John Vandenberg

@HippoBaro see https://github.com/rustsec/advisory-db/pull/2461

ping @isislovecruft

My initial thought is this approach has the biggest bang for buck: > Environment variable support: Respect CARGO_INSTALL_REGISTRY or similar environment variables in the fallback. And I am surprised this...

@garysassano , > I'd like to see similar functionality in a single taiki-e/install-action step, resolving crates from the default public registry (https://crates.io/) while allowing specific crates to be pulled from...

https://github.com/murarth/smallstr/pull/28 was released as v0.3.1 months ago. Given https://github.com/A4-Tacks/smallstr/commit/9bfe163a106d5d6e55c27570f29c6f2a29782cd6 , and the rest of the fixed code was from the initial commit, I suggest that the RUSTSEC should list all...

It would be great if typos used the same definitions as https://github.com/github-linguist/linguist . There are some ports https://crates.io/search?q=linguist

And this dependency is not mentioned at https://github.com/CycloneDX/cyclonedx-cli/blob/f934c99826339cb8dbb83b439eb2c465fb253fb3/README.md?plain=1#L346 Also it would be good if some of the other deps mentioned there are staticly linked in the GitHub release. > For...

https://github.com/rustsec/advisory-db/issues/2237 raised in March, and now I've created https://github.com/rustsec/advisory-db/pull/2460 to create a RUSTSEC for it.

Yup, this was the relevant change upstream https://github.com/libgeos/geos/pull/1143/files#diff-1e7de1ae2d059d21e1dd75d5812d5a34b0222cef273b7c3a2af62eb747f9d20aL14-R12

https://github.com/georust/geos/pull/196 is also attempting to fix this