We started to notice errors from Salus relating to cargo-audit, which we don't use, so we now define the specific scanners for Salus to run.
The GitHub Action that we're using automatically pulls the latest Salus image which included some semgrep changes that seem to break with our custom rules. For this reason, I've also pulls semgrep into a separate step.
We started to notice errors from Salus relating to
cargo-audit
, which we don't use, so we now define the specific scanners for Salus to run.The GitHub Action that we're using automatically pulls the latest Salus image which included some semgrep changes that seem to break with our custom rules. For this reason, I've also pulls semgrep into a separate step.