Crates.io: Development Update
2 months ago
- #crates.io
- #Rust
- #security
- New 'Security' tab on crate pages displays RustSec advisories for known vulnerabilities.
- Trusted Publishing now supports GitLab CI/CD and has a 'Trusted Publishing Only' mode.
- Blocked GitHub Actions triggers (pull_request_target and workflow_run) for security.
- Source lines of code (SLOC) metrics added to crate pages for size insight.
- New 'pubtime' field in crate index entries for tracking publication times.
- Ongoing migration to Svelte frontend for modernization and better contributor experience.
- Miscellaneous updates include Cargo user agent filtering, HTML emails, encrypted GitHub tokens, and CDN optimizations.