gyakovlev
commented
3 years ago thanks, that's exiting. I've merged templating PR, could you please rebase?
Closed leonardohn closed 3 years ago
gyakovlev
commented
3 years ago thanks, that's exiting. I've merged templating PR, could you please rebase?
leonardohn
commented
3 years ago Done. Anything else?
gyakovlev
commented
3 years ago I'll get back once tested, but I don't have anything else in mind if it works.
gyakovlev
commented
3 years ago /tmp/alacritty-0.4.1/alacritty $ /tmp/cargo-ebuild ebuild
Error: Found 5 vulnerabilities:
Crate: arc-swap
Version: 0.4.4
Title: Dangling reference in `access::Map` with Constant
Date: 2020-12-10
ID: RUSTSEC-2020-0091
URL: https://rustsec.org/advisories/RUSTSEC-2020-0091
Solution: Upgrade to >=0.4.8, <1.0.0-0 or >=1.1.0
Crate: ordered-float
Version: 1.0.2
Title: ordered_float:NotNan may contain NaN after panic in assignment operators
Date: 2020-12-06
ID: RUSTSEC-2020-0082
URL: https://rustsec.org/advisories/RUSTSEC-2020-0082
Solution: Upgrade to ^1.1.1 or >=2.0.1
Crate: smallvec
Version: 0.6.13
Title: Buffer overflow in SmallVec::insert_many
Date: 2021-01-08
ID: RUSTSEC-2021-0003
URL: https://rustsec.org/advisories/RUSTSEC-2021-0003
Solution: Upgrade to >=0.6.14, <1.0.0 or >=1.6.1
Crate: smallvec
Version: 1.1.0
Title: Buffer overflow in SmallVec::insert_many
Date: 2021-01-08
ID: RUSTSEC-2021-0003
URL: https://rustsec.org/advisories/RUSTSEC-2021-0003
Solution: Upgrade to >=0.6.14, <1.0.0 or >=1.6.1
Crate: xcb
Version: 0.9.0
Title: Multiple soundness issues
Date: 2021-02-04
ID: RUSTSEC-2021-0019
URL: https://rustsec.org/advisories/RUSTSEC-2021-0019
Solution: No solution available
Please fix the issues or use "--noaudit" flag.
nice!
These commits removes the redundant
cargo-lockusage (closes #7) and implements crate auditing throughrustseclibrary (closes #2). An example of output usingbase64_vulncrate fromrustsectests: