Path to this page:
./
security/cargo-audit,
Audit Cargo.lock files for crates with security vulnerabilities
Branch: CURRENT,
Version: 0.21.0,
Package name: cargo-audit-0.21.0,
Maintainer: pkgsrc-usersCargo-audit allows you to audit Cargo.lock files for crates with
security vulnerabilities reported to the RustSec Advisory Database.
Cargo-audit is provided as the cargo subcommand "audit".
Master sites:
Filesize: 1041.216 KB
Version history: (Expand)
- (2024-11-21) Updated to version: cargo-audit-0.21.0
- (2024-10-15) Updated to version: cargo-audit-0.20.1
- (2024-03-22) Updated to version: cargo-audit-0.20.0
- (2023-10-26) Updated to version: cargo-audit-0.18.3
- (2023-10-25) Updated to version: cargo-audit-0.17.6nb1
- (2023-05-16) Updated to version: cargo-audit-0.17.6
CVS history: (Expand)
2024-12-16 20:12:17 by Adam Ciarcinski | Files touched by this commit (2) |
Log message:
cargo-audit: fix building with Rust 1.83.0
|
2024-11-21 10:39:06 by pin | Files touched by this commit (3) | |
Log message:
security/cargo-audit: update to 0.21.0
No changelog provided.
|
2024-10-15 05:39:30 by pin | Files touched by this commit (3) | |
Log message:
security/cargo-audit: update to 0.20.1
No ChangeLog provided, but should fix:
http://shadow.netbsd.org/pub/pkgsrc/packages/reports/HEAD/NetBSD-10.0-x86_64/20241014.0745/cargo-audit-0.20.0/build.log
|
2024-03-22 13:06:44 by pin | Files touched by this commit (3) | |
Log message:
security/cargo-audit: update to 0.20.0
v0.20.0
- New breaking releases of `cargo audit` v0.20 and `rustsec` v0.29
v0.19.0
- Release `cargo audit` 0.19.0
|
2023-10-26 10:02:21 by pin | Files touched by this commit (3) | |
Log message:
security/cargo-audit: update to 0.18.3
Bring it up-to-date, v0.17.6 -> v0.18.3
No ChangeLogs provided.
|
2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message:
*: bump for openssl 3
|
2023-05-16 21:40:53 by Thomas Klausner | Files touched by this commit (3) | |
Log message:
cargo-audit: update to 0.17.6.
Changes not found.
|
2023-04-27 13:58:19 by Thomas Klausner | Files touched by this commit (3) | |
Log message:
cargo-audit: update to 0.17.5.
0.17.5 (2023-03-23)
Added
Vulnerability severity is now included in the cargo audit output, if known (#825)
Changed
Advisories marked informational = unsound are now reported by default, but \
only as warnings (#819). They do not cause the audit to fail, i.e. the exit code \
of the process is still 0. This behavior can be suppressed through the \
configuration file.
Fixed
The help text now correctly refers to the command as cargo audit instead of \
cargo audit audit (#824)
The --version argument now works correctly, reporting the current version (#838)
0.17.4 (2022-11-08)
Fixed
Checks for yanked crates were broken since 0.17.0. This release restores \
them and adds tests to prevent future regressions.
Changed
Binary scanning is enabled by default and documented as such. It can still \
be disabled by disabling the binary-scanning feature.
0.17.3 (2022-11-01)
Added
cargo audit bin now attempts to detect dependencies in binaries not built \
with cargo auditable by parsing the panic messages (#729). This only detects \
about a half of the dependency list and never detects C code such as OpenSSL, \
but works on any Rust binaries built with cargo.
Added integration tests for the --deny=warnings flag.
Fixed
cargo audit bin --deny=warnings no longer exits after finding the first \
binary with warnings.
Changed
Up to 5x faster cargo audit bin when scanning multiple files thanks to \
caching crates.io index lookups (implemented in rustsec crate).
Notices about cargo audit or rustsec will now result in a scanning error \
being reported (exit code 2) as opposed to reporting them as vulnerabilities in \
the scanned binary (exit code 1). They are treated as warnings by default, so \
--deny=warnings is required to observe the new behavior.
The binary-scanning feature that adds the cargo audit bin subcommand is now \
enabled by default, but is not documented as such.
0.17.2 (2022-10-07)
Changed
Fixed the screenshot URL in README.md
0.17.1 (2022-10-07)
Added
Initial support for scanning binaries built with cargo auditable
|