Add cargo audit

Author: Luni-4

.pre-commit-audit-config.yaml

@@ -0,0 +1,17 @@
+# Use a separate pre-commit config that runs only when Rust dependencies
+# are added, removed or modified.
+repos:
+-   repo: local
+    hooks:
+      - id: audit
+        name: audit
+        language: system
+        files: 'Cargo\.lock|Cargo\.toml$'
+        # FIXME
+        # RUSTSEC-2021-0131 --> https://rustsec.org/advisories/RUSTSEC-2021-0131
+        # RUSTSEC-2021-0124 --> https://rustsec.org/advisories/RUSTSEC-2021-0124
+        entry: cargo audit --ignore RUSTSEC-2021-0131 --ignore RUSTSEC-2021-0124
+        pass_filenames: false
+
+default_language_version:
+    python: python3

.taskcluster.yml

@@ -43,11 +43,13 @@ tasks:
                rustup component add clippy rustfmt &&
                rustup toolchain install nightly &&
                curl -L https://github.com/est31/cargo-udeps/releases/download/v0.1.25/cargo-udeps-v0.1.25-x86_64-unknown-linux-gnu.tar.gz | tar xz -C /usr/local/cargo/bin --strip-components 2 &&
+               curl -L https://github.com/rustsec/rustsec/releases/download/cargo-audit%2Fv0.16.0/cargo-audit-x86_64-unknown-linux-musl-v0.16.0.tgz | tar xzv -C /usr/local/cargo/bin --strip-components 1 &&
                git clone --quiet ${repository} &&
                cd rust-code-analysis &&
                git -c advice.detachedHead=false checkout ${head_rev} &&
                pip3 install --quiet pre-commit &&
                pre-commit run -a --show-diff-on-failure &&
+               pre-commit run --show-diff-on-failure -c .pre-commit-audit-config.yaml &&
                cargo test --workspace --verbose --all-features &&
                cd enums &&
                cargo build --verbose --all-features"