Audit Cargo.lock files for crates with security vulnerabilities
Clone or download
tarcieri Merge pull request #41 from colindean/colindean/json-output
Adds --json flag to output JSON to STDOUT
Latest commit 4406814 Oct 24, 2018

README.md

cargo audit

Latest Version Build Status Appveyor Status MIT/Apache 2 licensed Gitter Chat

Audit Cargo.lock for crates with security vulnerabilities reported to the RustSec Advisory Database.

This implements an idea originally proposed in this (closed) RFC:

https://github.com/rust-lang/rfcs/pull/1752

Requirements

cargo audit requires Rust 1.25 or later.

Installation

cargo audit is a Cargo subcommand and can be installed with cargo install:

$ cargo install cargo-audit

Once installed, run cargo audit at the toplevel of any Cargo project.

Reporting Vulnerabilities

Report vulnerabilities by opening pull requests against the RustSec Advisory Database GitHub repo:

Report Vulnerability

Screenshot

Screenshot

License

Licensed under either of:

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be dual licensed as above, without any additional terms or conditions.