rustsec
rustsec copied to clipboard
rustsec
RustSec API & Tooling
https://github.com/rustsec/rustsec/actions/runs/3992756517/jobs/6848877427 ``` failures: ---- auditable_binary_without_vulnerabilities_passes stdout ---- thread 'auditable_binary_without_vulnerabilities_passes' panicked at 'assertion failed: `(left == right)` left: `1`, right: `0`', cargo-audit/tests/binary_scanning.rs:66:5 note: run with `RUST_BACKTRACE=1` environment variable to display a...
Right now `cargo audit` provides flexible controls for which kinds of advisories are reported (e.g. show/hide unmaintained or unsound) and which are considered fatal (i.e. cause non-zero exit code, cause...
#261 notes that authenticated registries don't work and #604 that sparse registries don't work either. It seems to me that since the rustsec database is for *public* crates, there is...
Installed using `cargo install cargo-audit --features=fix`, using version `0.17.3`. My project has two crates flagged (1 as an error, 1 as a warning). Neither are auto-fixable, so I would expected...
@amousset has asked to include some kind of flag to disable panic-based version detection. This raises some questions: - Should the flag require binaries to be built with `cargo auditable`?...
Bumps [petgraph](https://github.com/petgraph/petgraph) from 0.6.4 to 0.6.5. Changelog Sourced from petgraph's changelog. Version 0.6.5 (2024-05-06) Add rayon support for GraphMap ([#573](https://github.com/petgraph/petgraph/issues/573), [#615](https://github.com/petgraph/petgraph/issues/615)) Add Topo::with_initials method ([#585](https://github.com/petgraph/petgraph/issues/585)_) Add logo to the project...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps comrak from 0.21.0 to 0.23.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 4634c16e79c963813287e889244c50009e7f0981 to 3989e4b325fd35af0f19f42a37021d50b48b77e0. Changelog Sourced from softprops/action-gh-release's changelog. 2.0.5 (unreleased) Factor in file names with spaces when upserting files #446 via @MystiPanda 2.0.4 Minor follow up to...
Moving from https://github.com/rust-secure-code/cargo-auditable/issues/140 > In my crate CI, I have some --ignore flags for vulnerabilities that do not apply to dependencies as used by my crates (e.g., RUSTSEC-2020-0159 in crates...
Bumps [xml-rs](https://github.com/kornelski/xml-rs) from 0.8.19 to 0.8.20. Changelog Sourced from xml-rs's changelog. Version 0.8.20 Fixed escaping of literal ]]> in CDATA Commits 075a86f Release 87723fd fmt a7b8acd Clippy 4de4170 Use Option...