Copy link
Author

CramBL commented Jan 7, 2025

Okay but that's not an unusual configuration to have in a workflow, it's fine if you don't want to fix it but it's a bug.

@tarcieri
Copy link
Member

tarcieri commented Jan 7, 2025

Again, I’m a maintainer of last resort. If you want it fixed, open a PR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tarcieri @CramBL