Skip to content

Add wasm-pack dependency vulnerability monitoring #486

Description

@collinsadi

Rust WASM build chain deps are not monitored separately from contracts workspace.

Include scanner crate in cargo audit CI and track wasm-bindgen advisories.

Acceptance criteria:

  • Scanner audited on every PR.
  • Advisories triaged within SLA.
  • Documented in supply-chain policy.

Metadata

Metadata

Assignees

No one assigned

    Labels

    p2Required for reliable v1 after P0/P1scannerRust/WASM scanner and event discoverysecuritySecurity-sensitive implementation or processsecurity relatedSecurity vulnerability or hardening work

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions