Slacker News Slacker News logo featuring a lazy sloth with a folded newspaper hat
  • top
  • new
  • show
  • ask
  • jobs
Library
← Back to context

Comment by hulitu

1 year ago

> Tools like `cargo audit` can tell you statically based on the lockfile which dependencies have security vulnerabilities reported against them

known security vulnerabilities. If someone compromises your cargo repository (see npm for examples) all your safety is gone.

0 comments

hulitu

Reply

No comments yet

Contribute on Hacker News ↗

Slacker News

Product

  • API Reference
  • Hacker News RSS
  • Source on GitHub

Community

  • Support Ukraine
  • Equal Justice Initiative
  • GiveWell Charities