in src/main.rs [1504:1595]
fn apply_cmd_trust(
out: &Arc<dyn Out>,
cfg: &Config,
store: &mut Store,
network: Option<&Network>,
package: &str,
publisher_login: &str,
start_date: Option<chrono::NaiveDate>,
end_date: Option<chrono::NaiveDate>,
criteria: &[CriteriaName],
notes: Option<&String>,
) -> Result<(), miette::Report> {
// Fetch publisher information for relevant versions of `package`.
let publishers = store.ensure_publisher_versions(cfg, network, package)?;
let published_versions = publishers
.iter()
.filter(|publisher| publisher.user_login == publisher_login);
let earliest = published_versions.min_by_key(|p| p.when).ok_or_else(|| {
CertifyError::NotAPublisher(publisher_login.to_owned(), package.to_owned())
})?;
let user_id = earliest.user_id;
// Get the from and to dates, defaulting to a from date of the earliest
// published package by the user, and a to date of 12 months from today.
let start = start_date.unwrap_or(earliest.when);
let end = end_date.unwrap_or(cfg.today() + chrono::Months::new(12));
let criteria_names = criteria_picker(
out,
&store.audits.criteria,
if criteria.is_empty() {
vec![format::SAFE_TO_DEPLOY.to_owned()]
} else {
criteria.to_owned()
},
if criteria.is_empty() {
Some(format!(
"choose trusted criteria for {package}:* published by {publisher_login}"
))
} else {
None
}
.as_ref(),
)?;
let criteria = criteria_names.into_iter().map(Spanned::from).collect();
// Check if we have an existing trust entry which could be extended to
// handle a wider date range, and update that instead if possible.
let trust_entries = store.audits.trusted.entry(package.to_owned()).or_default();
if let Some(trust_entry) = trust_entries.iter_mut().find(|trust_entry| {
trust_entry.criteria == criteria
&& trust_entry.user_id == user_id
&& start <= *trust_entry.start
&& *trust_entry.end <= end
&& notes.is_none()
}) {
trust_entry.start = start.into();
trust_entry.end = end.into();
} else {
trust_entries.push(TrustEntry {
criteria,
user_id,
start: start.into(),
end: end.into(),
notes: notes.cloned(),
aggregated_from: vec![],
});
}
store
.validate(cfg.today(), false)
.expect("the new trusted entry made the store invalid?");
// Minimize exemptions and audits after adding the new trust entry. This will be used to
// potentially update imports, and remove now-unnecessary exemptions for the target package. We
// only prefer fresh imports and prune exemptions for the package we trusted, to avoid
// unrelated changes.
resolver::update_store(cfg, store, |name| resolver::UpdateMode {
search_mode: if name == package {
resolver::SearchMode::PreferFreshImports
} else {
resolver::SearchMode::PreferExemptions
},
prune_exemptions: name == package,
prune_non_importable_audits: name == package,
prune_imports: false,
});
Ok(())
}