rustsec
rustsec copied to clipboard
Published
20 hours ago •
rustsec
rustsec
Stop requiring the latest git commit in advisory-db to be signed
trafficstars
We currently require the presence of some signature on the latest commit in advisory-db repo for cargo audit and other tooling that uses rustsec crate to work.
This is completely useless in that it doesn't add any security. And it has broken production users twice now (both times for just a few minutes before it was noticed and fixed, but still).
We should disable that check.
