|
|
|
|
|
|
by carols10cents
1036 days ago
|
|
|
I'm one of the crates.io team members, and we're very grateful to Phylum for doing this analysis and alerting us! As a volunteer member, I'm also very thankful to the Rust Foundation for funding and hiring Walter Pearce, Adam Harvey, and Tobias Bieniek to work on security and crates.io (in varying proportions). They've helped lower our response time to incidents like this and made proactive improvements. Regardless of any improvements they have or will make, there's always the possibility of malware getting through defenses. Reports are important to us, taken seriously, and handled as promptly as possible. More details here: https://www.rust-lang.org/policies/security |
|
|