Github Dependency graph adds vulnerability alerting support for Rust

This page summarizes the projects mentioned and recommended in the original post on /r/rust
Rust Security security-advisories Vulnerabilities security-audit

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • advisory-db

    Security advisory database for Rust crates published through crates.io

    • FWIW the RustSec database is still not synced into the Github databse on a regular basis, even though they did an initial import of it. So the cargo audit github action is still relevant.

  • whackadep

    Managing Rust dependencies via a dashboard

    • Checkout whackadep if you’re really interested in this! https://github.com/diem/whackadep

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • GHSA-566x-hhrf-qf8m

    • For example: https://github.com/advisories/GHSA-566x-hhrf-qf8m This is not a use after free. It's not even remotely close to a year after free. Also version 1.1.1 of ordered-float is patched (because the ordered-float maintainers are responsible and backported the fix), but this security advisory says it isn't. The RustSec advisory which GitHub links to has all the correct information.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts