pinner 0.0.10

Secure CI/CD workflows by pinning mutable tags to immutable SHA-1 hashes. A high-performance Rust CLI that preserves YAML formatting and comments. Supports GitHub, GitLab, Bitbucket, Forgejo, and Docker image pinning.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

# cargo-deny configuration

[graph]
# Check for multiple versions of the same crate
targets = []
all-features = true
no-default-features = false

[advisories]
db-path = "~/.cargo/advisories"
db-urls = ["https://github.com/rustsec/advisory-db"]
# vulnerability check is now implicit and always on
unmaintained = "workspace"
unsound = "all"
yanked = "deny"
ignore = [
    "RUSTSEC-2023-0071", # Marvin Attack: timing sidechannel in rsa (no fix available, CLI usage only)
]

[licenses]
# Allow common open source licenses
allow = [
    "MIT",
    "Apache-2.0",
    "BSD-3-Clause",
    "ISC",
    "MPL-2.0",
    "Unicode-3.0",
    "CDLA-Permissive-2.0",
    "Zlib",
    "BSL-1.0",
]
confidence-threshold = 0.8

[bans]
multiple-versions = "warn"
wildcards = "deny"