Closed svartalf closed 4 years ago
As the Github vulnerabilities scanner does not support Rust yet, it would be worth to add an Action which runs https://github.com/RustSec/cargo-audit and fails CI if there are any vulnerabilities.
Dependabot is already handling Rust security vulnerabilities, is there any reason to do the same?
Closed in favor of https://github.com/actions-rs/audit-check
As the Github vulnerabilities scanner does not support Rust yet, it would be worth to add an Action which runs https://github.com/RustSec/cargo-audit and fails CI if there are any vulnerabilities.