fanzeyi / cargo-play Goto Github PK
View Code? Open in Web Editor NEWA local Rust playground
License: MIT License
cargo-play's People
Contributors
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "dependabot-preview[bot]")
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
upsuper-forks isgasho norcalli reitermarkus thehamsta thepacketgeek rochacbruno nightmachinery sunshowers chevdor andrewpedia miraclx octaltree guswynn molotovcherry yerke aclk a-braham iq-scm kkpan11cargo-play's Issues
Exploring a "cargo-script" in rustup
Would appreciate feedback on my research and proposal.
Allow passing arguments to program
Example cargo play test.rs -- 1 2 3 so that std::env::args() would receive 1,2,3.
RLS support
Find a way to support rls.
Using local modules
First of all, congrats for the awesome work you've put in here!
I've got the following files:
src
├── foo.rs
├── lib.rs
├── main.rs
I am trying to use some content from my lib, but the imports won't resolve even if I use cargo play src/main.rs src/lib.rs src/foo.rs
How can I use my own library?
`--save` option if one wants to convert a file into a Cargo project to continue to work on
Add --verbose flag
It's better not to print lines like
Finished release [optimized] target(s) in 0.20s
Running `/var/folders/5v/g3zxt_7d64g3sd_56bzpqbvh0000gn/T/cargo-play.EcaT1SNHADVuJ2ex5_j0YiUjBv8/target/release/ecat1snhadvuj2ex5_j0yiujbv8
unless a --verbose flag is supplied. Alternatively, add a --quiet flag.
Check hash of file for `--cached`
If the hash is different from the last compilation, don't use the cached version. An implementation can be seen at this link.
Relation to cargo-script
This seems to be an almost-duplicate of https://github.com/DanielKeep/cargo-script, or am I missing something?
[Feature Request] support cargo --test <option>
https://doc.rust-lang.org/rustc/tests/index.html
cargo play --test don't' support pass option to cargo --test
New intelliJ plugin
I liked your project a bit, so I decided to make an entire intellij plugin completely integrating the official Intellij Rust plugin and your program! You can find it here or here @ the marketplace
Thanks for your playground program!
Support Rust 2021 Edition
Since 2021 Edition is now officially stable, this plugin should support it. I already made a pull request with the changes done. It only needs to be accepted and released
#70
Allow first line to be `#!` so that it can be self executing
If you make the first line #!/usr/bin/env cargo-play, then you can use it as an executable without needing to call cargo play directly. Currently, it seems as if processing begins immediately to search for the prefix //#
Implicitly recognize dependencies
The Playground now supports implicitly adding dependencies by just importing something with use.
I think this would be a great addition to this crate.
You could potentially check imports against the crate index and automatically add them as dependencies if they exist. (There is the https://github.com/frewsxcv/rust-crates-index crate for example that allows this)
Allow reading code from stdin
Neovim lua script to work with cargo-play
The function will check if the system install cargo play and check filetype=rust
~/.config/init.lua
+require "user.cargoplay"
https://github.com/laris/Neovim-from-scratch/blob/laris/lua/user/cargoplay.lua
Play tests only
Having a standalone file on /tmp/foo.rs
fn main(){
println!("Hello, World")
}
#[test]
fn test_foo() {
assert_eq!(1, 1);
}Currenty I can use cargo play /tmp/foo.rs to have the main function output.
Cargo play is creating a temporary project and then calling cargo run on it.
I suggest adding an option to run tests cargo play /tmp/foo.rs --tests and then it runs cargo test instead of run
Received unexpected email right after usage
Hello. A few minutes ago I starred this repo, then I installed cargo-play using cargo install cargo-play, and then used it to test out some code for a crate (uuid).
A few minutes later, I received an unexpected email.
Sender: 开源社区OSCS [email protected]
Title: "Venryx,您关注的开源项目 fanzeyi/cargo-play 受到 4 个存在安全缺陷开源组件的影响"
Contents:
<html><body>
<!--StartFragment--><div style="background:#ffffff;background-color:#ffffff;margin:0px auto;max-width:600px;">
开发者Venryx,您好: 当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。 OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险: 提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响 提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响 您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请点击取消退订,我们会标记为暂不关心,后续不会再次提示您。 fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:完整报告: https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1 | 开发者Venryx,您好: | 开发者Venryx,您好: | 当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。 OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险: 提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响 提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响 | 当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。 OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险: 提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响 提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响 | 您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请点击取消退订,我们会标记为暂不关心,后续不会再次提示您。 fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:完整报告: https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1 | 您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请点击取消退订,我们会标记为暂不关心,后续不会再次提示您。 | fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:完整报告: https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1
-- | -- | -- | -- | -- | -- | -- | --
开发者Venryx,您好: | 开发者Venryx,您好:
开发者Venryx,您好:
当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。 OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险: 提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响 提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响 | 当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。 OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险: 提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响 提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响
当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。 OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险: 提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响 提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响
您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请点击取消退订,我们会标记为暂不关心,后续不会再次提示您。 fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:完整报告: https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1 | 您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请点击取消退订,我们会标记为暂不关心,后续不会再次提示您。 | fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:完整报告: https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1
您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请点击取消退订,我们会标记为暂不关心,后续不会再次提示您。
fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:完整报告: https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1
</div><!--EndFragment-->
</body>
</html>
```开发者Venryx,您好:
当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。
OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险:
提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响
提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响
您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请[点击取消退订](https://sctrack.sendcloud.net/track/unsubscribe.do?p=eyJ1c2VyX2lkIjogMTYwNzcwLCAidGFza19pZCI6ICIiLCAiZW1haWxfaWQiOiAiMTY1NTc4NzY5MDUyNV8xNjA3NzBfNDI4MTRfNjQyOC5zYy0xMF85XzEzXzIxMy1pbmJvdW5kMCR2ZW5yeXhAZ21haWwuY29tIiwgInNpZ24iOiAiNWRkZjhkMTE5NjE0OTljMWJkMmQ4Y2M4ZGZjNTNjODkiLCAidXNlcl9oZWFkZXJzIjoge30sICJsYWJlbCI6ICIyMjMxNDA2MSIsICJ0cmFja19kb21haW4iOiAic2N0cmFjay5zZW5kY2xvdWQubmV0IiwgInJlYWxfdHlwZSI6ICIiLCAibmV0ZWFzZSI6ICJmYWxzZSIsICJvdXRfaXAiOiAiMTE3LjUwLjM2LjExMCIsICJjb250ZW50X3R5cGUiOiAzLCAicmVjZWl2ZXIiOiAidmVucnl4QGdtYWlsLmNvbSIsICJtYWlsbGlzdF9pZCI6IDAsICJvdmVyc2VhcyI6ICJmYWxzZSIsICJjYXRlZ29yeV9pZCI6IDI1NzM0NywgInBhZ2VfaWQiOiAtMX0%3D),我们会标记为暂不关心,后续不会再次提示您。
fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:
完整报告: [https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1](https://sctrack.sendcloud.net/track/click/eyJuZXRlYXNlIjogImZhbHNlIiwgIm1haWxsaXN0X2lkIjogMCwgInRhc2tfaWQiOiAiIiwgImVtYWlsX2lkIjogIjE2NTU3ODc2OTA1MjVfMTYwNzcwXzQyODE0XzY0Mjguc2MtMTBfOV8xM18yMTMtaW5ib3VuZDAkdmVucnl4QGdtYWlsLmNvbSIsICJzaWduIjogImJkODdkOGJhYmQ4M2JhMzA0YTRiYjQ2MTZiNDU4ZWQ5IiwgInVzZXJfaGVhZGVycyI6IHt9LCAibGFiZWwiOiAiMjIzMTQwNjEiLCAidHJhY2tfZG9tYWluIjogInNjdHJhY2suc2VuZGNsb3VkLm5ldCIsICJyZWFsX3R5cGUiOiAiIiwgImxpbmsiOiAiaHR0cHMlM0EvL3d3dy5vc2NzMTAyNC5jb20vY2QvMTUzMDYxMTM4NDE5MzM1OTg3MiUzRnNpZ24lM0QwNzZhNzcxMyUyNnJlcG9ydCUzRDEiLCAib3V0X2lwIjogIjExNy41MC4zNi4xMTAiLCAiY29udGVudF90eXBlIjogMywgInVzZXJfaWQiOiAxNjA3NzAsICJvdmVyc2VhcyI6ICJmYWxzZSIsICJjYXRlZ29yeV9pZCI6IDI1NzM0N30=.html)
缺陷组件:[email protected] - 间接引入
漏洞标题:lodash 命令注入漏洞
影响描述:lodash是一款开源的JavaScript实用程序库。Lodash中存在命令注入漏洞,该漏洞源于外部输入数据构造可执行命令过程中,网络系统或产品未正确过滤其中的特殊元素。攻击者可利用该漏洞执行非法命令。
CVE编号:CVE-2021-23337
国家漏洞库信息:
影响范围::(∞, 4.17.21)
最小修复版本:4.17.21
组件引入路径:[email protected]>[email protected]>[email protected]>[email protected]
漏洞详情:[https://www.oscs1024.com/hd/MPS-2021-2638](https://sctrack.sendcloud.net/track/click/eyJuZXRlYXNlIjogImZhbHNlIiwgIm1haWxsaXN0X2lkIjogMCwgInRhc2tfaWQiOiAiIiwgImVtYWlsX2lkIjogIjE2NTU3ODc2OTA1MjVfMTYwNzcwXzQyODE0XzY0Mjguc2MtMTBfOV8xM18yMTMtaW5ib3VuZDAkdmVucnl4QGdtYWlsLmNvbSIsICJzaWduIjogImU5N2M0NmE3ZjQ1YzA3ODMwN2ViOTExOGRkZTQ0NjgxIiwgInVzZXJfaGVhZGVycyI6IHt9LCAibGFiZWwiOiAiMjIzMTQwNjEiLCAidHJhY2tfZG9tYWluIjogInNjdHJhY2suc2VuZGNsb3VkLm5ldCIsICJyZWFsX3R5cGUiOiAiIiwgImxpbmsiOiAiaHR0cHMlM0EvL3d3dy5vc2NzMTAyNC5jb20vaGQvTVBTLTIwMjEtMjYzOCUzRnMlM0RtIiwgIm91dF9pcCI6ICIxMTcuNTAuMzYuMTEwIiwgImNvbnRlbnRfdHlwZSI6IDMsICJ1c2VyX2lkIjogMTYwNzcwLCAib3ZlcnNlYXMiOiAiZmFsc2UiLCAiY2F0ZWdvcnlfaWQiOiAyNTczNDd9.html)
缺陷组件:[email protected] - 间接引入
漏洞标题:nodejs 资源管理错误漏洞
影响描述:nodejs是是一个基于ChromeV8引擎的JavaScript运行环境通过对Chromev8引擎进行了封装以及使用事件驱动和非阻塞IO的应用让Javascript开发高性能的后台应用成为了可能。nodejs-glob-parent 存在安全漏洞,该漏洞源于正则表达式拒绝服务。
CVE编号:CVE-2020-28469
国家漏洞库信息:
影响范围::(∞, 5.1.2)
最小修复版本:5.1.2
组件引入路径:[email protected]>[email protected]>[email protected]>[email protected]
漏洞详情:[https://www.oscs1024.com/hd/MPS-2021-7827](https://sctrack.sendcloud.net/track/click/eyJuZXRlYXNlIjogImZhbHNlIiwgIm1haWxsaXN0X2lkIjogMCwgInRhc2tfaWQiOiAiIiwgImVtYWlsX2lkIjogIjE2NTU3ODc2OTA1MjVfMTYwNzcwXzQyODE0XzY0Mjguc2MtMTBfOV8xM18yMTMtaW5ib3VuZDAkdmVucnl4QGdtYWlsLmNvbSIsICJzaWduIjogImFhODAwY2ZmZTVmODQxMzJiNDMyZTIzMGU2NjQxMjEzIiwgInVzZXJfaGVhZGVycyI6IHt9LCAibGFiZWwiOiAiMjIzMTQwNjEiLCAidHJhY2tfZG9tYWluIjogInNjdHJhY2suc2VuZGNsb3VkLm5ldCIsICJyZWFsX3R5cGUiOiAiIiwgImxpbmsiOiAiaHR0cHMlM0EvL3d3dy5vc2NzMTAyNC5jb20vaGQvTVBTLTIwMjEtNzgyNyUzRnMlM0RtIiwgIm91dF9pcCI6ICIxMTcuNTAuMzYuMTEwIiwgImNvbnRlbnRfdHlwZSI6IDMsICJ1c2VyX2lkIjogMTYwNzcwLCAib3ZlcnNlYXMiOiAiZmFsc2UiLCAiY2F0ZWdvcnlfaWQiOiAyNTczNDd9.html)
OSCS安全社区敬上
祝您工作顺利,生活愉快
对此信息不感兴趣,[不希望再次收到](https://sctrack.sendcloud.net/track/unsubscribe.do?p=eyJ1c2VyX2lkIjogMTYwNzcwLCAidGFza19pZCI6ICIiLCAiZW1haWxfaWQiOiAiMTY1NTc4NzY5MDUyNV8xNjA3NzBfNDI4MTRfNjQyOC5zYy0xMF85XzEzXzIxMy1pbmJvdW5kMCR2ZW5yeXhAZ21haWwuY29tIiwgInNpZ24iOiAiNWRkZjhkMTE5NjE0OTljMWJkMmQ4Y2M4ZGZjNTNjODkiLCAidXNlcl9oZWFkZXJzIjoge30sICJsYWJlbCI6ICIyMjMxNDA2MSIsICJ0cmFja19kb21haW4iOiAic2N0cmFjay5zZW5kY2xvdWQubmV0IiwgInJlYWxfdHlwZSI6ICIiLCAibmV0ZWFzZSI6ICJmYWxzZSIsICJvdXRfaXAiOiAiMTE3LjUwLjM2LjExMCIsICJjb250ZW50X3R5cGUiOiAzLCAicmVjZWl2ZXIiOiAidmVucnl4QGdtYWlsLmNvbSIsICJtYWlsbGlzdF9pZCI6IDAsICJvdmVyc2VhcyI6ICJmYWxzZSIsICJjYXRlZ29yeV9pZCI6IDI1NzM0NywgInBhZ2VfaWQiOiAtMX0%3D)
Anyone know what this is and/or why I received the email?
My guess is that this is something like Dependabot, where a service scans repositories for vulnerability and then emails maintainers about security issues that should be patched -- except in this case, for anyone that stars the repo as well?
Anyway, it's kind of a weird thing to get emailed about a repo merely for starring it, so thought I'd mention it here in case it was not intended to have this behavior.
Add flag to allow disabling compilation and running from cache if exists
Add a flag that will skip compilation and run any existing binary. This will reduce startup time for existing scripts.
Allow specifying to build in release mode
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.