Zig Audit Tool (ZAT) - Not released yet!
Audit build.zig.zon files for security vulnerabilities intoduced through dependencies.
~/Dev/PassKeeZ$ zat --audit
Scanning build.zig.zon for vulnerabilities (8 package dependencies)
Package: zbor
Version: 0.17.0
Title: This is the first advisory published to zig-sec/advisory-db.
Date: 2025-03-16
ID: ZIGSEC-2025-0001
URL: https://zigsec.org/advisories/ZIGSEC-2025-0001/
Solution: Don't worry! But you should upgrade anyway as a new zbor release is available.
Dependency tree:
keylib 0.6.1
└──zbor 0.17.0
error: 1 vulnerability found!
Did you write a tool utilizing this database? Tell us about it by opening a Pull Request or Issue!
The Zig-Sec Advisory Database is a repository of security advisories filed against Zig packages. It is maintained by the Zig-Sec Orga.