Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
I thought published advisories would automatically be promoted from https://github.com/owner/repo/security/advisories/GHSA-xxx to https://github.com/advisories/GHSA-xxx but it looks like this only happens for GitHub-reviewed advisories. Getting reviewed apparently requires a CVE, and I'm not a huge fan of the CVE system so I'm not going to press GitHub's "Request CVE" button (although I don't mind if someone else does). With this issue plus the known issue of the rustsec ID not being assigned until publication, it looks like I'm going to have to publish a 1.3.1 just to change the links.
- Loading branch information