fanzeyi / cargo-play Goto Github PK
View Code? Open in Web Editor NEWA local Rust playground
License: MIT License
cargo-play's Issues
New intelliJ plugin
I liked your project a bit, so I decided to make an entire intellij plugin completely integrating the official Intellij Rust plugin and your program! You can find it here or here @ the marketplace
Thanks for your playground program!
Check hash of file for `--cached`
If the hash is different from the last compilation, don't use the cached version. An implementation can be seen at this link.
[Feature Request] support cargo --test <option>
https://doc.rust-lang.org/rustc/tests/index.html
cargo play --test don't' support pass option to cargo --test
Implicitly recognize dependencies
The Playground now supports implicitly adding dependencies by just importing something with use.
I think this would be a great addition to this crate.
You could potentially check imports against the crate index and automatically add them as dependencies if they exist. (There is the https://github.com/frewsxcv/rust-crates-index crate for example that allows this)
Relation to cargo-script
This seems to be an almost-duplicate of https://github.com/DanielKeep/cargo-script, or am I missing something?
Play tests only
Having a standalone file on /tmp/foo.rs
fn main(){
println!("Hello, World")
}
#[test]
fn test_foo() {
assert_eq!(1, 1);
}Currenty I can use cargo play /tmp/foo.rs to have the main function output.
Cargo play is creating a temporary project and then calling cargo run on it.
I suggest adding an option to run tests cargo play /tmp/foo.rs --tests and then it runs cargo test instead of run
Allow specifying to build in release mode
Add flag to allow disabling compilation and running from cache if exists
Add a flag that will skip compilation and run any existing binary. This will reduce startup time for existing scripts.
RLS support
Find a way to support rls.
Allow reading code from stdin
Using local modules
First of all, congrats for the awesome work you've put in here!
I've got the following files:
src
├── foo.rs
├── lib.rs
├── main.rs
I am trying to use some content from my lib, but the imports won't resolve even if I use cargo play src/main.rs src/lib.rs src/foo.rs
How can I use my own library?
Add --verbose flag
It's better not to print lines like
Finished release [optimized] target(s) in 0.20s
Running `/var/folders/5v/g3zxt_7d64g3sd_56bzpqbvh0000gn/T/cargo-play.EcaT1SNHADVuJ2ex5_j0YiUjBv8/target/release/ecat1snhadvuj2ex5_j0yiujbv8
unless a --verbose flag is supplied. Alternatively, add a --quiet flag.
Allow first line to be `#!` so that it can be self executing
If you make the first line #!/usr/bin/env cargo-play, then you can use it as an executable without needing to call cargo play directly. Currently, it seems as if processing begins immediately to search for the prefix //#
Support Rust 2021 Edition
Since 2021 Edition is now officially stable, this plugin should support it. I already made a pull request with the changes done. It only needs to be accepted and released
#70
Neovim lua script to work with cargo-play
The function will check if the system install cargo play and check filetype=rust
~/.config/init.lua
+require "user.cargoplay"
https://github.com/laris/Neovim-from-scratch/blob/laris/lua/user/cargoplay.lua
Received unexpected email right after usage
Hello. A few minutes ago I starred this repo, then I installed cargo-play using cargo install cargo-play, and then used it to test out some code for a crate (uuid).
A few minutes later, I received an unexpected email.
Sender: 开源社区OSCS [email protected]
Title: "Venryx,您关注的开源项目 fanzeyi/cargo-play 受到 4 个存在安全缺陷开源组件的影响"
Contents:
<html><body>
<!--StartFragment--><div style="background:#ffffff;background-color:#ffffff;margin:0px auto;max-width:600px;">
开发者Venryx,您好: 当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。 OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险: 提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响 提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响 您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请点击取消退订,我们会标记为暂不关心,后续不会再次提示您。 fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:完整报告: https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1 | 开发者Venryx,您好: | 开发者Venryx,您好: | 当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。 OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险: 提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响 提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响 | 当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。 OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险: 提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响 提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响 | 您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请点击取消退订,我们会标记为暂不关心,后续不会再次提示您。 fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:完整报告: https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1 | 您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请点击取消退订,我们会标记为暂不关心,后续不会再次提示您。 | fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:完整报告: https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1
-- | -- | -- | -- | -- | -- | -- | --
开发者Venryx,您好: | 开发者Venryx,您好:
开发者Venryx,您好:
当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。 OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险: 提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响 提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响 | 当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。 OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险: 提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响 提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响
当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。 OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险: 提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响 提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响
您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请点击取消退订,我们会标记为暂不关心,后续不会再次提示您。 fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:完整报告: https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1 | 您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请点击取消退订,我们会标记为暂不关心,后续不会再次提示您。 | fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:完整报告: https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1
您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请点击取消退订,我们会标记为暂不关心,后续不会再次提示您。
fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:完整报告: https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1
</div><!--EndFragment-->
</body>
</html>
```开发者Venryx,您好:
当前不管是开源项目还是企业代码项目,都正在遭受来自开源社区的一些存在安全缺陷组件的影响。来自Synopsys OSSRA reports 2021的开源安全调查报告显示,平均每个项目会引入55个存在安全缺陷的组件,平均每个项目受这些有缺陷的开源组件影响会导致161个漏洞。
OSCS 安全社区会关注一批开源项目,并主动去检测并提示项目存在的风险:
提示这些开源项目的作者和贡献者,他的项目正在受到有安全缺陷的开源组件影响
提示Star&Fork这些项目的开发者,您可能也会受到这些存在安全缺陷的开源组件影响
您好,因为 fanzeyi/cargo-play 正在被 OSCS 关注且受到有安全缺陷的组件影响,所以冒昧通过邮件提醒您。如果 OSCS 安全社区的信息对您没有帮助,请[点击取消退订](https://sctrack.sendcloud.net/track/unsubscribe.do?p=eyJ1c2VyX2lkIjogMTYwNzcwLCAidGFza19pZCI6ICIiLCAiZW1haWxfaWQiOiAiMTY1NTc4NzY5MDUyNV8xNjA3NzBfNDI4MTRfNjQyOC5zYy0xMF85XzEzXzIxMy1pbmJvdW5kMCR2ZW5yeXhAZ21haWwuY29tIiwgInNpZ24iOiAiNWRkZjhkMTE5NjE0OTljMWJkMmQ4Y2M4ZGZjNTNjODkiLCAidXNlcl9oZWFkZXJzIjoge30sICJsYWJlbCI6ICIyMjMxNDA2MSIsICJ0cmFja19kb21haW4iOiAic2N0cmFjay5zZW5kY2xvdWQubmV0IiwgInJlYWxfdHlwZSI6ICIiLCAibmV0ZWFzZSI6ICJmYWxzZSIsICJvdXRfaXAiOiAiMTE3LjUwLjM2LjExMCIsICJjb250ZW50X3R5cGUiOiAzLCAicmVjZWl2ZXIiOiAidmVucnl4QGdtYWlsLmNvbSIsICJtYWlsbGlzdF9pZCI6IDAsICJvdmVyc2VhcyI6ICJmYWxzZSIsICJjYXRlZ29yeV9pZCI6IDI1NzM0NywgInBhZ2VfaWQiOiAtMX0%3D),我们会标记为暂不关心,后续不会再次提示您。
fanzeyi/cargo-play 项目一共引入了 4 个有漏洞的缺陷组件,以下是部分主要信息:
完整报告: [https://www.oscs1024.com/cd/1530611384193359872?sign=076a7713&report=1](https://sctrack.sendcloud.net/track/click/eyJuZXRlYXNlIjogImZhbHNlIiwgIm1haWxsaXN0X2lkIjogMCwgInRhc2tfaWQiOiAiIiwgImVtYWlsX2lkIjogIjE2NTU3ODc2OTA1MjVfMTYwNzcwXzQyODE0XzY0Mjguc2MtMTBfOV8xM18yMTMtaW5ib3VuZDAkdmVucnl4QGdtYWlsLmNvbSIsICJzaWduIjogImJkODdkOGJhYmQ4M2JhMzA0YTRiYjQ2MTZiNDU4ZWQ5IiwgInVzZXJfaGVhZGVycyI6IHt9LCAibGFiZWwiOiAiMjIzMTQwNjEiLCAidHJhY2tfZG9tYWluIjogInNjdHJhY2suc2VuZGNsb3VkLm5ldCIsICJyZWFsX3R5cGUiOiAiIiwgImxpbmsiOiAiaHR0cHMlM0EvL3d3dy5vc2NzMTAyNC5jb20vY2QvMTUzMDYxMTM4NDE5MzM1OTg3MiUzRnNpZ24lM0QwNzZhNzcxMyUyNnJlcG9ydCUzRDEiLCAib3V0X2lwIjogIjExNy41MC4zNi4xMTAiLCAiY29udGVudF90eXBlIjogMywgInVzZXJfaWQiOiAxNjA3NzAsICJvdmVyc2VhcyI6ICJmYWxzZSIsICJjYXRlZ29yeV9pZCI6IDI1NzM0N30=.html)
缺陷组件:[email protected] - 间接引入
漏洞标题:lodash 命令注入漏洞
影响描述:lodash是一款开源的JavaScript实用程序库。Lodash中存在命令注入漏洞,该漏洞源于外部输入数据构造可执行命令过程中,网络系统或产品未正确过滤其中的特殊元素。攻击者可利用该漏洞执行非法命令。
CVE编号:CVE-2021-23337
国家漏洞库信息:
影响范围::(∞, 4.17.21)
最小修复版本:4.17.21
组件引入路径:[email protected]>[email protected]>[email protected]>[email protected]
漏洞详情:[https://www.oscs1024.com/hd/MPS-2021-2638](https://sctrack.sendcloud.net/track/click/eyJuZXRlYXNlIjogImZhbHNlIiwgIm1haWxsaXN0X2lkIjogMCwgInRhc2tfaWQiOiAiIiwgImVtYWlsX2lkIjogIjE2NTU3ODc2OTA1MjVfMTYwNzcwXzQyODE0XzY0Mjguc2MtMTBfOV8xM18yMTMtaW5ib3VuZDAkdmVucnl4QGdtYWlsLmNvbSIsICJzaWduIjogImU5N2M0NmE3ZjQ1YzA3ODMwN2ViOTExOGRkZTQ0NjgxIiwgInVzZXJfaGVhZGVycyI6IHt9LCAibGFiZWwiOiAiMjIzMTQwNjEiLCAidHJhY2tfZG9tYWluIjogInNjdHJhY2suc2VuZGNsb3VkLm5ldCIsICJyZWFsX3R5cGUiOiAiIiwgImxpbmsiOiAiaHR0cHMlM0EvL3d3dy5vc2NzMTAyNC5jb20vaGQvTVBTLTIwMjEtMjYzOCUzRnMlM0RtIiwgIm91dF9pcCI6ICIxMTcuNTAuMzYuMTEwIiwgImNvbnRlbnRfdHlwZSI6IDMsICJ1c2VyX2lkIjogMTYwNzcwLCAib3ZlcnNlYXMiOiAiZmFsc2UiLCAiY2F0ZWdvcnlfaWQiOiAyNTczNDd9.html)
缺陷组件:[email protected] - 间接引入
漏洞标题:nodejs 资源管理错误漏洞
影响描述:nodejs是是一个基于ChromeV8引擎的JavaScript运行环境通过对Chromev8引擎进行了封装以及使用事件驱动和非阻塞IO的应用让Javascript开发高性能的后台应用成为了可能。nodejs-glob-parent 存在安全漏洞,该漏洞源于正则表达式拒绝服务。
CVE编号:CVE-2020-28469
国家漏洞库信息:
影响范围::(∞, 5.1.2)
最小修复版本:5.1.2
组件引入路径:[email protected]>[email protected]>[email protected]>[email protected]
漏洞详情:[https://www.oscs1024.com/hd/MPS-2021-7827](https://sctrack.sendcloud.net/track/click/eyJuZXRlYXNlIjogImZhbHNlIiwgIm1haWxsaXN0X2lkIjogMCwgInRhc2tfaWQiOiAiIiwgImVtYWlsX2lkIjogIjE2NTU3ODc2OTA1MjVfMTYwNzcwXzQyODE0XzY0Mjguc2MtMTBfOV8xM18yMTMtaW5ib3VuZDAkdmVucnl4QGdtYWlsLmNvbSIsICJzaWduIjogImFhODAwY2ZmZTVmODQxMzJiNDMyZTIzMGU2NjQxMjEzIiwgInVzZXJfaGVhZGVycyI6IHt9LCAibGFiZWwiOiAiMjIzMTQwNjEiLCAidHJhY2tfZG9tYWluIjogInNjdHJhY2suc2VuZGNsb3VkLm5ldCIsICJyZWFsX3R5cGUiOiAiIiwgImxpbmsiOiAiaHR0cHMlM0EvL3d3dy5vc2NzMTAyNC5jb20vaGQvTVBTLTIwMjEtNzgyNyUzRnMlM0RtIiwgIm91dF9pcCI6ICIxMTcuNTAuMzYuMTEwIiwgImNvbnRlbnRfdHlwZSI6IDMsICJ1c2VyX2lkIjogMTYwNzcwLCAib3ZlcnNlYXMiOiAiZmFsc2UiLCAiY2F0ZWdvcnlfaWQiOiAyNTczNDd9.html)
OSCS安全社区敬上
祝您工作顺利,生活愉快
对此信息不感兴趣,[不希望再次收到](https://sctrack.sendcloud.net/track/unsubscribe.do?p=eyJ1c2VyX2lkIjogMTYwNzcwLCAidGFza19pZCI6ICIiLCAiZW1haWxfaWQiOiAiMTY1NTc4NzY5MDUyNV8xNjA3NzBfNDI4MTRfNjQyOC5zYy0xMF85XzEzXzIxMy1pbmJvdW5kMCR2ZW5yeXhAZ21haWwuY29tIiwgInNpZ24iOiAiNWRkZjhkMTE5NjE0OTljMWJkMmQ4Y2M4ZGZjNTNjODkiLCAidXNlcl9oZWFkZXJzIjoge30sICJsYWJlbCI6ICIyMjMxNDA2MSIsICJ0cmFja19kb21haW4iOiAic2N0cmFjay5zZW5kY2xvdWQubmV0IiwgInJlYWxfdHlwZSI6ICIiLCAibmV0ZWFzZSI6ICJmYWxzZSIsICJvdXRfaXAiOiAiMTE3LjUwLjM2LjExMCIsICJjb250ZW50X3R5cGUiOiAzLCAicmVjZWl2ZXIiOiAidmVucnl4QGdtYWlsLmNvbSIsICJtYWlsbGlzdF9pZCI6IDAsICJvdmVyc2VhcyI6ICJmYWxzZSIsICJjYXRlZ29yeV9pZCI6IDI1NzM0NywgInBhZ2VfaWQiOiAtMX0%3D)
Anyone know what this is and/or why I received the email?
My guess is that this is something like Dependabot, where a service scans repositories for vulnerability and then emails maintainers about security issues that should be patched -- except in this case, for anyone that stars the repo as well?
Anyway, it's kind of a weird thing to get emailed about a repo merely for starring it, so thought I'd mention it here in case it was not intended to have this behavior.
`--save` option if one wants to convert a file into a Cargo project to continue to work on
Exploring a "cargo-script" in rustup
Would appreciate feedback on my research and proposal.
Allow passing arguments to program
Example cargo play test.rs -- 1 2 3 so that std::env::args() would receive 1,2,3.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.