Usage of crate parse_duration
, remove_dir_all
, time
entails security concerns
#987
Labels
bug
Something isn't working
Describe the bug
The immediate action is to revise the usage of
parse_duration
crate. The security concern is minimal, but should be considered. The other crates are difficult to address since they are transitive dependencies (tantivy
and andtempdir
)Steps to reproduce (if applicable)
Steps to reproduce the behavior:
Expected behavior
cargo audit
should be clean, consider adding an audit job on CIConfiguration:
Please provide:
Output of
pip list | grep nucliadb
No
pip
configuration necessary, this is only tracked viacargo audit
The text was updated successfully, but these errors were encountered: