This makes sense to me. I guess I'll start hunting for the equivalent of `govulncheck` for Rust...

samhclark • yesterday at 9:53 PM • 3 replies • view on HN

This makes sense to me. I guess I'll start hunting for the equivalent of `govulncheck` for Rust/Cargo.

Separately, I love the idea of the `geomys/sandboxed-step` action, but I've got such an aversion to use anyone else's actions, besides the first-party `actions/*` ones. I'll give sandboxed-step a look, sounds like it would be a nice thing to keep in my toolbox.

Replies

FiloSottile • yesterday at 9:57 PM

> I've got such an aversion to use anyone else's actions, besides the first-party `actions/*` ones

Yeah, same. FWIW, geomys/sandboxed-step goes out of its way to use the GitHub Immutable Releases to make the git tag hopefully actually immutable.

conradludgate • yesterday at 10:14 PM

https://rustsec.org/

bpavuk • yesterday at 10:02 PM

> I guess I'll start hunting for the equivalent of `govulncheck` for Rust/Cargo.

how about `cargo-audit`?

➕ show 1 reply

alt Hacker News

Replies