From 445603401d79e2971ec604d8b9f892c6767e7430 Mon Sep 17 00:00:00 2001 From: Luni-4 Date: Sun, 19 Nov 2023 16:35:03 +0100 Subject: [PATCH] ci/Check dependencies (#895) --- .github/workflows/dependencies.yml | 53 ++++++++++++ Cargo.toml | 3 +- burn-autodiff/src/ops/mod.rs | 1 - burn-core/src/module/param/mod.rs | 1 - burn-core/src/nn/cache/mod.rs | 1 - burn-dataset/Cargo.toml | 3 + burn-import/Cargo.toml | 1 - burn-import/onnx-tests/Cargo.toml | 1 + burn-tensor-testgen/Cargo.toml | 1 - burn-wgpu/Cargo.toml | 1 - burn-wgpu/src/compute/server.rs | 5 +- burn-wgpu/src/kernel/reduce/tune/mod.rs | 1 - deny.toml | 104 ++++++++++++++++++++++++ examples/mnist-inference-web/Cargo.toml | 1 - examples/text-classification/Cargo.toml | 2 +- examples/text-generation/Cargo.toml | 2 +- xtask/Cargo.toml | 1 + 17 files changed, 170 insertions(+), 12 deletions(-) create mode 100644 .github/workflows/dependencies.yml create mode 100644 deny.toml diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml new file mode 100644 index 000000000..ad703de67 --- /dev/null +++ b/.github/workflows/dependencies.yml @@ -0,0 +1,53 @@ +name: dependencies + +on: + push: + branches: + - main + paths: + - '**/Cargo.lock' + - '**/Cargo.toml' + pull_request: + types: [opened, synchronize] + paths: + - '**/Cargo.lock' + - '**/Cargo.toml' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + dependencies: + runs-on: ubuntu-latest + + steps: + + - name: checkout + uses: actions/checkout@v4 + + - name: Audit Rust dependencies + uses: actions-rust-lang/audit@v1 + + - name: Detect multiple versions of the same crate + uses: EmbarkStudios/cargo-deny-action@v1 + with: + command: check bans licenses sources + + - name: Install Rust nightly + uses: dtolnay/rust-toolchain@nightly + with: + toolchain: nightly + components: rustfmt + + - name: Install cargo-udeps + env: + UDEPS_LINK: https://github.com/est31/cargo-udeps/releases/download + UDEPS_VERSION: v0.1.43 + run: | + curl -L "$UDEPS_LINK/$UDEPS_VERSION/cargo-udeps-$UDEPS_VERSION-x86_64-unknown-linux-gnu.tar.gz" | + tar xz -C $HOME/.cargo/bin --strip-components 2 + + - name: Run cargo-udeps + run: | + cargo +nightly udeps --all-targets diff --git a/Cargo.toml b/Cargo.toml index 4079238cf..7ee219797 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,4 +1,5 @@ [workspace] +# Try # require version 2 to avoid "feature" additiveness for dev-dependencies # https://doc.rust-lang.org/cargo/reference/resolver.html#feature-resolver-version-2 resolver = "2" @@ -75,7 +76,7 @@ wasm-logger = "0.2.0" futures-intrusive = "0.5" pollster = "0.3" text_placeholder = { version = "0.5.0", features = ["struct_context"] } -wgpu = "0.17.1" +wgpu = "0.18.0" # # The following packages disable the "std" feature for no_std compatibility diff --git a/burn-autodiff/src/ops/mod.rs b/burn-autodiff/src/ops/mod.rs index e0e63686d..b1de04330 100644 --- a/burn-autodiff/src/ops/mod.rs +++ b/burn-autodiff/src/ops/mod.rs @@ -10,4 +10,3 @@ pub(crate) mod maxmin; pub use backward::*; pub use base::*; -pub use int_tensor::*; diff --git a/burn-core/src/module/param/mod.rs b/burn-core/src/module/param/mod.rs index 39fae4c36..d569d25d0 100644 --- a/burn-core/src/module/param/mod.rs +++ b/burn-core/src/module/param/mod.rs @@ -10,5 +10,4 @@ pub use base::*; pub use constant::*; pub use id::*; pub use running::*; -pub use tensor::*; pub use visitor::*; diff --git a/burn-core/src/nn/cache/mod.rs b/burn-core/src/nn/cache/mod.rs index 39f532180..8050cb462 100644 --- a/burn-core/src/nn/cache/mod.rs +++ b/burn-core/src/nn/cache/mod.rs @@ -1,5 +1,4 @@ mod autoregressive; mod base; -pub use autoregressive::*; pub use base::*; diff --git a/burn-dataset/Cargo.toml b/burn-dataset/Cargo.toml index a9be07f88..8996dcfca 100644 --- a/burn-dataset/Cargo.toml +++ b/burn-dataset/Cargo.toml @@ -51,3 +51,6 @@ thiserror = {workspace = true} rayon = {workspace = true} rstest = {workspace = true} fake = {workspace = true} + +[package.metadata.cargo-udeps.ignore] +normal = ["strum", "strum_macros"] diff --git a/burn-import/Cargo.toml b/burn-import/Cargo.toml index 8aeea0691..69fa3aa5f 100644 --- a/burn-import/Cargo.toml +++ b/burn-import/Cargo.toml @@ -41,4 +41,3 @@ protobuf-codegen = {workspace = true} [dev-dependencies] pretty_assertions = {workspace = true} -rstest = {workspace = true} diff --git a/burn-import/onnx-tests/Cargo.toml b/burn-import/onnx-tests/Cargo.toml index 18926db85..f6a696c73 100644 --- a/burn-import/onnx-tests/Cargo.toml +++ b/burn-import/onnx-tests/Cargo.toml @@ -2,6 +2,7 @@ name = "onnx-tests" version = "0.11.0" edition = "2021" +license = "MIT OR Apache-2.0" [dev-dependencies] burn = { path = "../../burn" } diff --git a/burn-tensor-testgen/Cargo.toml b/burn-tensor-testgen/Cargo.toml index 1a0480a64..b85aee974 100644 --- a/burn-tensor-testgen/Cargo.toml +++ b/burn-tensor-testgen/Cargo.toml @@ -14,4 +14,3 @@ proc-macro = true [dependencies] proc-macro2 = {workspace = true} quote = {workspace = true} -syn = {workspace = true} diff --git a/burn-wgpu/Cargo.toml b/burn-wgpu/Cargo.toml index 7e794099d..93d554288 100644 --- a/burn-wgpu/Cargo.toml +++ b/burn-wgpu/Cargo.toml @@ -53,7 +53,6 @@ burn-tensor = { path = "../burn-tensor", version = "0.11.0", default-features = burn-ndarray = { path = "../burn-ndarray", version = "0.11.0" } burn-fusion = { path = "../burn-fusion", version = "0.11.0" } serial_test = "2.0.0" -pretty_assertions = {workspace = true} [[bench]] name = "matmul" diff --git a/burn-wgpu/src/compute/server.rs b/burn-wgpu/src/compute/server.rs index 1789f2f00..5187d679e 100644 --- a/burn-wgpu/src/compute/server.rs +++ b/burn-wgpu/src/compute/server.rs @@ -136,7 +136,10 @@ where let mut compute = self .encoder - .begin_compute_pass(&wgpu::ComputePassDescriptor { label: None }); + .begin_compute_pass(&wgpu::ComputePassDescriptor { + label: None, + timestamp_writes: None, + }); for task in self.tasks.iter() { compute.set_pipeline(&task.pipeline); diff --git a/burn-wgpu/src/kernel/reduce/tune/mod.rs b/burn-wgpu/src/kernel/reduce/tune/mod.rs index fed0dbb8b..306269726 100644 --- a/burn-wgpu/src/kernel/reduce/tune/mod.rs +++ b/burn-wgpu/src/kernel/reduce/tune/mod.rs @@ -3,7 +3,6 @@ mod key; mod mean_dim; mod sum_dim; -pub use base::*; pub use key::*; pub use mean_dim::*; pub use sum_dim::*; diff --git a/deny.toml b/deny.toml new file mode 100644 index 000000000..db6f42817 --- /dev/null +++ b/deny.toml @@ -0,0 +1,104 @@ +# If 1 or more target triples (and optionally, target_features) are specified, +# only the specified targets will be checked when running `cargo deny check`. +# This means, if a particular package is only ever used as a target specific +# dependency, such as, for example, the `nix` crate only being used via the +# `target_family = "unix"` configuration, that only having windows targets in +# this list would mean the nix crate, as well as any of its exclusive +# dependencies not shared by any other crates, would be ignored, as the target +# list here is effectively saying which targets you are building for. +targets = [ + { triple = "x86_64-unknown-linux-gnu" }, + { triple = "aarch64-unknown-linux-gnu" }, + { triple = "x86_64-unknown-linux-musl" }, + { triple = "aarch64-apple-darwin" }, + { triple = "x86_64-apple-darwin" }, + { triple = "x86_64-pc-windows-msvc" }, +] + +[advisories] +# The lint level for security vulnerabilities +vulnerability = "deny" +# The lint level for unmaintained crates +unmaintained = "deny" +# The lint level for crates that have been yanked from their source registry +yanked = "deny" +# The lint level for crates with security notices. +notice = "deny" +# A list of advisory IDs to ignore. Note that ignored advisories will still +# output a note when they are encountered. +ignore = [ + #"RUSTSEC-0000-0000", +] + +[bans] +# Lint level for when multiple versions of the same crate are detected +multiple-versions = "warn" +# Lint level for when a crate version requirement is `*` +wildcards = "allow" +# The graph highlighting used when creating dotgraphs for crates +# with multiple versions +# * lowest-version - The path to the lowest versioned duplicate is highlighted +# * simplest-path - The path to the version with the fewest edges is highlighted +# * all - Both lowest-version and simplest-path are used +highlight = "all" +# The default lint level for `default` features for crates that are members of +# the workspace that is being checked. This can be overridden by allowing/denying +# `default` on a crate-by-crate basis if desired. +workspace-default-features = "allow" +# The default lint level for `default` features for external crates that are not +# members of the workspace. This can be overridden by allowing/denying `default` +# on a crate-by-crate basis if desired. +external-default-features = "allow" +# Certain crates/versions that will be skipped when doing duplicate detection. +skip = [ + #{ name = "crate", version = "=0.1.0" }, +] +# Similarly to `skip` allows you to skip certain crates during duplicate +# detection. Unlike skip, it also includes the entire tree of transitive +# dependencies starting at the specified crate, up to a certain depth, which is +# by default infinite. +skip-tree = [ + #{ name = "crate", version = "=0.1.0", depth = 20 }, +] + +[sources] +# Lint level for what to happen when a crate from a crate registry that is not +# in the allow list is encountered +unknown-registry = "deny" +# Lint level for what to happen when a crate from a git repository that is not +# in the allow list is encountered +unknown-git = "deny" + +[licenses] +# The lint level for crates which do not have a detectable license +unlicensed = "deny" +# Lint level for licenses considered copyleft +copyleft = "deny" +# The confidence threshold for detecting a license from license text. +# The higher the value, the more closely the license text must be to the +# canonical license text of a valid SPDX license file. +# [possible values: any between 0.0 and 1.0]. +confidence-threshold = 0.60 +# List of explicitly allowed licenses +# See https://spdx.org/licenses/ for list of possible licenses +# [possible values: any SPDX 3.11 short identifier (+ optional exception)]. +allow = [ + "Apache-2.0 WITH LLVM-exception", + "Apache-2.0", + "BSD-3-Clause", + "CC0-1.0", + "ISC", + "MIT", + "MPL-2.0", + "OpenSSL", + "Unicode-DFS-2016", + "Unlicense", + "Zlib", +] +# Allow 1 or more licenses on a per-crate basis, so that particular licenses +# aren't accepted for every possible crate as with the normal allow list +exceptions = [ + # Each entry is the crate and version constraint, and its specific allow + # list + #{ allow = ["license_name"], name = "crate", version = "*" }, +] diff --git a/examples/mnist-inference-web/Cargo.toml b/examples/mnist-inference-web/Cargo.toml index 46fd434cd..1f095f8d7 100644 --- a/examples/mnist-inference-web/Cargo.toml +++ b/examples/mnist-inference-web/Cargo.toml @@ -19,7 +19,6 @@ wgpu = ["burn/wgpu"] burn = { path = "../../burn", default-features = false } serde = { workspace = true } wasm-bindgen = { version = "0.2.87" } -wasm-bindgen-futures = "0.4" js-sys = "0.3.64" [dev-dependencies] diff --git a/examples/text-classification/Cargo.toml b/examples/text-classification/Cargo.toml index 28f02a13f..dc439f7a7 100644 --- a/examples/text-classification/Cargo.toml +++ b/examples/text-classification/Cargo.toml @@ -22,7 +22,7 @@ wgpu = ["burn/wgpu"] burn = {path = "../../burn", features=["train", "ndarray", "fusion"]} # Tokenizer -tokenizers = { version = "0.13.4", default-features = false, features = [ +tokenizers = { version = "0.15.0", default-features = false, features = [ "onig", "http", ] } diff --git a/examples/text-generation/Cargo.toml b/examples/text-generation/Cargo.toml index aa30ac4cb..9e6cb6492 100644 --- a/examples/text-generation/Cargo.toml +++ b/examples/text-generation/Cargo.toml @@ -15,7 +15,7 @@ f16 = [] burn = {path = "../../burn", features=["train", "tch"]} # Tokenizer -tokenizers = {version = "0.13.4", default-features = false, features = [ +tokenizers = {version = "0.15.0", default-features = false, features = [ "onig", "http", ]} diff --git a/xtask/Cargo.toml b/xtask/Cargo.toml index cc682f5fa..aaca88213 100644 --- a/xtask/Cargo.toml +++ b/xtask/Cargo.toml @@ -2,6 +2,7 @@ name = "xtask" version = "0.3.0" edition = "2021" +license = "MIT OR Apache-2.0" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html