## Security advisory (cargo audit) | Crate | Advisory | Notes | |---|---|---| | `lettre` | RUSTSEC-2026-0141 | **vulnerability** (current 0.11.19) | | `rustls-pemfile` | RUSTSEC-2025-0134 | (warning) | ## What to do 1. Bump `lettre` to a non-vulnerable version (`cargo update -p lettre`, or update the `Cargo.toml` constraint if needed). 2. Address the `rustls-pemfile` advisory (bump or allowlist). 3. Run `cargo audit` to confirm clean. 4. Run `cargo build --release && cargo test`. 5. Run `cargo fmt` before pushing. 6. Open a DRAFT PR titled `chore: address cargo audit advisories`. Assign `@rubenhensen`. Mark ready after CI passes.
Security advisory (cargo audit)
lettrerustls-pemfileWhat to do
lettreto a non-vulnerable version (cargo update -p lettre, or update theCargo.tomlconstraint if needed).rustls-pemfileadvisory (bump or allowlist).cargo auditto confirm clean.cargo build --release && cargo test.cargo fmtbefore pushing.chore: address cargo audit advisories. Assign@rubenhensen. Mark ready after CI passes.