Skip to content
This repository has been archived by the owner on Dec 11, 2024. It is now read-only.

Commit

Permalink
Merge branch 'main' into crandmck/update-contributing
Browse files Browse the repository at this point in the history
  • Loading branch information
crandmck authored Dec 2, 2024
2 parents ee12398 + 5b5960c commit 9058501
Show file tree
Hide file tree
Showing 8 changed files with 277 additions and 110 deletions.
25 changes: 22 additions & 3 deletions .github/workflows/publish-and-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -126,9 +126,9 @@ jobs:
strategy:
fail-fast: false
matrix:
os: [macos-latest, ubuntu-latest, windows-latest]
rust_version: [stable]
experimental: [false]
os: [ macos-latest, ubuntu-latest, windows-latest ]
rust_version: [ stable ]
experimental: [ false ]
include:
- os: macos-latest
artifact_name: c2patool_mac_universal.zip
Expand All @@ -152,6 +152,12 @@ jobs:
toolchain: ${{ matrix.rust_version }}
components: llvm-tools-preview

- name: Install cargo-sbom
uses: baptiste0928/cargo-install@v3
with:
crate: cargo-sbom
version: '0.9.1'

- name: Cache Rust dependencies
uses: Swatinem/rust-cache@v2

Expand All @@ -166,3 +172,16 @@ jobs:
asset_name: ${{ matrix.uploaded_asset_name }}
tag: ${{ needs.repo-prep.outputs.new-tag }}
overwrite: true

- name: Generate SBOM
run: cargo sbom > c2patool.${{ matrix.os }}.sbom.json

- name: Upload SBOM to Github
uses: svenstaro/upload-release-action@v1-release
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: c2patool.${{ matrix.os }}.sbom.json
asset_name: c2patool-${{ needs.repo-prep.outputs.new-tag }}-sbom.json
tag: ${{ needs.repo-prep.outputs.new-tag }}
overwrite: true

78 changes: 40 additions & 38 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 6 additions & 3 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@ version = "0.9.12"

description = "Tool for displaying and creating C2PA manifests."
authors = [
"Gavin Peacock <[email protected]>",
"Maurice Fisher <[email protected]>",
"Gavin Peacock <[email protected]>",
"Maurice Fisher <[email protected]>",
]
license = "MIT OR Apache-2.0"
documentation = "https://opensource.contentauthenticity.org/docs/c2patool"
Expand All @@ -22,11 +22,13 @@ repository = "https://github.com/contentauth/c2patool"

[dependencies]
anyhow = "1.0"
c2pa = { version = "0.37.0", features = [
atree = "0.5.2"
c2pa = { version = "0.38.0", features = [
"fetch_remote_manifests",
"file_io",
"add_thumbnails",
"pdf",
"unstable_api",
] }
clap = { version = "4.5.10", features = ["derive", "env"] }
env_logger = "0.11.4"
Expand All @@ -36,6 +38,7 @@ serde = { version = "1.0", features = ["derive"] }
serde_derive = "1.0"
serde_json = "1.0"
tempfile = "3.3"
treeline = "0.1.0"
pem = "3.0.3"
openssl = { version = "0.10.61", features = ["vendored"] }
reqwest = { version = "0.12.4", features = ["blocking"] }
Expand Down
1 change: 1 addition & 0 deletions deny.toml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ yanked = "deny"
ignore = [
"RUSTSEC-2021-0127", # serde_cbor
"RUSTSEC-2023-0071", # rsa Marvin Attack: (https://jira.corp.adobe.com/browse/CAI-5104)
"RUSTSEC-2024-0384", # instant (https://github.com/contentauth/c2pa-rs/issues/663)
]
# Deny multiple versions unless explicitly skipped.
[bans]
Expand Down
Loading

0 comments on commit 9058501

Please sign in to comment.