Exclude ci directory from packaged crate

mulkieran · mulkieran · commit d56efd480d2e · 2023-08-03T09:31:56.000-04:00
I do not think there is compelling reason to release the ci support as
part of a Rust source code package. In addition, the crate, as it is
released now, gets flagged in some security scans due to the presence of
Dockerfiles which are considered to be following some unsafe practices.
Most Linux distros package using the vendored appraoch and provide a
vendor tarfile of an application's dependencies. Scanners will tend to
expect that the contents of the vendor tarfile will be source code.
These Dockerfiles are already being flagged by some scanners; other
contents of the ci directory may be flagged in future.
diff --git a/compiler-builtins/libm/Cargo.toml b/compiler-builtins/libm/Cargo.toml
@@ -10,6 +10,7 @@ readme = "README.md"
 repository = "https://github.com/rust-lang/libm"
 version = "0.2.7"
 edition = "2018"
+exclude = ["/ci/"]
 
 [features]
 default = []
