Skip to content

Commit 45bfa54

Browse files
ehussehuss
authored
Merge pull request #3896 from rust-lang/ehuss-patch-1
Change 3872 section headers to 2nd level Markdown
2 parents f60340c + 8e5023c commit 45bfa54

File tree

1 file changed

+10
-10
lines changed

1 file changed

+10
-10
lines changed

text/3872-crates-io-security.md

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,16 @@
11
- Feature Name: crates-io-security
22
- Start Date: 2025-10-27
33
- RFC PR: [rust-lang/rfcs#3872](https://github.com/rust-lang/rfcs/pull/3872)
4-
- Rust Issue: [rust-lang/rust#3872](https://github.com/rust-lang/rust/issues/3872)
4+
- Rust Issue: [rust-lang/crates.io#12507](https://github.com/rust-lang/crates.io/issues/12507)
55

6-
# Summary
6+
## Summary
77

88
[summary]: #summary
99

1010
This RFC proposes that crates.io should provide insight into vulnerabilities and unsound
1111
API surface based on the RustSec advisory database.
1212

13-
# Motivation
13+
## Motivation
1414

1515
[motivation]: #motivation
1616

@@ -44,7 +44,7 @@ graph is a more complex problem that is outside the scope of this RFC (but see f
4444
[Log4Shell]: https://en.wikipedia.org/wiki/Log4j#Log4Shell_vulnerability
4545
[Principles for Package Repository Security]: https://repos.openssf.org/principles-for-package-repository-security.html
4646

47-
# Guide-level explanation
47+
## Guide-level explanation
4848

4949
[guide-level-explanation]: #guide-level-explanation
5050

@@ -68,7 +68,7 @@ For example, the UI could be somewhat like this:
6868
The way advisories are represented in the crates.io UI will evolve over time based on the
6969
available data and user feedback. This RFC does not mandate a specific UI design.
7070

71-
# Reference-level explanation
71+
## Reference-level explanation
7272

7373
[reference-level-explanation]: #reference-level-explanation
7474

@@ -80,7 +80,7 @@ directly.
8080

8181
[advisory-db repository]: https://github.com/RustSec/advisory-db
8282

83-
# Drawbacks
83+
## Drawbacks
8484

8585
[drawbacks]: #drawbacks
8686

@@ -97,7 +97,7 @@ that are best for their projects.
9797

9898
[ongoing discussion]: https://github.com/rust-lang/leadership-council/issues/140
9999

100-
# Rationale and alternatives
100+
## Rationale and alternatives
101101

102102
[rationale-and-alternatives]: #rationale-and-alternatives
103103

@@ -115,7 +115,7 @@ seems mostly unrelated to what crates.io does, and seems like an interesting fut
115115
[cargo-audit]: https://crates.io/crates/cargo-audit
116116
[cargo-deny]: https://crates.io/crates/cargo-deny
117117

118-
# Prior art
118+
## Prior art
119119

120120
[prior-art]: #prior-art
121121

@@ -129,15 +129,15 @@ both RustSec advisories and reviews from [cargo-crev] and [cargo-vet].
129129
[cargo-crev]: https://github.com/crev-dev/cargo-crev
130130
[cargo-vet]: https://github.com/mozilla/cargo-vet
131131

132-
# Unresolved questions
132+
## Unresolved questions
133133

134134
[unresolved-questions]: #unresolved-questions
135135

136136
This seems like a relatively straightforward feature with a limited scope. The main questions
137137
are about the desirability of the feature, the implementation approach, and the governance
138138
of the source data.
139139

140-
# Future possibilities
140+
## Future possibilities
141141

142142
[future-possibilities]: #future-possibilities
143143

0 commit comments

Comments
 (0)