Client library for accessing the RustSec Security Advisory Database:
fetches the advisory-db (or other compatible) git repository and
audits Cargo.lock
files against it.
The rustsec
crate is primarily intended to be used by the cargo-audit crate
for the purposes of identifying vulnerable crates in Cargo.lock files.
However, it may be useful if you would like to consume the RustSec advisory database in other capacities.
- Rust 1.40+
Licensed under either of:
- Apache License, Version 2.0 (LICENSE-APACHE or https://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or https://opensource.org/licenses/MIT)
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be dual licensed as above, without any additional terms or conditions.