Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/mozilla/cargo-vet
supply-chain security for Rust
https://github.com/mozilla/cargo-vet
Make it easier for users to learn more about registry entries
bholley opened this issue almost 2 years ago
bholley opened this issue almost 2 years ago
Recover gracefully from errors parsing the cargo-vet registry
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Recording violations with non-binary audit criteria
djkoloski opened this issue almost 2 years ago
djkoloski opened this issue almost 2 years ago
Allow import and registry URLs to be an array
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Allow import/registry URL fields to be an array
bholley opened this issue almost 2 years ago
bholley opened this issue almost 2 years ago
Bump thiserror from 1.0.31 to 1.0.40
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
Update book to describe audit-as-crates-io guessing behavior
bholley opened this pull request almost 2 years ago
bholley opened this pull request almost 2 years ago
Default audit-as-crates-io to true on init if description matches
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Update the book to reflect registry suggestion and criteria mapping changes
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Emit a help message for some cargo metadata errors
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Force fetching publisher information for non-dependency crates in certify
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Consider a "bare" / "publish-only" instance concept for repositories without Cargo.lock
bholley opened this issue almost 2 years ago
bholley opened this issue almost 2 years ago
Bump miette from 5.1.0 to 5.6.0
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
Track the version of cargo-vet used to create the supply-chain store
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Add support for registry suggestions
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Map criteria into the local namespace eagerly when importing
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Add Fermyon to the registry
bholley opened this pull request almost 2 years ago
bholley opened this pull request almost 2 years ago
Eagerly map criteria into the local namespace
bholley opened this issue almost 2 years ago
bholley opened this issue almost 2 years ago
Enforce version consistency between tool and instance data
bholley opened this issue almost 2 years ago
bholley opened this issue almost 2 years ago
Add chromeos to the registry
bholley opened this pull request almost 2 years ago
bholley opened this pull request almost 2 years ago
Fix wildcard audits from the network being considered non-fresh by default
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Bump thiserror from 1.0.31 to 1.0.39
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
Emit an error when trying to remap remote built-in criteria
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Consider allowing built-in criteria mappings to be customized when importing
mystor opened this issue almost 2 years ago
mystor opened this issue almost 2 years ago
Improve wildcard audit docs
bholley opened this pull request almost 2 years ago
bholley opened this pull request almost 2 years ago
Pass a high visibility parameter when loading sourcegraph diffs.
bholley opened this pull request almost 2 years ago
bholley opened this pull request almost 2 years ago
Strange internal failures
hpenne opened this issue almost 2 years ago
hpenne opened this issue almost 2 years ago
Add some reference-level documentation for wildcard entries
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Update store after adding a wildcard audit
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Certifying a wildcard audit doesn't activate it until `vet check` is run again
bholley opened this issue almost 2 years ago
bholley opened this issue almost 2 years ago
Tweak wildcard certify message
bholley opened this pull request almost 2 years ago
bholley opened this pull request almost 2 years ago
FR: Surfacing prior certification information in `cargo vet diff` output
gburgessiv opened this issue almost 2 years ago
gburgessiv opened this issue almost 2 years ago
Add a CI job to ensure cargo-vet builds on rust 1.65
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Ensure cargo-vet builds on rustc 1.61
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Replace Firefox audits with aggregated Mozilla audits in registry
bholley opened this pull request almost 2 years ago
bholley opened this pull request almost 2 years ago
Minimal imports seem to result in exemptions taking precedence over imports
bholley opened this issue almost 2 years ago
bholley opened this issue almost 2 years ago
Avoid removing unnecessary imports and exemptions unless explicitly requested
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Avoid removing unnecessary imports and exemptions unless explicitly requested
mystor opened this issue almost 2 years ago
mystor opened this issue almost 2 years ago
Avoid unrelated imports during certify and vet
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Correctly handle importing audits for multiple versions
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
FR: consider adding `default-audit-criteria` to config.toml
gburgessiv opened this issue almost 2 years ago
gburgessiv opened this issue almost 2 years ago
Update installation instructions to pass --locked to cargo install
bholley opened this pull request almost 2 years ago
bholley opened this pull request almost 2 years ago
Relax crate policy checks to only require versions for all crates in the
afranchuk opened this pull request almost 2 years ago
afranchuk opened this pull request almost 2 years ago
Add an option to create wildcard audits with certify
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Exhaustivity requirements for versioned policy entries are too broad
bholley opened this issue almost 2 years ago
bholley opened this issue almost 2 years ago
Document wildcard audits in the book
mystor opened this issue almost 2 years ago
mystor opened this issue almost 2 years ago
Add a flow to `certify` for creating wildcard audits
mystor opened this issue almost 2 years ago
mystor opened this issue almost 2 years ago
Bump filetime from 0.2.16 to 0.2.20
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
Avoid importing self audits when pulling from an aggregated source
bholley opened this issue almost 2 years ago
bholley opened this issue almost 2 years ago
Import only the minimal number of audits required for vet to pass
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Wildcard audits
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Add base64 decoding for gitiles.
afranchuk opened this pull request almost 2 years ago
afranchuk opened this pull request almost 2 years ago
Clippy suggested fixes
afranchuk opened this pull request almost 2 years ago
afranchuk opened this pull request almost 2 years ago
Bump serde from 1.0.137 to 1.0.152
dependabot[bot] opened this pull request almost 2 years ago
dependabot[bot] opened this pull request almost 2 years ago
Enable Base64 decoding for googlesource.com
djkoloski opened this issue almost 2 years ago
djkoloski opened this issue almost 2 years ago
Add support (and requirements) for crate policies to have associated versions
afranchuk opened this pull request almost 2 years ago
afranchuk opened this pull request almost 2 years ago
Consider inverting `audit-as-crates-io`
afranchuk opened this issue almost 2 years ago
afranchuk opened this issue almost 2 years ago
Consider pulling in imports via an explicit command
bholley opened this issue almost 2 years ago
bholley opened this issue almost 2 years ago
Extra newlines at the end of TOML files
divergentdave opened this issue almost 2 years ago
divergentdave opened this issue almost 2 years ago
Deny unknown fields in audit and criteria entries
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Imports should drop audits with unkown fields
bholley opened this issue almost 2 years ago
bholley opened this issue almost 2 years ago
Typo fixes and editorial changes to improve reading the book.
afranchuk opened this pull request almost 2 years ago
afranchuk opened this pull request almost 2 years ago
Remove uncertainty and the blaming step from the resolver
mystor opened this pull request almost 2 years ago
mystor opened this pull request almost 2 years ago
Consider sub-crate feature exclusions for audits
bholley opened this issue about 2 years ago
bholley opened this issue about 2 years ago
Entries for third-party crates in the policy table should be version-associated
bholley opened this issue about 2 years ago
bholley opened this issue about 2 years ago
When suggesting audits for a git revision, try suggesting audits for the base revision first
mystor opened this issue about 2 years ago
mystor opened this issue about 2 years ago
RFC: Shallow Criteria
bholley opened this issue about 2 years ago
bholley opened this issue about 2 years ago
Bump url from 2.2.2 to 2.3.0
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
Bump console from 0.15.0 to 0.15.5
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
Changing criteria on one workspace crate affects criteria applied to others
divergentdave opened this issue about 2 years ago
divergentdave opened this issue about 2 years ago
RFC: Remove Dependency Criteria for Audits
bholley opened this issue about 2 years ago
bholley opened this issue about 2 years ago
Bump serde from 1.0.137 to 1.0.151
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
Bump thiserror from 1.0.31 to 1.0.38
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
Bump filetime from 0.2.16 to 0.2.19
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
Bump miette from 5.1.0 to 5.5.0
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
RFC: Wildcard Audits
bholley opened this issue about 2 years ago
bholley opened this issue about 2 years ago
Bump clap from 3.2.6 to 3.2.23
dependabot[bot] opened this pull request about 2 years ago
dependabot[bot] opened this pull request about 2 years ago
Bump crates-index from 0.18.8 to 0.18.10
dependabot[bot] opened this pull request over 2 years ago
dependabot[bot] opened this pull request over 2 years ago
Bump tracing-subscriber from 0.3.11 to 0.3.16
dependabot[bot] opened this pull request over 2 years ago
dependabot[bot] opened this pull request over 2 years ago
Basic auth and/or ssh url support for cargo aggregate
agraven opened this issue over 2 years ago
agraven opened this issue over 2 years ago
Bump similar from 2.1.0 to 2.2.0
dependabot[bot] opened this pull request over 2 years ago
dependabot[bot] opened this pull request over 2 years ago
Consider implementing redirects for audits.toml
bholley opened this issue over 2 years ago
bholley opened this issue over 2 years ago
--filter-graph syntax/parser improvements
Gankra opened this issue over 2 years ago
Gankra opened this issue over 2 years ago
Implement suggestions from the registry
bholley opened this issue over 2 years ago
bholley opened this issue over 2 years ago
Implement checksums
bholley opened this issue over 2 years ago
bholley opened this issue over 2 years ago
implement validation of input files
Gankra opened this issue over 2 years ago
Gankra opened this issue over 2 years ago
implement "target" features
Gankra opened this issue over 2 years ago
Gankra opened this issue over 2 years ago