Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
FWIW the RustSec database is still not synced into the Github databse on a regular basis, even though they did an initial import of it. So the cargo audit github action is still relevant.
Checkout whackadep if you’re really interested in this! https://github.com/diem/whackadep
For example: https://github.com/advisories/GHSA-566x-hhrf-qf8m This is not a use after free. It's not even remotely close to a year after free. Also version 1.1.1 of ordered-float is patched (because the ordered-float maintainers are responsible and backported the fix), but this security advisory says it isn't. The RustSec advisory which GitHub links to has all the correct information.