Cargo.lock files for crates with security vulnerabilities reported to the
RustSec Advisory Database.
cargo audit requires Rust 1.35 or later.
cargo audit is a Cargo subcommand and can be installed with
$ cargo install cargo-audit
Once installed, run
cargo audit at the toplevel of any Cargo project.
cargo audit on Travis CI
To automatically run
cargo audit on every build in Travis CI, you can add the following to your
language: rust cache: cargo # cache cargo-audit once installed before_script: - cargo install --force cargo-audit - cargo generate-lockfile script: - cargo audit
Report vulnerabilities by opening pull requests against the RustSec Advisory Database GitHub repo:
Licensed under either of:
- Apache License, Version 2.0 (LICENSE-APACHE or https://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or https://opensource.org/licenses/MIT)
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be dual licensed as above, without any additional terms or conditions.