advisory-db
advisory-db copied to clipboard
rustsec
Security advisory database for Rust crates published through crates.io
Clean install with Internet access of the latest version of cargo-audit: ``` $ cargo audit Fetching advisory database from `https://github.com/RustSec/advisory-db.git` error: couldn't fetch advisory database: git operation failed: failed to...
See - https://github.com/rustsec/rustsec/pull/1480 Are there any caveats/risks to adding new metadata fields?
I'm working on filing advisories for crates we've recently removed from crates.io. These crates were intentionally malicious and attempting to exfiltrate information, including cryptocurrency private keys and API tokens. Should...
My understanding is this is going to fail the linter because we've already taken down these crates from crates.io: https://github.com/rustsec/rustsec/issues/1479 And I didn't add categories because of https://github.com/rustsec/advisory-db/issues/2499 and https://github.com/rustsec/advisory-db/issues/2500
`ThreadSafety`/`thread-safety` is a valid category https://docs.rs/rustsec/latest/rustsec/advisory/enum.Category.html But `thread-safety` doesn't appear in https://github.com/rustsec/advisory-db/blob/f414b4d1ff5df405ea74240bc8fc2e4ce5f0d6c3/README.md#L78-L80 or https://github.com/rustsec/advisory-db/blob/f414b4d1ff5df405ea74240bc8fc2e4ce5f0d6c3/EXAMPLE_ADVISORY.md#L7-L8
For instance, the README explains the `withdrawn` field but EXAMPLE_ADVISORY.md doesn't. I would have expected to get the same information whether I started from the examples in either file.
Closes https://github.com/rustsec/advisory-db/issues/2214
I have forked the original `daemonize` crate as `daemonix` and merged changes that fix the UB issue that was reported against the original crate. It can be used as a...
