How should Inspector handle Rust? #2
mlieberman85
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Inspector currently runs into some issues when people have workspaces with multiple crates or if they have crates that are private (i.e. not public and open source.) For example it often views those as unknown supply chain objects and most likely malicious, which is usually not the case. In some cases like workspaces it's easy to just say that anything in the workspace is fine, but if the crate is a separate repo internally that could cause some issues.
In addition there's been some debate among folks on what constitutes good security practices and good security tools with cargo and rust.
I'm happy to hear thoughts from folks, and if anyone has specific flows they like to use.
Beta Was this translation helpful? Give feedback.
All reactions