Skip to content

Upgrade rustsec to v0.16; new self-audit system#155

Merged
tarcieri merged 1 commit intomasterfrom
upgrade-rustsec-to-0-16-and-self-audit
Oct 14, 2019
Merged

Upgrade rustsec to v0.16; new self-audit system#155
tarcieri merged 1 commit intomasterfrom
upgrade-rustsec-to-0-16-and-self-audit

Conversation

@tarcieri
Copy link
Copy Markdown
Member

@tarcieri tarcieri commented Oct 13, 2019

The rustsec v0.16 crate no longer checks support.toml.

Instead, it queries the advisory database about the cargo-audit and rustsec crate versions themselves to determine if an upgrade is needed due to e.g. a showstopper bug (of which we've had a few).

This can also be used to signal breaking changes to the advisory format.

@tarcieri
Upgrade rustsec to v0.16; new self-audit system
70b4d20 
The `rustsec` v0.16 crate no longer checks `support.toml`.

Instead, it queries the advisory database about the `cargo-audit` and
`rustsec` crate versions themselves to determine if an upgrade is needed
due to e.g. a showstopper bug (of which we've had a few).

This can also be used to signal breaking changes to the advisory format.
@tarcieri tarcieri merged commit 35ba3ed into master Oct 14, 2019
@tarcieri tarcieri deleted the upgrade-rustsec-to-0-16-and-self-audit branch October 14, 2019 00:04
@tarcieri tarcieri mentioned this pull request Oct 14, 2019
Merged
@basvandijk basvandijk mentioned this pull request Oct 31, 2019
Merged
10 tasks
tarcieri added a commit that referenced this pull request May 7, 2021
@tarcieri
Merge pull request #155 from RustSec/update-deps
beb6d6f 
Cargo.lock: update dependencies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tarcieri