Comment by hulitu
1 year ago
> Tools like `cargo audit` can tell you statically based on the lockfile which dependencies have security vulnerabilities reported against them
known security vulnerabilities. If someone compromises your cargo repository (see npm for examples) all your safety is gone.
No comments yet
Contribute on Hacker News ↗