Pre-RFC: Reviving "Security advisories in crates.io" (RFC PR #1752)

We should definitely push for dynamic linking system libraries on sane distributions, even ignoring the security benefits. I do think eliminate all vendered C code sounds impossible, but such crates should own those vulnerabilities.

1 Like