mirror of
https://github.com/marcoallegretti/karapace.git
synced 2026-03-26 21:43:09 +00:00
abb89d298a
- Pin cargo-cyclonedx@0.5.5 in scripts/generate-sbom.sh (matches CI) - Remove hardcoded /home/lateuf paths from .cargo/config.toml - Remove stale 'quick' command reference from CHANGELOG 0.1.0
22 lines
873 B
TOML
22 lines
873 B
TOML
# Supply-chain hardening: deterministic builds
|
|
#
|
|
# Path remapping eliminates local filesystem paths from binaries.
|
|
# CI sets RUSTFLAGS env var which OVERRIDES build.rustflags below.
|
|
# SOURCE_DATE_EPOCH=0 ensures no build timestamps leak.
|
|
#
|
|
# NOTE: Local dev builds use build.rustflags for path remapping.
|
|
# CI builds use the RUSTFLAGS env var instead (takes precedence).
|
|
# This means local builds get local remapping, CI gets CI remapping.
|
|
|
|
[env]
|
|
SOURCE_DATE_EPOCH = "0"
|
|
|
|
# [build]
|
|
# Path remapping for local dev builds is optional.
|
|
# CI RUSTFLAGS override build.rustflags entirely.
|
|
# strip = true in profile.release removes debug paths from binaries.
|
|
# Uncomment and adjust for your system if you want local path remapping:
|
|
# rustflags = [
|
|
# "--remap-path-prefix", "/home/YOU/.cargo/registry/src=crate",
|
|
# "--remap-path-prefix", "/home/YOU/Projects/Karapace=src",
|
|
# ]
|