Closed SVilgelm closed 4 months ago
I'm guessing you or crates.io had a temporary connection issue and cargo was unable to download the index entry for that crate as I cannot repro this issue. cargo-deny does not itself fetch crates nor their index entries but leaves that to cargo. And the advisories-dbs directory only contains clones of advisory databses (eg https://github.com/RustSec/advisory-db), it's completely unrelated to yank checking.
Feel free to re-open if this problem persists.
@Jake-Shadle Do you know how can I debug this issue, because it is constant and reproducible every time on my laptop?
$CARGO_HOME/registry/index/index.crates.io-6f17d22bba15001f/.cache/sx/d-/sxd-xpath
, if you are using the git index it should be $CARGO_HOME/registry/index/github.com-1ecc6299db9ec823/.cache/sx/d-/sxd-xpath
Basically, you can set a breakpoint here and step through until the error is clear. I'll make a PR to actually show the full error in the diagnostic in the meantime since the current one is so unhelpful.
Okay, i've figured out. I work for Microsoft, and due to security rules, we cannot fetch the crates from crates.io, instead we have to use the Azure DevOpst feeds, like an internal mirror. So, the .cargo/config.toml
file has an override for crates-io
source:
[registries]
WlmOxide = { index = "sparse+https://.../WlmOxide/Cargo/index/" }
[source.crates-io]
replace-with = "WlmOxide"
which means, that cargo
tool does not fetch anything from crates.io
, but fetches from the internal registry. And the deny
worked only because I cloned some other projects on my laptop and build them, so cargo
was able to fetch some crates from crates.io
. And the issue I had was because of the outdated index.
Now deny
works fine, I commented out those lines, run cargo update --dry-run
to fetch the crates from crates.io
and no issues :)
thank you for your help!
Describe the bug
To reproduce
sxd-xpath
as dependencycargo deny check all
cargo-deny version
cargo-deny 0.14.16
What OS were you running cargo-deny on?
Windows
Additional context
the 0.4.2 version is present in the db: https://github.com/rust-lang/crates.io-index/blob/master/sx/d-/sxd-xpath#L9
but the crate is not present in the advisory-dbs folder: CARGO_HOME\advisory-dbs\github.com-2f857891b7f43c59\crates