Skip to content

cargo-audit parse toml error #948

New issue
New issue
Closed
Closed
cargo-audit parse toml error#948
Labels
bugSomething isn't working
@eureka-cpu

Description

@eureka-cpu
eureka-cpu
opened on Dec 25, 2025

Describe the bug

Just bumped my flake now I'm getting a toml parse error from cargo-audit. I haven't done any
investigative work yet so I'm not sure if this is even a problem with crane but figured I'd report here
since it's not the first time I've run into cargo-audit problems, and likely won't be the last 🙂

       > +++ command cargo audit -n -d /nix/store/7phbr6kak49vnqlcbpkjnplfbz22dzc6-source --ignore yanked
       > error: error loading advisory database: parse error: error parsing /nix/store/7phbr6kak49vnqlcbpkjnplfbz22dzc6-source/crates/cap-primitives/RUSTSEC-2024-0445.md: parse error: TOML parse error at line 8, column 8
       >   |
       > 8 | cvss = "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"
       >   |        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       > unsupported CVSS version: 4.0
       >
       For full logs, run:
         nix log /nix/store/bkwmycawfpx6wqs64zcc8izrxjqfjpvf-crate-audit-0.0.0.drv

Reproduction

Here's my cargo-audit expr. I had to tweak it a bit so that it would actually fail correctly, so it's a bit ugly.
This was working before I bumped, but that was quite an old commit it was on at that time.

          cargo-audit = (cargoAudit {
            inherit (pkgs.workspace) src;
            inherit (inputs) advisory-db;
            cargoAuditExtraArgs = ''
              --ignore yanked > $out/audit.txt
            '';
            doCheck = true;
            checkPhase = checkIfFailed "$out/audit.txt"; # this is just `grep -iE 'warning|error' ${out} && exit 1 || true`
          }).overrideAttrs (old: {
            buildPhase = ''
              mkdir -p $out
              touch $out/audit.txt
            '' + old.buildPhase;
          });

Here is my flake.lock:

{
  "nodes": {
    "advisory-db": {
      "flake": false,
      "locked": {
        "lastModified": 1766589546,
        "narHash": "sha256-aLilikxnKAgIwPBRsJ9S4Tq3HgHFey68z3P6mMHg594=",
        "owner": "rustsec",
        "repo": "advisory-db",
        "rev": "a1edea9cd101605069e463801516f55a9254effd",
        "type": "github"
      },
      "original": {
        "owner": "rustsec",
        "repo": "advisory-db",
        "type": "github"
      }
    },
    "cargo-reaper": {
      "inputs": {
        "advisory-db": [
          "advisory-db"
        ],
        "crane": [
          "crane"
        ],
        "fenix": [
          "fenix"
        ],
        "flake-utils": "flake-utils",
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1753839107,
        "narHash": "sha256-dr4+OwdE113sA3zzGTzLuOPXOHfhOT0JwCwJGJbyRPQ=",
        "owner": "Cloud-Scythe-Labs",
        "repo": "cargo-reaper",
        "rev": "281a9de1b41941aea18e7838706660b21e649fd9",
        "type": "github"
      },
      "original": {
        "owner": "Cloud-Scythe-Labs",
        "ref": "master",
        "repo": "cargo-reaper",
        "type": "github"
      }
    },
    "crane": {
      "locked": {
        "lastModified": 1766194365,
        "narHash": "sha256-4AFsUZ0kl6MXSm4BaQgItD0VGlEKR3iq7gIaL7TjBvc=",
        "owner": "ipetkov",
        "repo": "crane",
        "rev": "7d8ec2c71771937ab99790b45e6d9b93d15d9379",
        "type": "github"
      },
      "original": {
        "owner": "ipetkov",
        "repo": "crane",
        "type": "github"
      }
    },
    "fenix": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ],
        "rust-analyzer-src": []
      },
      "locked": {
        "lastModified": 1766472537,
        "narHash": "sha256-3L602HO6JUssIL3Vo32iceObsW75+6CwLMOXRD9S3IM=",
        "owner": "nix-community",
        "repo": "fenix",
        "rev": "9591b811e48f906e0a9f7afe89676a1c333415dd",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
        "repo": "fenix",
        "type": "github"
      }
    },
    "flake-utils": {
      "inputs": {
        "systems": "systems"
      },
      "locked": {
        "lastModified": 1731533236,
        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1766309749,
        "narHash": "sha256-3xY8CZ4rSnQ0NqGhMKAy5vgC+2IVK0NoVEzDoOh4DA4=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "a6531044f6d0bef691ea18d4d4ce44d0daa6e816",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "advisory-db": "advisory-db",
        "cargo-reaper": "cargo-reaper",
        "crane": "crane",
        "fenix": "fenix",
        "nixpkgs": "nixpkgs"
      }
    },
    "systems": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    }
  },
  "root": "root",
  "version": 7
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions