Introducing the Rust Safety Dance, a project by the Secure Code WG to audit and potentially eliminate usages of unsafe from core ecosystem (and other) crates:
https://github.com/rust-secure-code/safety-dance…
The Rust team was notified of a vulnerability affecting http://crates.io API tokens generation and storage, and out of aboundance of precaution we revoked all existing tokens. Learn more on the advisory:
cargo-audit v0.11: Introducing the `fix` feature, yanked crate detection, and more /cc @rustlanghttps://blog.rust-lang.org/inside-rust/2020/01/23/Introducing-cargo-audit-fix-and-more.html…
apps/libraries or build-time sandboxing for Cargo? We're kicking off a couple of new crates and looking for interested contributors!
- cargo-repro: https://github.com/rust-secure-code/cargo-repro…
- cargo-sandbox:
Give us your opinion! Which should be the logo for the @rustlang Secure Code Working Group? Vote here or on GitHub: https://github.com/rust-secure-code/wg/issues/1#issuecomment-471732538…
Option A: https://bit.ly/2CeAqBt
Option B: https://bit.ly/2HeYAjm@rustsecurecode#rust#rustlang