Navigation:
Browse pkgsrc
(this page) 2024-03-22 13:06:44 by pin | Files touched by this commit (3) |  |
Log message: security/cargo-audit: update to 0.20.0 v0.20.0 - New breaking releases of `cargo audit` v0.20 and `rustsec` v0.29 v0.19.0 - Release `cargo audit` 0.19.0 |
| 2023-10-26 10:02:21 by pin | Files touched by this commit (3) | |
Log message: security/cargo-audit: update to 0.18.3 Bring it up-to-date, v0.17.6 -> v0.18.3 No ChangeLogs provided. |
| 2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message: *: bump for openssl 3 |
| 2023-05-16 21:40:53 by Thomas Klausner | Files touched by this commit (3) | |
Log message: cargo-audit: update to 0.17.6. Changes not found. |
| 2023-04-27 13:58:19 by Thomas Klausner | Files touched by this commit (3) | |
Log message:
cargo-audit: update to 0.17.5.
0.17.5 (2023-03-23)
Added
Vulnerability severity is now included in the cargo audit output, if known (#825)
Changed
Advisories marked informational = unsound are now reported by default, but \
only as warnings (#819). They do not cause the audit to fail, i.e. the exit code \
of the process is still 0. This behavior can be suppressed through the \
configuration file.
Fixed
The help text now correctly refers to the command as cargo audit instead of \
cargo audit audit (#824)
The --version argument now works correctly, reporting the current version (#838)
0.17.4 (2022-11-08)
Fixed
Checks for yanked crates were broken since 0.17.0. This release restores \
them and adds tests to prevent future regressions.
Changed
Binary scanning is enabled by default and documented as such. It can still \
be disabled by disabling the binary-scanning feature.
0.17.3 (2022-11-01)
Added
cargo audit bin now attempts to detect dependencies in binaries not built \
with cargo auditable by parsing the panic messages (#729). This only detects \
about a half of the dependency list and never detects C code such as OpenSSL, \
but works on any Rust binaries built with cargo.
Added integration tests for the --deny=warnings flag.
Fixed
cargo audit bin --deny=warnings no longer exits after finding the first \
binary with warnings.
Changed
Up to 5x faster cargo audit bin when scanning multiple files thanks to \
caching crates.io index lookups (implemented in rustsec crate).
Notices about cargo audit or rustsec will now result in a scanning error \
being reported (exit code 2) as opposed to reporting them as vulnerabilities in \
the scanned binary (exit code 1). They are treated as warnings by default, so \
--deny=warnings is required to observe the new behavior.
The binary-scanning feature that adds the cargo audit bin subcommand is now \
enabled by default, but is not documented as such.
0.17.2 (2022-10-07)
Changed
Fixed the screenshot URL in README.md
0.17.1 (2022-10-07)
Added
Initial support for scanning binaries built with cargo auditable
|
| 2022-05-29 09:36:34 by Thomas Klausner | Files touched by this commit (3) | |
Log message: cargo-audit: update to 0.17.0. Changes not found. |
| 2022-04-21 09:57:30 by Thomas Klausner | Files touched by this commit (2) |
Log message: cargo-audit: simplify, and fix download |
| 2022-04-20 21:35:08 by Nikita | Files touched by this commit (1) |
Log message: cargo-audit: Fix pkgname. |
| 2022-04-20 21:22:23 by Nikita | Files touched by this commit (5) |
Log message: security/cargo-audit: import cargo-audit 0.16.0 Cargo-audit allows you to audit Cargo.lock files for crates with security vulnerabilities reported to the RustSec Advisory Database. Cargo-audit is provided as the cargo subcommand "audit". |
New packages: