Skip to content

Initial stab at a security tab showing advisories #12311

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
djc wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Initial stab at a security tab showing advisories #12311

djc wants to merge 1 commit into from

Conversation

@djc
Copy link
Contributor

@djc djc commented Nov 12, 2025
edited by Turbo87
Loading

Here's my first take at implementing the security tab as proposed in RFC 3872. Resolves #12507.

This is intentionally light on details to get an initial review on my first baby Ember.js steps. Not sure how much we need to add before this gets merged.

Keeping as draft while the RFC has not been merged.

Screenshot 2025-11-12 at 11 53 29

@djc djc marked this pull request as draft November 12, 2025 10:56
@djc djc changed the title Initial tab at a security tab showing advisories Initial stab at a security tab showing advisories Dec 1, 2025
@djc djc force-pushed the security-tab branch 2 times, most recently from 118a13c to 0ad81ca Compare December 12, 2025 16:02
@djc djc marked this pull request as ready for review December 12, 2025 16:02
@djc
Copy link
Contributor Author

djc commented Dec 12, 2025

I've implemented Markdown formatting with GitHub-flavored Markdown support for the advisory details.

Seems like a decent MVP from which we can iterate further?

Turbo87
Turbo87 reviewed Dec 15, 2025
View reviewed changes
Copy link
Member

@Turbo87 Turbo87 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks like a good start! 👍

one more suggestion that did not fit into the diff: we should add tests for this new feature to https://github.com/rust-lang/crates.io/tree/main/e2e/acceptance. at least one test for displaying 2+ advisories, one for the empty state, and one for the rustsec server returning e.g. a 500 error. we use msw for network mocking, which should make it relatively straight-forward to implement. it's probably sufficient to implement the msw request handlers in the tests instead of creating a generic handler in the crates-io-msw package.

@Turbo87 Turbo87 added the C-enhancement ✨ Category: Adding new behavior or a change to the way an existing feature works label Dec 15, 2025
eth3lbert
eth3lbert reviewed Dec 15, 2025
View reviewed changes
@djc djc force-pushed the security-tab branch 4 times, most recently from 4aa6fdf to a6f7be2 Compare December 17, 2025 15:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Turbo87 Turbo87 Turbo87 left review comments

@eth3lbert eth3lbert eth3lbert left review comments

Assignees

No one assigned

Labels

A-frontend 🐹 C-enhancement ✨ Category: Adding new behavior or a change to the way an existing feature works

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Tracking issue for "Adding a crates.io Security tab"

4 participants

@djc @Turbo87 @eth3lbert @rustbot