Discussion · bonfire.cafe

Tarmageddon is a great example of why RUSTSEC tracks unmaintained crates/libraries and why such unmaintained projects are very much security-relevant: https://edera.dev/stories/tarmageddon

#rust

Tony “Abolish ICE” Arcieri🌹🦀

@bascule@mas.to replied · 6 days ago

I'll go as far as to say one of the most infuriating things about RUSTSEC is people who show up and claim "unmaintained crates aren't security-relevant! I'll die on this hill" and it's like no, no my sweet summer child, you are simply terribly, terribly confused

Tony “Abolish ICE” Arcieri🌹🦀

@bascule@mas.to replied · 6 days ago

Every single widely-used, unmaintained crate is a security incident waiting to happen

#rust

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0-rc.3.21 no JS en

Automatic federation enabled