svartalf
commented
4 years ago Dependabot is already handling Rust security vulnerabilities, is there any reason to do the same?
Closed svartalf closed 4 years ago
svartalf
commented
4 years ago Dependabot is already handling Rust security vulnerabilities, is there any reason to do the same?
svartalf
commented
4 years ago Closed in favor of https://github.com/actions-rs/audit-check
As the Github vulnerabilities scanner does not support Rust yet, it would be worth to add an Action which runs https://github.com/RustSec/cargo-audit and fails CI if there are any vulnerabilities.